www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herocosmetics.us/
Effective URL:
https://www.herocosmetics.us/
Submission: On September 18 via manual (September 18th 2023, 7:31:33 am UTC) from VN — Scanned from US

Summary HTTP 265 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 63 IPs in 7 countries across 82 domains to perform 265 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is www.herocosmetics.us.
TLS certificate: Issued by R3 on August 24th 2023. Valid for: 3 months.

This is the only time www.herocosmetics.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
63	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:141b:13:... 2600:141b:13:7a1::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	2606:4700:20:... 2606:4700:20::681a:44f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:220... 2600:9000:2209:f400:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
4	2600:9000:21d... 2600:9000:21da:200:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.93.109 13.35.93.109	16509 (AMAZON-02) (AMAZON-02)
2	34.120.58.162 34.120.58.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	23.49.248.203 23.49.248.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.225.63.247 13.225.63.247	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:267e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.64.144.121 172.64.144.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.148.35 172.64.148.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.233.195.186 3.233.195.186	14618 (AMAZON-AES) (AMAZON-AES)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
6	2600:9000:24f... 2600:9000:24f1:fe00:a:78b:4e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.139.53.136 108.139.53.136	16509 (AMAZON-02) (AMAZON-02)
12	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21d... 2600:9000:21dd:6800:1:d5ae:c900:21	16509 (AMAZON-02) (AMAZON-02)
1	52.219.108.186 52.219.108.186	16509 (AMAZON-02) (AMAZON-02)
1	185.146.173.20 185.146.173.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e2:... 2606:4700:e2::ac40:8c1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.238.55.55 18.238.55.55	16509 (AMAZON-02) (AMAZON-02)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2600:141b:13:... 2600:141b:13:7a6::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 41	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
3	52.6.11.66 52.6.11.66	14618 (AMAZON-AES) (AMAZON-AES)
2	192.229.163.223 192.229.163.223	15133 (EDGECAST) (EDGECAST)
1	44.214.249.104 44.214.249.104	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4 4	68.67.178.10 68.67.178.10	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	107.23.111.41 107.23.111.41	14618 (AMAZON-AES) (AMAZON-AES)
1 1	108.138.106.100 108.138.106.100	16509 (AMAZON-02) (AMAZON-02)
1	23.105.12.150 23.105.12.150	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3 3	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	184.50.205.247 184.50.205.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:612... 2600:1f18:612b:4232:333c:fbab:e531:2e93	14618 (AMAZON-AES) (AMAZON-AES)
1	198.54.201.131 198.54.201.131	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 2	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	18.164.113.226 18.164.113.226	16509 (AMAZON-02) (AMAZON-02)
1	35.186.196.148 35.186.196.148	15169 (GOOGLE) (GOOGLE)
1	3.214.176.219 3.214.176.219	14618 (AMAZON-AES) (AMAZON-AES)
1	52.1.135.30 52.1.135.30	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.210.106.16 54.210.106.16	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.39.147.20 52.39.147.20	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1 1	3.13.10.152 3.13.10.152	16509 (AMAZON-02) (AMAZON-02)
1 1	18.219.26.209 18.219.26.209	16509 (AMAZON-02) (AMAZON-02)
4 4	54.36.150.180 54.36.150.180	16276 (OVH) (OVH)
3 3	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
1	34.239.232.190 34.239.232.190	14618 (AMAZON-AES) (AMAZON-AES)
2 2	108.139.47.50 108.139.47.50	16509 (AMAZON-02) (AMAZON-02)
3 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
2 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1	54.235.139.126 54.235.139.126	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.208.211.39 54.208.211.39	14618 (AMAZON-AES) (AMAZON-AES)
1 1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1 1	35.173.120.247 35.173.120.247	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	63.32.22.194 63.32.22.194	16509 (AMAZON-02) (AMAZON-02)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
265	63

1 23.227.38.32 (Ottawa, Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

www.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:141b:13:7a1::1d72 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn-widgetsrepository.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::681a:44f (United States)

ASN13335 (CLOUDFLARENET, US)

cld.accentuate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:f400:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21da:200:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-109.jfk50.r.cloudfront.net

static.myshlf.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.58.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.58.120.34.bc.googleusercontent.com

shopify-gtm-suite.getelevar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:38::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

ssapi.herocosmetics.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.49.248.203 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-203.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.63.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-247.ewr53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:267e (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.streetmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.144.121 (United States)

ASN13335 (CLOUDFLARENET, US)

hero.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.35 (United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.195.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-195-186.compute-1.amazonaws.com

loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9c (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:24f1:fe00:a:78b:4e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

creatives.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.53.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-53-136.jfk50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.227.60.200 (Leduc, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:6800:1:d5ae:c900:21 (United States)

ASN16509 (AMAZON-02, US)

d275fvz7g8rvo.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.108.186 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

pc-quiz.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)

geolocation-recommendations.shopifyapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8c1d (United States)

ASN13335 (CLOUDFLARENET, US)

app.backinstock.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-55.jfk52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13:7a6::1931 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.6.11.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-11-66.compute-1.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.163.223 (United States)

ASN15133 (EDGECAST, US)

cdn-swell-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.214.249.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-249-104.compute-1.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.178.10 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.23.111.41 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-111-41.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.100 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-100.jfk50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.150 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.26.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.50.205.247 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-247.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:333c:fbab:e531:2e93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.54.201.131 (United States)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-01-pub-prod-nyc.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.233 (Secaucus, United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.113.226 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-113-226.jfk50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.196.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.196.186.35.bc.googleusercontent.com

sync.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.176.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-176-219.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.135.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-135-30.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.106.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-106-16.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.39.147.20 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-147-20.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.10.152 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-10-152.us-east-2.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.219.26.209 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-26-209.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.180 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip180.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.64.66 (Old Bridge, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.232.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-232-190.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.50 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-50.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.139.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-139-126.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.211.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-211-39.compute-1.amazonaws.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.120.247 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-120-247.compute-1.amazonaws.com

sync-amazon.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.113 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.22.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-22-194.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

herocosmetics.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	herocosmetics.us 2 redirects herocosmetics.us — Cisco Umbrella Rank: 891291 www.herocosmetics.us ssapi.herocosmetics.us	1 MB
41	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 429	29 KB
21	accentuate.io cld.accentuate.io — Cisco Umbrella Rank: 69979	349 KB
15	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4436 hero.attn.tv creatives.attn.tv — Cisco Umbrella Rank: 9999	1 MB
12	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2456	746 KB
10	yotpo.com cdn-widgetsrepository.yotpo.com — Cisco Umbrella Rank: 10829 loyalty.yotpo.com — Cisco Umbrella Rank: 68255 staticw2.yotpo.com — Cisco Umbrella Rank: 8017 cdn-loyalty.yotpo.com — Cisco Umbrella Rank: 15657 cdn-swell-assets.yotpo.com — Cisco Umbrella Rank: 19774 p.yotpo.com — Cisco Umbrella Rank: 8129	622 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	395 KB
8	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3514 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4456	42 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3606 ekr.zdassets.com — Cisco Umbrella Rank: 4366	349 KB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 955	2 KB
6	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	3 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1031	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	4 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 875	141 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 5952	1 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 509 cms.analytics.yahoo.com — Cisco Umbrella Rank: 2484	864 B
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	3 KB
3	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 863	665 B
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781	2 KB
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 3472	1 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6803	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 691	14 KB
3	google.com www.google.com — Cisco Umbrella Rank: 11 analytics.google.com — Cisco Umbrella Rank: 270	852 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 2277	2 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1547 image6.pubmatic.com — Cisco Umbrella Rank: 1171	775 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2139	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 713	782 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 239	708 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 2046 lm.serving-sys.com — Cisco Umbrella Rank: 3748	777 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 954	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 649 token.rubiconproject.com — Cisco Umbrella Rank: 764	1 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1035 usermatch.krxd.net — Cisco Umbrella Rank: 2755	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 919	1 KB
2	connatix.com 2 redirects capi.connatix.com — Cisco Umbrella Rank: 2428	629 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1150	20 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	60 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 802	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1100	33 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	168 KB
2	getelevar.com shopify-gtm-suite.getelevar.com — Cisco Umbrella Rank: 20616	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	23 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683	7 KB
1	zendesk.com herocosmetics.zendesk.com	1 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8895	161 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1624	443 B
1	yieldmo.com 1 redirects sync-amazon.ads.yieldmo.com — Cisco Umbrella Rank: 10853	611 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 3122	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 5150	492 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 2259	359 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 2038	635 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 10028	656 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 5508	186 B
1	fout.jp sync.rfp.fout.jp — Cisco Umbrella Rank: 7940	284 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 6780	879 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 4071	122 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 9789	389 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 1088	471 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011	671 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 936	640 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	725 B
1	t.co t.co — Cisco Umbrella Rank: 707	375 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 2076	637 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1759	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	15 KB
1	backinstock.org app.backinstock.org — Cisco Umbrella Rank: 17175	27 KB
1	shopifyapps.com geolocation-recommendations.shopifyapps.com — Cisco Umbrella Rank: 9508	19 KB
1	amazonaws.com pc-quiz.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 107379	3 KB
1	cloudfront.net d275fvz7g8rvo.cloudfront.net	2 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2469	12 KB
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 4523	249 B
1	streetmetrics.io pixel.streetmetrics.io — Cisco Umbrella Rank: 28650	44 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	89 KB
1	shop.app shop.app — Cisco Umbrella Rank: 5608	2 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 958	315 B
1	myshlf.us static.myshlf.us — Cisco Umbrella Rank: 111604	1 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4860	10 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1425	39 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	myvisualiq.net Failed t.myvisualiq.net Failed
265	82

	Domain	Requested by
63	www.herocosmetics.us	www.herocosmetics.us shopify-gtm-suite.getelevar.com
41	s.amazon-adsystem.com	1 redirects www.herocosmetics.us s.amazon-adsystem.com
21	cld.accentuate.io	www.herocosmetics.us
12	cdn.shopify.com	www.herocosmetics.us
9	cdn.cookielaw.org	www.herocosmetics.us cdn.cookielaw.org shopify-gtm-suite.getelevar.com
7	tr.snapchat.com	1 redirects sc-static.net
6	static.zdassets.com	www.herocosmetics.us static.zdassets.com
6	creatives.attn.tv	cdn.attn.tv creatives.attn.tv www.herocosmetics.us
6	static.klaviyo.com	www.herocosmetics.us static.klaviyo.com ssapi.herocosmetics.us
5	ct.pinterest.com	www.herocosmetics.us s.pinimg.com
5	fonts.googleapis.com	creatives.attn.tv staticw2.yotpo.com cdn-swell-assets.yotpo.com
5	hero.attn.tv	shopify-gtm-suite.getelevar.com creatives.attn.tv
5	analytics.tiktok.com	www.herocosmetics.us analytics.tiktok.com
5	ssapi.herocosmetics.us	1 redirects www.herocosmetics.us shopify-gtm-suite.getelevar.com ssapi.herocosmetics.us
4	cookie-matching.mediarithmics.com	4 redirects
4	ib.adnxs.com	4 redirects
4	cdn.attn.tv	www.herocosmetics.us cdn.attn.tv
3	us-u.openx.net	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	match.360yield.com	3 redirects
3	mpsnare.iesnare.com	staticw2.yotpo.com mpsnare.iesnare.com
3	bat.bing.com	ssapi.herocosmetics.us bat.bing.com
3	cdn-widgetsrepository.yotpo.com	www.herocosmetics.us cdn-widgetsrepository.yotpo.com
2	loadus.exelator.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	eb2.3lift.com	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.stickyadstv.com	2 redirects
2	capi.connatix.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	cdn-swell-assets.yotpo.com	cdn-loyalty.yotpo.com cdn-swell-assets.yotpo.com
2	s.pinimg.com	ssapi.herocosmetics.us s.pinimg.com
2	staticw2.yotpo.com	www.herocosmetics.us staticw2.yotpo.com
2	pixel.tapad.com	2 redirects
2	www.facebook.com	www.herocosmetics.us
2	www.google.com	www.herocosmetics.us
2	stats.g.doubleclick.net	1 redirects www.googletagmanager.com
2	sc-static.net	www.herocosmetics.us tr.snapchat.com
2	connect.facebook.net	www.herocosmetics.us connect.facebook.net
2	static-tracking.klaviyo.com	static.klaviyo.com
2	shopify-gtm-suite.getelevar.com	www.herocosmetics.us
2	cdnjs.cloudflare.com	www.herocosmetics.us
1	maxcdn.bootstrapcdn.com	cdn-swell-assets.yotpo.com
1	herocosmetics.zendesk.com	static.zdassets.com
1	content.hotjar.io	www.herocosmetics.us
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	sync-amazon.ads.yieldmo.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	crb.kargo.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	sync.rfp.fout.jp	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	rtb-csync.smartadserver.com	s.amazon-adsystem.com
1	aa.agkn.com	1 redirects
1	analytics.twitter.com
1	t.co
1	script.hotjar.com	static.hotjar.com
1	alb.reddit.com
1	p.yotpo.com
1	ekr.zdassets.com	shopify-gtm-suite.getelevar.com
1	www.redditstatic.com	ssapi.herocosmetics.us
1	static.ads-twitter.com	ssapi.herocosmetics.us
1	static.hotjar.com	ssapi.herocosmetics.us
1	googleads.g.doubleclick.net	ssapi.herocosmetics.us
1	app.backinstock.org	www.herocosmetics.us
1	geolocation-recommendations.shopifyapps.com	www.herocosmetics.us
1	pc-quiz.s3.us-east-2.amazonaws.com	www.herocosmetics.us
1	d275fvz7g8rvo.cloudfront.net	www.herocosmetics.us
1	cdn-loyalty.yotpo.com	www.herocosmetics.us
1	www.datadoghq-browser-agent.com	www.herocosmetics.us
1	analytics.google.com	www.googletagmanager.com
1	loyalty.yotpo.com	www.herocosmetics.us
1	events.attentivemobile.com	cdn.attn.tv
1	pixel.streetmetrics.io	www.herocosmetics.us
1	www.googletagmanager.com	ssapi.herocosmetics.us
1	shop.app	www.herocosmetics.us
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.myshlf.us	www.herocosmetics.us
1	www.dwin1.com	www.herocosmetics.us
1	unpkg.com	www.herocosmetics.us
1	herocosmetics.us	1 redirects
0	sync.search.spotxchange.com Failed	s.amazon-adsystem.com
0	t.myvisualiq.net Failed	s.amazon-adsystem.com
265	103

This site contains links to these domains. Also see Links.

Domain
heroskinsquad.socialmedialink.com
support.herocosmetics.us
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.herocosmetics.us R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.yotpo.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-04` - `2024-02-07`	a year	crt.sh
accentuate.io E1	`2023-08-13` - `2023-11-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M02	`2023-02-28` - `2023-12-01`	9 months	crt.sh
static.klaviyo.com R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
static.myshlf.us Amazon RSA 2048 M03	`2023-08-11` - `2024-09-08`	a year	crt.sh
shopify-gtm-suite.getelevar.com GTS CA 1D4	`2023-08-30` - `2023-11-28`	3 months	crt.sh
ssapi.herocosmetics.us GTS CA 1D4	`2023-09-05` - `2023-12-04`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
shop.app R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
streetmetrics.io E1	`2023-08-06` - `2023-11-04`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
*.yotpo.xyz Amazon RSA 2048 M02	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
cdn.shopify.com E1	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-28`	a year	crt.sh
geolocation-recommendations.shopifyapps.com E1	`2023-08-28` - `2023-11-26`	3 months	crt.sh
backinstock.org Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
yotpo.com Amazon RSA 2048 M02	`2023-02-22` - `2024-03-22`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.rfp.fout.jp RapidSSL TLS RSA CA G1	`2023-08-03` - `2024-09-02`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2022-11-16` - `2023-12-15`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh
*.prod.use1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-10` - `2023-12-09`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
herocosmetics.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-30` - `2024-04-29`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.herocosmetics.us/
Frame ID: FA8E1273D1FF1334C5AFEC28DFC831F1
Requests: 189 HTTP requests in this frame

Frame: https://www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-custom-pixel@0559/sandbox/modern/
Frame ID: 28B666EF425CD3CE9CA96F6F494FB8A6
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed&u_scsid=0f73db6c-1d96-4c05-a2bf-b2988f28bbb5&u_sclid=56dd26b4-6968-4927-b40a-ea204ae367bf
Frame ID: 4A0D2508DFBBCF4C5E2B78B450C0A967
Requests: 2 HTTP requests in this frame

Frame: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Frame ID: 217BCC1CDF2F6522F29C67E1CEF01B2D
Requests: 11 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1694816406875&pnid=140&pcid=c7fed85c-4210-4d7e-8d2e-a6a773f88829
Frame ID: C3DD0721BBFECCA7AAAF5E78CAFA6637
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=399980115955095300&dcc=t
Frame ID: 36F45F439449F46F4DBF8C2581FB41B5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie
Frame ID: 651530A2F165844A2839938AFD264602
Requests: 48 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: 0DD08F4FFCBF2EE8D141E20883FA7747
Requests: 6 HTTP requests in this frame

Frame: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Frame ID: 37D6B2EAAE7B31A1FCBF9E08A8B57D84
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: B1533F8E608B00B9175F6036F1267569
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hero Cosmetics | Empowering Acne Prone SkinBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://herocosmetics.us/ HTTP 301
https://www.herocosmetics.us/ Page URL

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

265
Requests

85 %
HTTPS

27 %
IPv6

82
Domains

103
Subdomains

63
IPs

7
Countries

5817 kB
Transfer

13470 kB
Size

127
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://heroskinsquad.socialmedialink.com/members/sign_in?utm_source=community&utm_medium=skinsquad&utm_campaign=invite#/
Title: Join Skin Squad

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us/articles/360053004294-What-s-your-return-policy-
Title: Returns

Search URL Search Domain Scan URL

URL: https://www.instagram.com/herocosmetics/
Title: Visit our instagram site

Search URL Search Domain Scan URL

URL: https://www.facebook.com/herocosmetics/
Title: Visit our facebook site

Search URL Search Domain Scan URL

URL: https://twitter.com/herocosmetics/
Title: Visit our twitter site

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0wZCPILuEVZaTPCUutXPag
Title: Visit our youtube site

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@herocosmetics
Title: Visit our tiktok site

Search URL Search Domain Scan URL

URL: https://www.instagram.com/terrellbritten/
Title: Go to https://www.instagram.com/terrellbritten/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lukayamilica/
Title: Go to https://www.instagram.com/lukayamilica/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/situationalskincare/
Title: Go to https://www.instagram.com/situationalskincare/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/diaryoftroubledskin/
Title: Go to https://www.instagram.com/diaryoftroubledskin/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gabstamas/
Title: Go to https://www.instagram.com/gabstamas/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jasmm_skinjawn/
Title: Go to https://www.instagram.com/jasmm_skinjawn/

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://support.herocosmetics.us/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herocosmetics.us/ HTTP 301
https://www.herocosmetics.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://ssapi.herocosmetics.us/j/collect?v=1&_v=j101&aip=1&a=1866806145&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAEKI~&jid=1524817180&gjid=1998516869&cid=272856543.1695022285&tid=UA-102753205-1&_gid=1073059079.1695022285&_fplc=0&_r=1&gtm=45Fe39d0n81N73MWQN&z=180067776 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102753205-1&cid=272856543.1695022285&jid=1524817180&_gid=1073059079.1695022285&gjid=1998516869&_v=j101&z=180067776 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=272856543.1695022285&jid=1524817180&_v=j101&z=180067776

Request Chain 131

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1695022284978&u_scsid=5a12b7c0-16a5-45ad-b0d1-725a1b6de689&u_sclid=409d6b99-d81c-4608-971c-97b0c00c1d1d HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1694816406875%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1694816406875%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1694816406875&pnid=140&pcid=c7fed85c-4210-4d7e-8d2e-a6a773f88829

Request Chain 158

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=399980115955095300 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=399980115955095300&dcc=t

Request Chain 190

https://ib.adnxs.com/setuid/a9?entity=188&code=AKtvri0zR-qg-_dmqav6BA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DAKtvri0zR-qg-_dmqav6BA%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AKtvri0zR-qg-_dmqav6BA

Request Chain 191

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=fYiqDTwSRLyCjBMCaryHxQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=fYiqDTwSRLyCjBMCaryHxQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=ae119d61-f561-48c8-8d45-8b897946cfdb

Request Chain 192

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=214230604643004055977&ex=neustar.biz

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=Wq5VD_lBSUikGostGxB5VQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=Wq5VD_lBSUikGostGxB5VQ&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZQf8ziY4BtOYfoagiXK3tAAA

Request Chain 195

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=4a7dd19d4eb324e80b48cd90a9dd16f6

Request Chain 196

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 197

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=0jZ8cAVsQ4q_QYEwxewDAg HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=0jZ8cAVsQ4q_QYEwxewDAg&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=0jZ8cAVsQ4q_QYEwxewDAg

Request Chain 198

https://capi.connatix.com/us/pixel?pId=32&puId=Z9EeG7WRSJ2TqLO4JGAqiw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D HTTP 302
https://capi.connatix.com/us/pixel?pId=32&puId=Z9EeG7WRSJ2TqLO4JGAqiw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D&final=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=Z9EeG7WRSJ2TqLO4JGAqiw

Request Chain 200

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=7332e8beee2c4ae19c6883cff9274761

Request Chain 202

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-E_QrDnRE2pF9oe2pe8JvNseWE29GuhgAjpsY~A&status=OK&ex=gemini

Request Chain 203

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=acae05278fcc25e15be6081baba4efb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 204

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 207

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=ae119d61-f561-48c8-8d45-8b897946cfdb&ex=improvedigital.com

Request Chain 209

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=11d706812fcbcbe39

Request Chain 210

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rQ4GmxjrTBCpCKu1Cv96Ug&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQ4GmxjrTBCpCKu1Cv96Ug

Request Chain 211

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=DueIyMYmTnu3iNMNS9CL8g&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1a9e4fa69a4e78d7f692763a9b652d4&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=DueIyMYmTnu3iNMNS9CL8g

Request Chain 212

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=UKwL1tPSSkiYNnlkTaJKig&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=UKwL1tPSSkiYNnlkTaJKig&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13106388975118785264064329789567090867

Request Chain 213

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=uNQCug3DSlWH5Rp1_Ugdow HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594858868441447362&gdpr=&gdpr_consent=

Request Chain 214

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4305385767934839413

Request Chain 216

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22d77e83ca-545f-4a8e-abc5-92ae21319125%22,%22Time%22:%2220230918T073127.252015%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d77e83ca-545f-4a8e-abc5-92ae21319125

Request Chain 217

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEOdEX8wxbqY3yrSGnuAR8ts&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOdEX8wxbqY3yrSGnuAR8ts&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5730215081755541431&opid=apx&ops=&utidl=tech:goo:CAESEOdEX8wxbqY3yrSGnuAR8ts&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 303
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-49741418875&gdpr=0

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPIOXq2yp_gmLX5b8iFwZFs&google_cver=1

Request Chain 220

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3381d1398a6f53af063d9c812a8118d8

Request Chain 221

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=f12acfee-a030-cdc4-1d5a-26f465198a70

Request Chain 222

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LFXL_nYMTKvoLMWU8BfZgTc4cf84ZgIC

Request Chain 223

https://eb2.3lift.com/xuid?mid=8341&xuid=invV5oXuTxuAnl-26Bgv1g&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=invV5oXuTxuAnl-26Bgv1g&dongle=az46&gdpr=0&cmp_cs=&us_privacy=&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=2993537602421251521901

Request Chain 224

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=CA6AC2EE99268155

Request Chain 226

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5730215081755541431&ex=appnexus.com

Request Chain 227

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=dnGtqpvyTpaO3E1p_vEa0g&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=dnGtqpvyTpaO3E1p_vEa0g

Request Chain 228

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=jCufeuGTU2mfzKq-3Ibggg&ex=rubiconproject.com&status=ok

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=pl0XYF1LT-OSUEoOuhd0Fw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 230

https://loadus.exelator.com/load/?p=204&g=8888&j=0 HTTP 302
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e3cba261e24724e120afcdb43cdf4bc9

Request Chain 231

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0ACFFC07652500D6C2022E8922

Request Chain 232

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4dbd7ff578bd59fb8835f8798ab630c2acc2c91ae7968333eaceb373dd13bd39

Request Chain 233

https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=JXD5kp2wSCeMjw7khbgTgA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=JXD5kp2wSCeMjw7khbgTgA

Request Chain 234

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=25D285F4-6DBB-4FD1-B35F-27D0159F9F85

Request Chain 235

https://us-u.openx.net/w/1.0/sd?id=537072986&val=lJOTn1JkRSy00MC3hroi9A&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=lJOTn1JkRSy00MC3hroi9A

Request Chain 236

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=6567768b-e191-4a0a-88fd-3bc6dc26627e-tuctc018250

265 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.herocosmetics.us/
Redirect Chain

http://herocosmetics.us/
https://www.herocosmetics.us/

336 KB
50 KB

178ms
86ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

be6f848e03258e6446f687863fd27c600bce134c233d30acb67c1eba7e72de36

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8087e3979ebbd9cd-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Mon, 18 Sep 2023 07:31:23 GMT
etag: W/"cacheable:ccc4fb5ac6d8df6856117a13fa40ff5e"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ped6MwBc8T9co6k7CfLhNSHMNKUdplf%2BsHrP4fh8QiGp8MajYwEProOAKCglnWks9JFpoBCPmUuIOcVhEHv87RyHozhDEQdxgiCnV%2BPx%2Ff%2B6agGwN00dN%2BAMRNRZpo7Tyi%2BvoqAr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=14, db;dur=4, asn;desc="9009", edge;desc="MIA", country;desc="US", theme;desc="124793159722", pageType;desc="index", servedBy;desc="vm4v", requestID;desc="cd75168a-3392-4eb6-8950-e0463c3f0d08" cfRequestDuration;dur=49.999952, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: cd75168a-3392-4eb6-8950-e0463c3f0d08
x-shardid: 41
x-shopid: 21814481
x-shopify-stage: canary
x-sorting-hat-podid: 41
x-sorting-hat-shopid: 21814481
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8087e3967f42334d-MIA
Connection: keep-alive
Content-Security-Policy: frame-ancestors *;
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Sep 2023 07:31:23 GMT
Location: https://www.herocosmetics.us/
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeLrPwHs5jWauphMw2M9Ys9FxapBcaDpR0QTEHG67MErOXxm5hRQ%2B%2FPTtogOuACgPj4bPMKZxhdIMNhXdjr%2F2u86uCd0OlRlryJkrMTiGEShJ0K2v6ZrpySGrLzc9NkRFN4%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Server-Timing: processing;dur=11, db;dur=2, asn;desc="9009", edge;desc="MIA", country;desc="US", pageType;desc="index", servedBy;desc="hb9w", requestID;desc="90e85dfb-e08c-468d-bfef-29a7f9bcd124" cfRequestDuration;dur=51.000118
Transfer-Encoding: chunked
Vary: Accept
X-Content-Type-Options: nosniff
X-Dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Redirect-Reason: https_required
X-Request-ID: 90e85dfb-e08c-468d-bfef-29a7f9bcd124
X-ShardId: 41
X-ShopId: 21814481
X-Shopify-Stage: production
X-Sorting-Hat-PodId: 41
X-Sorting-Hat-ShopId: 21814481
X-Storefront-Renderer-Rendered: 1
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
powered-by: Shopify

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 119ms
43ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7EncTFplbWDUpOxlbB9/Qg==
age: 86172
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6836
x-ms-lease-status: unlocked
last-modified: Fri, 15 Sep 2023 10:31:33 GMT
server: cloudflare
etag: 0x8DBB5D6EE6672C6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3c6836ae-f01e-0049-530d-e87b68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8087e39898c1b3d7-MIA

GET
H2 200 load_feature-e603cd7e9de65fb8a26619a69c44d7e62f2a6c96ec2c3702c5f4ecf5dac82419.js Show response
www.herocosmetics.us/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 85ms
84ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/storefront/load_feature-e603cd7e9de65fb8a26619a69c44d7e62f2a6c96ec2c3702c5f4ecf5dac82419.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e603cd7e9de65fb8a26619a69c44d7e62f2a6c96ec2c3702c5f4ecf5dac82419

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 466109
content-encoding: br
server-timing: cfRequestDuration;dur=20.999908
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f6a8c4e2-8cb9-45bd-99cb-450ce6fb1dd8
last-modified: Tue, 12 Sep 2023 22:02:51 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJl8qclgqG%2BneOGQNaS1%2FMPdLW6Mrr8OsRBmSk1%2BbpVN9PaPmk5ZN9IHZX1QMIcdVQIUAYdTivDMe0Nkt%2Bydbyyabw8r4%2BTLwukMAfFqmQTZYATONxfYxT%2FWvj%2Bp2MytMsbO%2BQLr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8087e3982ee8d9cd-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-e603cd7e9de65fb8a26619a69c44d7e62f2a6c96ec2c3702c5f4ecf5dac82419.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 storefront-f8806e35f2de3394be61626ed5f549133eacc5c8f6e034e2231f1ef12f7d162e.js Show response
www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shopify_pay/ 49 KB
19 KB 180ms
172ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-f8806e35f2de3394be61626ed5f549133eacc5c8f6e034e2231f1ef12f7d162e.js?v=20220906

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

f8806e35f2de3394be61626ed5f549133eacc5c8f6e034e2231f1ef12f7d162e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
age: 466111
content-encoding: br
server-timing: cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c18c4838-10b3-4705-9c20-e5fe845edd0d
last-modified: Tue, 12 Sep 2023 22:02:51 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruvHJd5hZWVy%2Fr%2B96M5bbJDTGp2a0rzeAisX4pFxjSAQpJ3e5Naza1K6tbt8yEgkP3a4svVr%2FzjhdBLLB%2FOfdn%2BPbSQ9b%2BtTx6mgkyr44dQwg35%2BOUtj19tvIzJ24ZqcNvB%2FE%2B83"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8087e39939b80318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-f8806e35f2de3394be61626ed5f549133eacc5c8f6e034e2231f1ef12f7d162e.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 features-e25e8382d3216860a27d91ea16c12f4ae6877bada8a19e7d7fd717b686094c5c.js Show response
www.herocosmetics.us/cdn/shopifycloud/shopify/assets/storefront/ 37 KB
14 KB 194ms
186ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/storefront/features-e25e8382d3216860a27d91ea16c12f4ae6877bada8a19e7d7fd717b686094c5c.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e25e8382d3216860a27d91ea16c12f4ae6877bada8a19e7d7fd717b686094c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 466111
content-encoding: br
server-timing: cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d389d4e4-fd80-4304-a787-618741f5eea5
last-modified: Tue, 12 Sep 2023 22:02:52 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE8mCX6AZouAP3F6gF%2F70%2FLvoa7JvtOQhw5JLk9715oyRbJPOSAC7ca%2BoTbQyPRrmq1hErCeCbu15kFbD8QwS%2BMf32GIWojcUQa9v4EzSZndU0y3Cprg4kKI7lzwoLTvye47O0Np"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8087e39939b90318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-e25e8382d3216860a27d91ea16c12f4ae6877bada8a19e7d7fd717b686094c5c.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 FuturaPT-ExtraBold.woff2
www.herocosmetics.us/cdn/shop/t/230/assets/ 101 KB
102 KB 49ms
48ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/FuturaPT-ExtraBold.woff2?v=15753262588351468981694645055

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9232c3acc1ba4a1dc61ac6abb16fbc90a2bd4c937d6fad946a1bc9dcf737c4b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1
age: 271310
server-timing: cfRequestDuration;dur=11.999846
alt-svc: h3=":443"; ma=86400
content-length: 103424
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 5145a5a9-5e78-4b29-b882-3d4d41478385
last-modified: Wed, 13 Sep 2023 23:20:17 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41C9WHbUKP%2FcpfqlFv1lWnNFgWfDXqKtj1SVn9a5PRWeG05ym8RRUZab%2BlK2gZH6x2ha%2BeoMni2%2BrJLyb6%2Fg9UB1s3eWcfHB8JZtQ7xa9Dtjk7ni8BtkakMwHIEA6Cqv6cE4IQtm"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8087e3982eead9cd-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/FuturaPT-ExtraBold.woff2>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 home.css
www.herocosmetics.us/cdn/shop/t/230/assets/ 241 KB
34 KB 84ms
83ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/home.css?v=61219697838863591441694645063

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

2f0b75d8eef5d343677271314fe8250ffb198d8d43d0a693bc8a28dcdb4aa959

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 271310
content-encoding: br
server-timing: imagery;dur=116.519, imageryFetch;dur=93.473, cfRequestDuration;dur=15.000105
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 6f7b47fd-f82e-4238-bfa9-c0d3f6a40681
last-modified: Thu, 14 Sep 2023 21:15:32 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiZHtaOXhOXc%2F03EVCVyVjpSWz4xjpbJ7Vw8SJBRnW5YrZbnUxKzYInrxQZRhPZnvcaPa7rPfXBLNmr390Jdq7OWE6eWzTMkAxl6JSdp5a%2FMyBgoE%2BO0USfvbrZbsoPJ2mV5ZJZR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e3982ee9d9cd-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/home.css>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 A19H8vTS9KoU0V2U-uthxg Show response
cdn-widgetsrepository.yotpo.com/v1/loader/ 83 KB
14 KB 264ms
86ms Script
application/javascript 2600:141b:13:7a1::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/A19H8vTS9KoU0V2U-uthxg
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a1::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 099b80f7881a84f6d61abd40094ea5f47172cc686d3323216a7b946be385b225

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

ratelimit-reset: 58
content-encoding: gzip
date: Mon, 18 Sep 2023 07:31:23 GMT
x-kong-proxy-latency: 5
x-ratelimit-limit-minute: 5000
x-kong-upstream-latency: 131
x-ratelimit-remaining-minute: 4999
ratelimit-limit: 5000
content-length: 13857
correlation-id: 1b35aa79-10db-4842-940f-f6a52f7e0a7b
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
access-control-allow-credentials: false
ratelimit-remaining: 4999
access-control-allow-headers: *

GET
H2 200 FuturaPT-Book.woff2
www.herocosmetics.us/cdn/shop/t/230/assets/ 40 KB
41 KB 72ms
71ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/FuturaPT-Book.woff2?v=5995143545136339961694645051

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271605
server-timing: imagery;dur=51.829, imageryFetch;dur=51.521, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
content-length: 41248
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 10fd7dc3-165f-439a-83a0-aeb3a9c48503
last-modified: Fri, 15 Sep 2023 04:00:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzwgHFLBVv%2BcAwzUJyTeSXSEUFgQkUeFv2MAq%2Fhxk2mH0MPnbI2pknV9x6R%2FV9OZDGiWHoStEjgck3DcYKMA95IqjMnxzvM32H4Lv5LTR%2FVS0qyPZfhvXuntODDONrnKbRs%2FoJTe"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8087e3983ef2d9cd-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/FuturaPT-Book.woff2>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 scripts-swiper.css
www.herocosmetics.us/cdn/shop/t/230/assets/ 17 KB
5 KB 73ms
71ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/scripts-swiper.css?v=163448285015285961851694645162

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

fcb97b72594d4f0110e64015bbad6d4da999c490365101ee334b9e29f9371943

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 271605
content-encoding: br
server-timing: imagery;dur=66.469, imageryFetch;dur=63.415, cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 176bd47a-8dcd-4e0b-941c-01eae4d884de
last-modified: Fri, 15 Sep 2023 04:00:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stwI81L8xA4TbID2oR5jBWEmphg6yPbmNyt0Ry7PjBKuTJ1IhfpwSMi%2BQGMS3Tk%2FWx9CvzViFkHtW%2FhPzs2VToUYnGs5Yw8bWBaA1MHKsHwXSAvCx46CZ%2B2m0w3KZnezr4oNO%2B4%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e3983ef3d9cd-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/scripts-swiper.css>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 DAILY.jpg
www.herocosmetics.us/cdn/shop/files/ 12 KB
13 KB 195ms
187ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/DAILY.jpg?v=1688589183

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

8fabdf480e32f1ad0e6b8d37e7032f2aafeb71ec6d4a1c3ccdcc59da1c7c0f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
age: 6357986
source-type: image/jpeg
server-timing: cfRequestDuration;dur=12.000084
source-length: 21766
content-length: 12794
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: adc0413d-2ca2-47c1-97c3-ffb3a49e2936
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 17:23:31 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sX4EIsr5JU3xceP7smasq7AJXa%2B6Zgz5vWnvzVZdLRl3Ci7KMpQKurRJcLkkcgI4Tt4KFukjlYi2kruoJs4BzUd1AU13SslfuZZNqkWcLzuJj7sLOWjj9T%2FIP2W%2FZCQI87poKHBW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939ba0318-MIA
x-sorting-hat-podid: 41

GET
H3 200 TARGETED.jpg
www.herocosmetics.us/cdn/shop/files/ 10 KB
11 KB 198ms
190ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/TARGETED.jpg?v=1688589188

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5b9f5c0e8bf4a5792e2094b5c15c5c2ec55bf9b3f7140b26f3e86f96e5ee4e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 6357986
source-type: image/jpeg
server-timing: cfRequestDuration;dur=9.000063
source-length: 17786
content-length: 10670
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 21a023eb-a5bd-44a0-a8a6-8a335ec41880
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 17:23:52 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDx5znTOmXoPZ2VeWxAqURz6cB8d8e193ECNY0UFcexxg2oJdSObbJZypmtvkuwAg88fzHP3PjMPjP195%2BsDf5QBqBgjSGRInJbcDzls4U%2BaZ5v1DxVAKLLML1FnBJWPvPaoqR3u"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939bb0318-MIA
x-sorting-hat-podid: 41

GET
H3 200 icon-close.svg
www.herocosmetics.us/cdn/shop/t/230/assets/ 538 B
1 KB 198ms
190ms Image
image/svg+xml 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/icon-close.svg?v=88127350990443011671694645071

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 271854
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=63.272, imageryFetch;dur=61.047, imageryProcess;dur=0.217;desc="image", cfRequestDuration;dur=15.000105
source-length: 538
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 6378c3c2-d10a-4b03-9d6b-fb6f495ffcf1
last-modified: Fri, 15 Sep 2023 04:00:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkP5UxB7B8SRpshncQOe7QC6XHEZOle67wkQbIjAzqyus1TUItt%2Bu2jgpxO5qHZhlH30nKJ7hIKG%2Fl%2BM1W5CTyOZqkZrtjdqu8%2B4hPosi0Xh4RJFaCxhJLyFMP0xYw7T6ghnpmen"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 8087e39939bc0318-MIA
x-sorting-hat-podid: 41

GET
H3 200 Latinx_2023_Copy_1.png
www.herocosmetics.us/cdn/shop/files/ 11 KB
11 KB 199ms
191ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/Latinx_2023_Copy_1.png?v=1694645945

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ff14a7f621615b85abfaee3fb05739f3fa3c5b98d49ea86fde00f0850a1cbabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 248354
source-type: image/png
server-timing: imagery;dur=180.049, imageryFetch;dur=81.194, imageryProcess;dur=98.176;desc="image", cfRequestDuration;dur=12.000084
source-length: 10811
content-length: 10922
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 9557ca97-21ec-4aba-951c-40d68e4e3dea
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 04:01:18 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVnUmq0CImJ%2FOYQyeRBcRen6Ftj9HBItjDLx%2FcS9dkGOoEnegOmeWI2HaXMCnp7L34SISmPAJYxUY6jUdU76yVHzxhjkdtJ12j08coin2%2FHXiPQ4Wl7XwRQeoeRmUB48CJNiRYmc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939bd0318-MIA
x-sorting-hat-podid: 41

GET
H3 200 HP_NEW_2x_6517935c-bb3e-4650-b0af-0759e95c1a91.png
www.herocosmetics.us/cdn/shop/files/ 2 KB
2 KB 199ms
191ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/HP_NEW_2x_6517935c-bb3e-4650-b0af-0759e95c1a91.png?v=1692197168

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c22eaaf5b4ff3d514512d4cc2cbee55733cfaeb237accfd9255406019b5296ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
age: 891909
source-type: image/png
server-timing: cfRequestDuration;dur=11.000156
source-length: 1631
content-length: 1742
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: e5658edf-5ea4-4d90-ba49-5c8047a49436
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 16:19:51 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkGeJRwaqWkQtXgQivRZuVIiXpteIp6kXELEv8JeNAZgTLpEVzHL6k73PAj7%2BLjzc2R5ER4DIqGp4bBawEW%2BbuevPMrOWPs4vjmI3feTtm%2BRcgJANl3HvKUnocNwQ%2F4nHBCaqV9c"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939be0318-MIA
x-sorting-hat-podid: 41

GET
H3 200 HP_NEW_2x_6517935c-bb3e-4650-b0af-0759e95c1a91.png
www.herocosmetics.us/cdn/shop/files/ 2 KB
2 KB 199ms
192ms Image
image/png 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/HP_NEW_2x_6517935c-bb3e-4650-b0af-0759e95c1a91.png?v=1692197168&width=193

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c22eaaf5b4ff3d514512d4cc2cbee55733cfaeb237accfd9255406019b5296ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 882035
source-type: image/png
server-timing: cfRequestDuration;dur=14.000177
source-length: 1631
content-length: 1742
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 1e3ce5c6-972f-4c3f-9786-d037da3db2e4
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 16:12:55 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9dRRm4iaVSXKN%2FKqd7X2roqX5F%2BVfLN8106snUiD4jzQuISdF6hon04JB7kGeitMS1tTJjdKACdpddWgLZS%2BUtgo8hHD%2FoAmTUFC4eU1YOcvu%2BOMui9e2h%2FwzH%2BsVP%2B9ttnbspO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939bf0318-MIA
x-sorting-hat-podid: 41

GET
H2 200 Group-10129416.png
cld.accentuate.io/40541277257770/1691698783099/ 1 KB
2 KB 146ms
52ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277257770/1691698783099/Group-10129416.png?v=1691698783100&options=
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d534f81ce5014a63bb7a35994839e7bb043eba7f7bf8052c69a52c04a39167

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 891035
cf-polished: origFmt=png, origSize=1393
content-disposition: inline; filename="Group-10129416.webp"
content-length: 1202
last-modified: Thu, 10 Aug 2023 20:19:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "68b91a260792043ef8fdd53847116ac4"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP5lJ8A2oOvSSYe2DfnRrYJ%2BJf4mFuQj4bRMtpoBHUTnDyEVEMmg15Xjl%2B3nQ34gxIACOA2O4BzMjx6DE24DBHiGKnnqnOzTwyH7WszAroUw3qllVrBG6IkLfvx0c5hDFmMQDxccJ1pgPr%2F260UJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8087e399cb834960-MIA

GET
H2 200 Group-10129642.png
cld.accentuate.io/40541277421610/1691698587886/ 1 KB
2 KB 151ms
57ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277421610/1691698587886/Group-10129642.png?v=1691698587886&options=
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c93c907c562479e404425339f0abfbe874d66cad18b60f72d2b104aa5e5d33b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 910167
cf-polished: origFmt=png, origSize=1319
content-disposition: inline; filename="Group-10129642.webp"
content-length: 1146
last-modified: Thu, 10 Aug 2023 20:16:28 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7bdf3bab823d33dad598a3ec3713c129"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbmrwK1SdajSKyKq5U19oXVA%2BL0AHQRm8D1Bl4zlL8Zx2SpNh60bq7UB3Zv1%2Bke2ihDNqmhOgP6RxUC7X6%2BfZgdKq1%2FLURnyZYNMdxGXM7keIrrC4ZL4UfxO%2BR88895jAQJn30EhWCvuhRSukGs%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8087e399cb844960-MIA

GET
H3 200 Refinery29_166x.png
www.herocosmetics.us/cdn/shop/files/ 3 KB
4 KB 201ms
194ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/Refinery29_166x.png?v=1614418263

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

88f24e7d97caf5b2406ff74dcbf9918f549f573b5815bf4254d17ce882d6113a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1
age: 6354531
source-type: image/png
server-timing: cfRequestDuration;dur=14.000177
source-length: 3832
content-length: 2971
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 14febc18-81d2-46bc-9a2a-da79486f8b82
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 17:24:05 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct6HQckUALMOmXWq39%2BnAa4C%2FHhX7pD8sMndr5gj8aDrkwVHETAUSdEAH1RLpCu4d2wh1FkfblKo01m5uvIrB%2B4CTw%2F9lV4OHTXSN4Lgfp1Le7V3oufM6Pxe9tBp00lQdt%2B1Is%2Br"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939c20318-MIA
x-sorting-hat-podid: 41

GET
H3 200 Beauty-Insider_166x.png
www.herocosmetics.us/cdn/shop/files/ 3 KB
4 KB 203ms
196ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/Beauty-Insider_166x.png?v=1614418263

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

2cca9aeb7396d396549ccf1811f14f95124ec7a36c4e99c2e2f00016d05a6302

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1
age: 6354531
source-type: image/png
server-timing: cfRequestDuration;dur=11.999846
source-length: 5057
content-length: 3112
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 4f5ed37e-ce4a-4498-80a1-c551105611bd
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 17:24:05 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlUuKdkeMq3u9KvRDyxfyzQwBY7FjChsAzWnGOStiK7iYpuDHvNUW%2BGT9Zht60gH9wwo7PMshGoVuSG0N9RKrBhs%2FWhjDR6LaRtiYAoUM06wkyDd2aeSJx%2BEpDw%2BS920DqIC9Kl6"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939c30318-MIA
x-sorting-hat-podid: 41

GET
H3 200 hypebae_166x.png
www.herocosmetics.us/cdn/shop/files/ 3 KB
3 KB 203ms
196ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/hypebae_166x.png?v=1614418265

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1fab550aa4ad8ee1224a59e305847120a71b1dc0c0de5eec815bf7b113ccc9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 6354531
source-type: image/png
server-timing: cfRequestDuration;dur=8.999825
source-length: 3291
content-length: 2733
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: a5974f43-4790-4ab4-95d4-c3eabd20341b
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 17:24:05 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sENSmPw0VYDjnTiX3jR0Xm49fMNLEWmbpkiNS%2By1sHnf%2BReXd9L853fcEgySOTxGhlnnuwzhK5OoAeNaDrXhK0Yz7Jk9D84obCxE1vUNwS0Ppsu10jW%2BSUvtqpECr38slo4T5REc"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39939c40318-MIA
x-sorting-hat-podid: 41

GET
H3 200 icon-exclamation-error.svg
www.herocosmetics.us/cdn/shop/t/230/assets/ 783 B
1 KB 204ms
196ms Image
image/svg+xml 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/icon-exclamation-error.svg?v=125836360076035891871694645075

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 271854
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=97.774, imageryFetch;dur=96.361, imageryProcess;dur=0.046;desc="image", cfRequestDuration;dur=8.999825
source-length: 783
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 39b5d731-2da9-4b17-b98b-d9587d7f1de7
last-modified: Fri, 15 Sep 2023 04:00:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G86OZGU3r6Q%2FCi003MUhOa2Xi5R3gY%2FbvlLvXtfjhGbkotwGIBqgL%2B9NG9%2FHH13QBURMGjNeXa%2BB2%2FMnUMaxsFwf1Z7vkxVPCtFLIM6MFa1cML4mm4i2dHx0UOhsLmySvyR3w84s"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 8087e39939c50318-MIA
x-sorting-hat-podid: 41

GET
H3 200 icon-coin-yellow-md.svg
www.herocosmetics.us/cdn/shop/t/230/assets/ 647 B
1 KB 204ms
197ms Image
image/svg+xml 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/icon-coin-yellow-md.svg?v=132818892914967492141694645073

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271854
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=44.816, imageryFetch;dur=42.065, imageryProcess;dur=0.130;desc="image", cfRequestDuration;dur=10.999918
source-length: 647
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 01180c29-5543-4528-8e63-6cd8ff233233
last-modified: Fri, 15 Sep 2023 04:00:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzMJBR0e492LsZY5frXQ90GQghV7ks%2FNL44tyOtnh3478RvRLV72cAMaY1jPgs79HhMOqRMl%2FVEBiPAIBGqGzO%2BU8ypSLOg2g8JF3Sx1f0zVBdryRxkncauvFqGVwF%2B%2B3MftVTmH"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 8087e39939c60318-MIA
x-sorting-hat-podid: 41

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/ 61 KB
22 KB 128ms
43ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.0/gsap.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3528289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22280
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-5708"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8T8UdBue9ZhHAo6WOFXyaZ5pMa6WLqpUpku2%2B9DjEJoxaxz3DWzs08ZEWMnbKrg8cNjzI%2FC%2Bmr0A95eSDYTbdTtEgOqF4nq9IIDBqL4EVCkgREzi4jQj2mBryZZ2pExOnAquys%2FuLx815GLxaISM%2Fjt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e3993b980a16-MIA
expires: Sat, 07 Sep 2024 07:31:23 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@6.6.2/ 141 KB
39 KB 125ms
51ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.6.2/swiper-bundle.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9234669
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01F78HV5607H8M304QGKYDDH60
server: cloudflare
etag: W/"233d7-mZelZ23GqQ/jYOpc8MQCKmqF0Cg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8087e39959db09b2-MIA

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ 2 KB
1 KB 53ms
40ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 393883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 701
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiqV%2BmwnfBF2ukCd4%2BdvwEa9GNVWzsqboXj7W9dqiftsx8QOx%2BS5FsxlVBZxNRCnWCSB3mKupH5i7ZaLoiaICfsO9u%2BzfncTHaJFNJ1X9Gpo5%2BrTJdBGCivXn95%2Fg8AErujFcU8GOCr5lV2Br42tyCLB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e3993b990a16-MIA
expires: Sat, 07 Sep 2024 07:31:23 GMT

GET
H3 200 jquery-3.4.1.min.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 86 KB
32 KB 121ms
113ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/jquery-3.4.1.min.js?v=160737389985263990141694645110

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 271855
content-encoding: br
server-timing: imagery;dur=70.718, imageryFetch;dur=70.472, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 600223c2-7aee-4190-8306-05e429bf97ea
last-modified: Fri, 15 Sep 2023 04:00:17 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8ptQ0h%2BtQ1tlBKCvvHnhLRkjDCLnBevvx7pKiselIKHTrGQe7WXEvFwYBCrT8BVPrnd51sLPoFOXglNv8c5eixA%2FWsMZgWKuzTQo1cN0V%2B6r0JOGz2bJwRP3ZIm%2BXNa2zWqJETs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939b20318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/jquery-3.4.1.min.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 api.jquery-df6d50f6d26fbb16a4c128cf7d532ec819d4b89d6c746ecbb80f64bf2d6b6224.js Show response
www.herocosmetics.us/cdn/shopifycloud/shopify/assets/themes_support/ 6 KB
3 KB 157ms
149ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/themes_support/api.jquery-df6d50f6d26fbb16a4c128cf7d532ec819d4b89d6c746ecbb80f64bf2d6b6224.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

df6d50f6d26fbb16a4c128cf7d532ec819d4b89d6c746ecbb80f64bf2d6b6224

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 466106
content-encoding: br
server-timing: cfRequestDuration;dur=8.000135
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 17938bbf-cb36-4dd8-8e7d-844d143dc127
last-modified: Tue, 12 Sep 2023 22:02:57 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22y0nvURLOlcKqNQnAVYKCppuEmiINWch9GXYytdBizWEZMUcNQCX8uqglUEbfyf0AtzvhBN%2FW2QTNRaKKtrMzSLqAUQSliLGELM2iji%2FBnKw%2BPTLQhLLPnqrY39JBNGf%2Bepl59n"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8087e39939b30318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-df6d50f6d26fbb16a4c128cf7d532ec819d4b89d6c746ecbb80f64bf2d6b6224.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 modernizr-2.7.1.min.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 9 KB
5 KB 159ms
151ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/modernizr-2.7.1.min.js?v=97979361732255975071694645128

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 258855
content-encoding: br
server-timing: imagery;dur=97.313, imageryFetch;dur=96.417, cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: fcbcab31-1d26-4f69-bc6d-889bfc12f38c
last-modified: Fri, 15 Sep 2023 04:00:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63BeN236mycKD5rL0wWXZiFtk9BsLoSkVZueas4FxDhS0iqzZb1f54Diqvgph3lLbDqt3bCNgec%2FHu1wUWaN96BVIdQNEsBqubD4A%2FC4Ne6Te6vXPWLfS3rgEIWAtMOU0sneOYf6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939b40318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/modernizr-2.7.1.min.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 plugins.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 66 KB
22 KB 161ms
153ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/plugins.js?v=99302838158046610501694645142

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

25e91f0c16604cc2bc123780e97121e82b9f358997a01563909b4c8df6d33d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 258855
content-encoding: br
server-timing: imagery;dur=87.545, imageryFetch;dur=75.113, cfRequestDuration;dur=15.000105
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 694901fe-c49d-4223-bfe3-1623538b9d58
last-modified: Fri, 15 Sep 2023 04:00:34 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mz%2FE6tk0cuBC1ekV1kBSqwmXhNz5UAHzrSWTE9h3tl2OflnpoVmiosDgQm%2FaKLijTcCAv3qG0P6mqk41ISqpIGGnig%2FsKlDDGlqgcvDa%2BfLShJdZY0MKMTz8RfVc4jivmeSemne9"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939b50318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/plugins.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 vendorCritical.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 21 KB
9 KB 162ms
154ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/vendorCritical.js?v=48853176165066929851694645171

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

642c592342b7a6aab5718d7ae9c33a70a97c351f5b1236413cb1adb6e3b7f075

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 271855
content-encoding: br
server-timing: imagery;dur=106.828, imageryFetch;dur=97.839, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: ad0f0e45-7d35-4c85-b2bd-9ef693ff9751
last-modified: Fri, 15 Sep 2023 04:00:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNbKm8wZu3N%2BaIU2vLbbxL3zN8BvnwZxzsFkLr8xCx07VHZbFccF6zzXKy4%2B4HHu%2F6%2B5T7BkTplsqN1lBZNWbuDcz2IB8PRaaqir4QvJPTn9ScaQVefVkxTlj8uuD8vITdltVW6O"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939b60318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/vendorCritical.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 mainCritical.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 89 KB
21 KB 164ms
156ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/mainCritical.js?v=126867891400256229341694645127

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5199483a59a14781892e0b13c274251bd95dfe66df669f77c1ce6fb084e47a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 271855
content-encoding: br
server-timing: imagery;dur=123.301, imageryFetch;dur=103.961, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: bb984557-c93a-4391-985a-310beae37827
last-modified: Fri, 15 Sep 2023 04:00:19 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlxENzovU%2BQ%2FOZpTd8X5EP5XnIlh3ojcla2oTJZ3zRolgNIYKAUQa1AjpK3mOr5inRsqLipjq6EuDSM87ozvG7PjdT5CL9AdkdmNPvyYksSf%2FutHxepra6NaHnm%2BfvsKbbrg0HS%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939b70318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/mainCritical.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 main.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 156 KB
46 KB 205ms
197ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/main.js?v=45110255186116295161694645126

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

bfd8d391f98decb7dd02f6a829bd29862dd6381227da98f5beb7854e1e5dfef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 271855
content-encoding: br
server-timing: imagery;dur=124.783, imageryFetch;dur=76.889, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: d324a775-c58b-4b22-bf0b-c557e97b6ca7
last-modified: Fri, 15 Sep 2023 04:00:17 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nz8mEEHBz5zpVRla6IBjc8%2B3WSc%2FnH9F%2FQ9MWrykaTcjADoPRjRVU4IvGqur4l8QgSU9q9tfqk90MsIYjH02K%2BlzkVMzXyOXjj2a5FrZc71BXGQmQ99zWOW3YvqmOyXIb77abrRK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939c70318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/main.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 home.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 102 KB
31 KB 224ms
217ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/home.js?v=180127125517507961341694645064

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9bfae488ab5c2e8005516633194e7400e639e957ae1be99a12b427d1b05b1a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 248354
content-encoding: br
server-timing: imagery;dur=140.607, imageryFetch;dur=122.290, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 34a1b534-4468-4d44-b229-8a8efdbd0ed0
last-modified: Fri, 15 Sep 2023 04:00:41 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3tM0C7qfgcoBButBzQdxrJpvtEng4pDEhixVyBLs3%2BIokyWLawdeRs4ZlP2oOuZfz9vU3OZu%2FZJKU6fc6qOlLuvdAK9pUopAST2FQ6YK8hHi1mgzWkkbBQwYSJJkrOu3dXe5xVp"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939c80318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/home.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 17095.js Show response
www.dwin1.com/ 35 KB
10 KB 240ms
74ms Script
application/javascript 2600:9000:2209:f400:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17095.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:f400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f1949c18fa89949138494eabd29776dd2557dc81b0df883120ef4dc57ba9548

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: anJXmw2HwLjkDbP.UjHXCRXXJTZuFvRw
content-encoding: gzip
via: 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
date: Mon, 18 Sep 2023 07:29:34 GMT
x-amz-cf-pop: EWR53-P1
age: 247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 06 Sep 2023 09:10:38 GMT
server: AmazonS3
etag: W/"0f072370e7c931f3b5106c702826bb23"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: AuFFF5q9qTZbgOjdTIwx2t13S_4b-68Q2zadaLzb_WFu10gkNSKssw==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 129ms
36ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac549f438a886eb4848aed56ce4bd0761598b3df30cb44c1b435a386bbc33357

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 179078
content-security-policy-report-only: object-src 'none'; script-src 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self'
x-cache: HIT, HIT
content-length: 919
x-served-by: cache-lga21933-LGA, cache-mia-kmia1760072-MIA
server: nginx
x-timer: S1695022284.806189,VS0,VE1
etag: W/"fffac71281a68fa656bef3f60b5319d5"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 dtag.js Show response
cdn.attn.tv/hero/ 5 KB
3 KB 239ms
75ms Script
text/javascript 2600:9000:21da:200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/hero/dtag.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a96c0f3d85a2dfc2c0f7a85e0fec1ccf780b3cf516c3372190138dfd22dde6a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: lfTGo4lJJi3xl5A3kiV1tkkg6axfqYn3
content-encoding: gzip
via: 1.1 4e4f8ee4f88ce6711f13846e91140c60.cloudfront.net (CloudFront)
date: Mon, 18 Sep 2023 07:29:35 GMT
x-amz-cf-pop: EWR53-C1
age: 109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Oct 2022 16:43:40 GMT
server: AmazonS3
etag: W/"11a14dfc087feaedb628aa9df45dc163"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=120
x-amz-cf-id: INlnNvGkqf43TEDPQw3zd6GAc0miB_3cgSg_dy4WIwhimkiLThdLPA==

GET
H3 200 attentiveButtonTracker.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 5 KB
2 KB 235ms
228ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/attentiveButtonTracker.js?v=144704628295837414471694644969

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

aebd044b99ee305fe596e71b1e9bc1bec4c18d9b2850a7b9e0a5fcfd8ca4099c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271855
content-encoding: br
server-timing: imagery;dur=46.702, imageryFetch;dur=43.390, cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 89e45314-6fb0-4b10-af91-5afc331f1d23
last-modified: Fri, 15 Sep 2023 04:00:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgzlONuIWC75DoEsv7eGpdGZpntAVKyuOdiG387NPleiQYT5TzJSDSVqLshBXaeCYbZv0EL9MrMQ3avHCUSU%2BahjrmmlZfnf0vz3XRmJgfCBVncMqLUi1fEwBk9nsDCv7coZrjrw"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939c90318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/attentiveButtonTracker.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 sms_aff_clicktrack.js Show response
static.myshlf.us/Affiliates/ 2 KB
1 KB 217ms
62ms Script
application/javascript 13.35.93.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myshlf.us/Affiliates/sms_aff_clicktrack.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-109.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfe6ab5a8bde60423658b6a7a8ca8e7c8f8356472ae9fbc961b373dd3259004b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 15:18:25 GMT
content-encoding: br
via: 1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 13:25:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 58379
x-amz-server-side-encryption: AES256
etag: W/"b43af2899fbeaadef2ca1e22e08a565d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: chj8_E25gdJdi2ezDTz4gRhtjGrTOBKRQ1_fE2FeTL_-QgO8zgHxWA==

GET
H3 200 liveChat.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 15 KB
6 KB 235ms
229ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/liveChat.js?v=83089050761543716311694645115

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9294daa358be6e41fd4a2a685351b7ed54140f850306a74af3a22a9dd697f5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271855
content-encoding: br
server-timing: imagery;dur=72.364, imageryFetch;dur=66.284, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 6920a146-1803-413b-9837-fb58358c69f2
last-modified: Fri, 15 Sep 2023 04:00:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IDOT7%2Bcxnp3fkEHZ9INaesrspqHKb8RMY%2BCwXq1IwDC1pfjtIZlHfihnBk9QLSODgR9gEIEt4Cly2md%2BbWhvtSrN0hVe11ZnOB%2BfH21cjl%2BNl4MDnyXF%2BaMZSR91GEg8%2Fua87Fr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939ca0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/liveChat.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 1867cdf6-9f68-4218-add3-eb13394b9138.json Show response
cdn.cookielaw.org/consent/1867cdf6-9f68-4218-add3-eb13394b9138/ 5 KB
2 KB 124ms
53ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1867cdf6-9f68-4218-add3-eb13394b9138/1867cdf6-9f68-4218-add3-eb13394b9138.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c6eefe273943383cb3f5c648f3af597a7f405cf3855db5d89280843df029ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 45099
content-md5: MaZ304612CcV0fV2vaewSw==
content-length: 1752
x-ms-lease-status: unlocked
last-modified: Fri, 10 Feb 2023 21:50:05 GMT
server: cloudflare
etag: 0x8DB0BB0C57C5DA2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6c2c26bb-801e-00c4-0ae1-5aa720000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8087e3998cfa2604-MIA
expires: Tue, 19 Sep 2023 07:31:23 GMT

GET
H2 200 events.js Show response
shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/ 18 KB
7 KB 120ms
36ms Script
application/javascript 34.120.58.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/events.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54de354b4d7d3eb9116966f4021f8e554ee71beb5885e2626ef5f743ce49103d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 11:56:42 GMT
content-encoding: gzip
age: 1971281
x-guploader-uploadid: ADPycdsazVtCtYHCoQ_q9MB9PeFdpgJIAKdoqSxJSpJL_3FN2RV1B1_NuC9ROOaMdvEBHGyV2VIjiTjHCdi5yeHGSsOebsf8rnAg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6992
last-modified: Wed, 05 Oct 2022 16:20:12 GMT
server: UploadServer
etag: "4728b5d15e9960ee10bec1ae71e38c2c"
vary: Origin
x-goog-generation: 1664986812557648
x-goog-hash: crc32c=Rhtnaw==, md5=Ryi10V6ZYO4QvsGuceOMLA==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 6992
accept-ranges: bytes
expires: Sun, 25 Aug 2024 11:56:42 GMT

GET
H2 200 gtm.js Show response
ssapi.herocosmetics.us/ 404 KB
130 KB 271ms
156ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 86a30eb73fc2d2a95b896cb0121c230c2b4f0683a00d4031ac7158d313107977

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 06:00:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 2ce8f2254fba72ea54092d3c48e0e587
cache-control: private, max-age=900
content-length: 132307
expires: Mon, 18 Sep 2023 07:45:44 GMT

GET
H3 200 worker.modern.js Show response
www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-app-pixel@0559/sandbox/ 39 KB
17 KB 47ms
46ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-app-pixel@0559/sandbox/worker.modern.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7b25341cb1cb9cc5963b61183e03057ef8aea8c5323b46d97efd9441a2724d23

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
age: 207065
server-timing: processing;dur=21, db;dur=10, asn;desc="19331", edge;desc="ATL", country;desc="US", servedBy;desc="rjdn", requestID;desc="f7c8ac84-0709-4b3f-a7aa-843142492655", cfRequestDuration;dur=9.999990
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
etag: W/"cacheable:71b86bdc3112f6f29b55e36f4baacefd"
x-shopid: 21814481
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en-US
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
x-cache: miss
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f7c8ac84-0709-4b3f-a7aa-843142492655
x-shopify-stage: production
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FgYOy7EO%2By9JQlhpYLffNB2jYOlCIDoZL8hvrLQdPBP7fd4Pil9mf2rKTLpwFKr%2FlOob3bwkAhM6ayHlOAlv07oXI%2ByNfKOASdcszMUaBH%2FTfIQh%2BtyDLmsU17%2F6EmFf5x2ScC1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8087e39929ad0318-MIA
x-sorting-hat-podid: 41

GET
H3 200 b807df045w36eb870bp858e4efdm07092c7am.js Show response
www.herocosmetics.us/cdn/wpm/ 74 KB
27 KB 235ms
229ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/wpm/b807df045w36eb870bp858e4efdm07092c7am.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

fe2b91cc4671d8b5bc223a1ba00b2c0105898aa5540ec60832633ee2636b23de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 207901
content-encoding: br
server-timing: imagery;dur=28.901, imageryFetch;dur=28.624, cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a1b116f5-436b-4ab5-9571-d3b0e42d15f7
last-modified: Fri, 15 Sep 2023 21:46:22 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5nsBUN57UiWPHC2kbD5XELYlZJuLXKHZbqZM2VF1T6GckiurSKgK9OwhVOU0%2B17MIdJPcUYy3UaTSQk1277CFrMJ4eBQkA16bkxm%2FR9L2ATxkvJl%2BxghRFO3VZtG054KA5lHHEC"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8087e39939cb0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/wpm/b807df045w36eb870bp858e4efdm07092c7am.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js Show response
www.herocosmetics.us/cdn/s/ 116 KB
27 KB 237ms
231ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

3fc7c0c0ed93860d3cd63425004cdd43107736041f18ad632f83c98e1b3511fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 215361
content-encoding: br
server-timing: imagery;dur=612.947, imageryFetch;dur=101.618, cfRequestDuration;dur=7.000208
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9a954fbb-fa91-4726-8a81-fb225d279d3d
last-modified: Fri, 15 Sep 2023 19:42:02 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX1c6erZ3q0KKTBFnHe87YRbeVx5MgD4UUEJOIS4HxAGGTJ9Vgfrj4uldTg9bC%2FTGZ98keu43kBbrl%2BH3Q6T5nXC7FwdeCG17dbModkwMSnQCVxswuve8XrfhxFFK9OlANIzHceo"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 8087e39939ce0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js Show response
www.herocosmetics.us/cdn/shopifycloud/shopify/assets/ 8 KB
4 KB 241ms
235ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1
age: 466111
content-encoding: br
server-timing: cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d9717625-ecd0-4192-8866-13cd1fa3a805
last-modified: Tue, 12 Sep 2023 22:02:51 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCEUNuEmhkMxAJwZzn%2FbmtFYbPO6Yn1%2BPOKbV7EiKASndjs%2FPAKScxQ3w%2FUOlBmdtXfoZyK5m0VVWs1OL0lJPUfYDCumE7ea6REYsz8MuZWTVcaKLV8j7Dtv9vJa%2FANh66lrn8S0"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 8087e39939cf0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
www.herocosmetics.us/cdn/shopifycloud/boomerang/ 58 KB
19 KB 52ms
51ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 1502184
content-encoding: br
server-timing: cfRequestDuration;dur=7.999897
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a6bdf3b9-dea7-46d1-9e0e-84c231bf4f74
last-modified: Thu, 31 Aug 2023 22:14:58 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce%2BJfUZuLBNxTh2b6DHbnwdEGrF8Mqilg9RnFI5X%2FPpS4BOQboKVbmnSjZcTzUUxJf1FhdvSf6zdkda6YK9qcCBDt0ga%2B6IZNtyrBXEfWLqCCv3KsjSLu88deTiKCEPChnRdyV0q"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray: 8087e39929af0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 scripts-gsap.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 69 KB
29 KB 238ms
236ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/scripts-gsap.js?v=31038462870382695251694645158

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4e52d9676b6d0db0bad5fcb9fb59dd2d642a9dd98ec265eaf2aa144bf6463ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271854
content-encoding: br
server-timing: imagery;dur=120.214, imageryFetch;dur=105.036, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: d53eb0d5-ef78-43fb-b5bd-237881841cfa
last-modified: Fri, 15 Sep 2023 04:00:07 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FDcbPUep9Fx%2FEmMc%2BIVzVEaRe3thjhmUto1TfNjIRhxgRrznXRvkDXD9TA0A827PddzGdbCQTN3P1WTzcOYYueYsKGL8gcoCezXifQzvivCIVM7aBXRrqHkU%2FOfcILKHQRpwlhy"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939d00318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/scripts-gsap.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 scripts-swiper.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 259 KB
54 KB 236ms
236ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/scripts-swiper.js?v=154282960781530278461694645162

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

585f7acdf02d094353eba06f3a24ecb7da385e2fa8b2c02fb2c3ff751b119081

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 271854
content-encoding: br
server-timing: imagery;dur=132.444, imageryFetch;dur=91.960, cfRequestDuration;dur=7.999897
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 9702c57a-fa7b-4562-9a85-7cb834606ad4
last-modified: Fri, 15 Sep 2023 04:00:18 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWBG%2FEENQbcB%2FSlpfLTuVwru8Ht2YVaqUkpk4r2nEC8oSCWKbb0Qrbilpp7ZrIWyny9Q%2F4Tc34bbCjmB9cIDeiwWzb0oin%2BiPRgNQ2cCGNcCRh1ZKSKTGCSEGwF1WgXh5czYsQZc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39939d10318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/scripts-swiper.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 FuturaPT-Book.woff2
www.herocosmetics.us/cdn/shop/t/230/assets/ 40 KB
41 KB 222ms
221ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/FuturaPT-Book.woff2

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shop/t/230/assets/home.css?v=61219697838863591441694645063

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/cdn/shop/t/230/assets/home.css?v=61219697838863591441694645063
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271854
server-timing: imagery;dur=27.584, imageryFetch;dur=27.314, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
content-length: 41248
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 10bb85d5-8ff8-444d-aa91-d287407b9c9d
last-modified: Fri, 15 Sep 2023 04:00:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSLtgBmvbWT2ELLYrzJ8cNJaKUiw9URiY%2B%2FIdbV65YETwUDYJEyTbYHLzQQ%2FSQH9EUyCNe8E8klKKnXmvZBJ5LPLI55L4D14XzuzUTfYpm4E8ls5kRDbx%2FslbHSIgKc4oid7Y2ef"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8087e39979e20318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/FuturaPT-Book.woff2>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 FuturaPT-Demi.woff2
www.herocosmetics.us/cdn/shop/t/230/assets/ 43 KB
44 KB 225ms
224ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/FuturaPT-Demi.woff2

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shop/t/230/assets/home.css?v=61219697838863591441694645063

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/cdn/shop/t/230/assets/home.css?v=61219697838863591441694645063
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 271854
server-timing: imagery;dur=115.684, imageryFetch;dur=115.293, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
content-length: 43869
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 8b5d1182-2e2f-4317-86e3-a24cf186bfef
last-modified: Fri, 15 Sep 2023 04:00:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4ex7tNWaxYN9gvaztEK0yiF3ch1xpKyG9nWX%2B7NMiCEbmI%2FzjOsU0oZjvrDqwvgd4qulm9IHHKAWg8mWYYLYD%2F6GktI0WjncAJH8X8osE5%2BohYh27FEIqFQpUxmfLKH2fPlgcmF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8087e39979e40318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/FuturaPT-Demi.woff2>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 FuturaPT-Heavy.woff2
www.herocosmetics.us/cdn/shop/t/230/assets/ 46 KB
46 KB 226ms
225ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/FuturaPT-Heavy.woff2

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shop/t/230/assets/home.css?v=61219697838863591441694645063

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/cdn/shop/t/230/assets/home.css?v=61219697838863591441694645063
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 271854
server-timing: imagery;dur=56.759, imageryFetch;dur=56.526, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
content-length: 46800
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: bc865ab4-deb5-459a-abaf-10b8758d8244
last-modified: Fri, 15 Sep 2023 04:00:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVcPMX2Xq%2FAHa%2FkPBntgEjsiGPwBsI4eSqo0v29wWok1SHLsUKyFg%2FjJh03uUx2WSepUW0ScQdjDT61gmCicCBZ%2FDXmFJAUC7gST4NrubZsMOD3hvCggITon1cpkD%2FQL9INOK1Wo"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 8087e39979e50318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/FuturaPT-Heavy.woff2>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
315 B 144ms
66ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8087e39a587b4bff-MIA
access-control-allow-headers: Content-Type

GET
H2 200 gtm-suite.js Show response
shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/ 39 KB
12 KB 37ms
36ms Script
application/javascript 34.120.58.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 12a830366ed648c938e9fd2984bfa14cdd221731a1c7569015818da8ade2ae1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 10:01:02 GMT
content-encoding: gzip
age: 1891821
x-guploader-uploadid: ADPycdsQxq5ZnC6wAs1a_KLoIV9NLSCzMxQNxlu4Tt9Q9Yp0LjcXn1J8gK7tZwEF6LAk4kAT3MWKCSnC1OhqCUxHjhN7Pg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12388
last-modified: Wed, 28 Sep 2022 11:21:59 GMT
server: UploadServer
etag: "2e294e3031f65c75dfd2852226cacae6"
vary: Origin
x-goog-generation: 1664364119132521
x-goog-hash: crc32c=uBc4CQ==, md5=LilOMDH2XHXf0oUiJsrK5g==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 12388
accept-ranges: bytes
expires: Mon, 26 Aug 2024 10:01:02 GMT

GET
H3 200 Latinx_2023-HP_larger.gif
www.herocosmetics.us/cdn/shop/files/ 84 KB
84 KB 72ms
65ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/Latinx_2023-HP_larger.gif?v=1694720397&width=1152

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

738b2590b63545921b31c5f5778ffb9a6a2cde05f676efb98e5d860a2271fd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 231493
source-type: image/gif
server-timing: imagery;dur=434.812, imageryFetch;dur=70.224, imageryProcess;dur=362.484;desc="image", cfRequestDuration;dur=10.000229
source-length: 1704613
content-length: 85566
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 07b16bf8-0e59-4331-809e-b663e6b6c222
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 04:12:05 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRW7yvRzNlhsxM6RVhmmSBHr7ca6ZnT9fjqkbzbwoxwZxOzWKxpz33F%2BiEcV%2FjTJc8NBhsdKj1u2VJ%2FoZZMHo7u2kO7zA%2F%2FUFzYOleELPKEUDOFZIjzXmtbXLwKRWJcy4PQZcaVl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39a7a3e0318-MIA
x-sorting-hat-podid: 41

GET
H3 200 HP_Sustain_Desktop.gif
www.herocosmetics.us/cdn/shop/files/ 348 KB
349 KB 79ms
72ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/files/HP_Sustain_Desktop.gif?v=1692886203&width=1152

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9675f96d6a3cf8f15b36372d79fec2778241c0b119c21560e0e9b69c4235cb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 48333
source-type: image/gif
server-timing: cfRequestDuration;dur=12.000084
source-length: 1573930
content-length: 356720
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: e8dc2a9d-1dac-49cb-845f-3019e21e4552
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 16:26:18 GMT
server: cloudflare
x-download-options: noopen
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXRDveEfDMs2XpyldmtRX0iR2rjIRzfbOG7v55cojH9stOdW9L7x8lxbVb%2F28%2FPO9Vy6PKgIzvBXIlLTo1K9J4zsn4GvIS8LhCbP3hHyYj1kS0xqRSpZ28j3P4kWRzL5S5GvLI9E"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8087e39a7a3f0318-MIA
x-sorting-hat-podid: 41

GET
H2 200 Product-Thumbnail.png
cld.accentuate.io/40541277257770/1691689866656/ 12 KB
12 KB 95ms
86ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277257770/1691689866656/Product-Thumbnail.png?v=1691689866657&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1335632a1bcde72fe95a0d919eab088b1318019746563e0595646a23318e29a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 584351
x-back-cache: HIT
x-front-hits: 0
x-back-hits: 1
etag: "SCKi2iiEgpCIKUoARCKgWSnXaTHCuteomd4R5onAmFmnic6umQABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVp"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: MISS
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 666c2260eba58c2b69ea2e6ef70667be.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, LAX50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 11936
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49Mtnj5giC0oxKT%2Bl0Q1M3I4wSBt56bpKb8%2Fp4Lx3JOepwYVBp%2BUuQJ%2BaFrusY6DL5Wr7iVyNfmT2ChwyKjxV30wzRJ3IAk%2Bcd2DnaEizyq3bd79tzQgz5PS0%2FTV9BhCSeYdkCVJAsg%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bc54960-MIA
timing-allow-origin: *
x-amz-cf-id: jpkxgKLYrelD9CxrjuwRN2oXzDvpjvXF2PqqK5u-_GZ3PoouH0TxiA==

GET
H2 200 Product-Thumbnail-hover.jpg
cld.accentuate.io/40541277257770/1691699338666/ 24 KB
25 KB 96ms
88ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277257770/1691699338666/Product-Thumbnail-hover.jpg?v=1691699338666&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88b08a859185d0776e3e6213457c45c8b8daa014cfa88ae5396a92ae7bf2913

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 894881
x-back-cache: HIT
x-front-hits: 0
x-back-hits: 1
etag: "lANzAwDcKUvSAKlQA1BiziDCJ3IPpP2kJUHToQULMQz0SU#l3wICgQVc1GG&AXpVLreCx9poTUEDmSkYGOH4sLsDuTavM3AzmZ5udoIs#iRD10"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: MISS
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 8e2ab8d4ebdf363d2c4ab61a7cc5bc34.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, LAX50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 24742
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoVqGQYsSBGoJMwQRWInUrPEP5ZY8NJcahRgz6EeyT8FMAFN%2BQegtEgAqv0m1h4WyJGSni0T%2Beo%2B%2FFs4AjlqGmVlOMBbAiP9tHfDtGhW%2FlbGC%2FSMq7XmdPsGJ9Pdx822WDK%2FmI6r%2Bhs%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bc24960-MIA
timing-allow-origin: *
x-amz-cf-id: wiQEX6Syptwndm4XYi7kE2yK9SOWBafc9oWm1esdCo9Mvp20w22RNg==

GET
H2 200 Product-Thumbnail.png
cld.accentuate.io/40541277421610/1691685595145/ 6 KB
7 KB 96ms
87ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277421610/1691685595145/Product-Thumbnail.png?v=1691685595145&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37ddb046549bd50c20d598dc823792cafe56f1eee6a5a026c18dc57fb6f7ba7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 3002678
x-back-cache: HIT
x-front-hits: 0
x-back-hits: 2
etag: "SCKi2mg4hZBIagoARhGQhl5tFW7PiZujugJaZ3aTeopnhWGqYBABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVp"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: MISS
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-73-31.us-west-2.compute.internal (Varnish/7.3), 1.1 912d83c7c9b4676eb19f09c9bfabda24.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SEA73-P1, SFO5-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 6164
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnrOY1gCNHlNtpJKQ0V3c9qNUHY2g4Pd%2Fylr0ecBIeCtkryt9BNo%2BWamCHe%2B4iUcDvTXzEDzgaMycNx89V1z9%2FTsLyGVtb4JQ1sCZzjGEowvHAvGmDIXmZX84d3ENHIGgNxnV0nAL0s%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bca4960-MIA
timing-allow-origin: *
x-amz-cf-id: 7GwTF6DSUXxCE0ceuS5IcLiya6rLOk4LQGyw4GbkQGMtV4O39nEdbQ==

GET
H2 200 Product-Thumbnail-hover.jpg
cld.accentuate.io/40541277421610/1691685615531/ 71 KB
72 KB 60ms
52ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277421610/1691685615531/Product-Thumbnail-hover.jpg?v=1691685615531&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9c18f6f9f1bf995f2481e9d06afcf744fd311719209fccb70f0fde554101d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 928511
x-back-cache: HIT
x-front-hits: 0
x-back-hits: 1
etag: "SCKi2mg4hZBIWgoARCBYSgokYPo8ZtegWgZobPIdewhZiYYoHRABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVp"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: MISS
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-76-93.us-west-2.compute.internal (Varnish/7.3), 1.1 912d83c7c9b4676eb19f09c9bfabda24.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SEA73-P1, SFO5-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 72738
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEg7oq87vzGvjZGd4pHJk4GrPJEmx70uUURp7lQPaiZdV72NJ9%2FiTufb%2FuDYMI8JLYcv4TLN0ZnkUSnESO7r1qlkhm3d9IrX0MmorOsvepvWHrXP1uWEZYyOmvH%2BfwJCx6siO%2BU6xP4%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bc84960-MIA
timing-allow-origin: *
x-amz-cf-id: LmjQhH9P9Qx1ojAFvUCt_qN-YM_eEhID38MgHyn1YdXoswjpVlbZjA==

GET
H2 200 Product-Thumbnail.png
cld.accentuate.io/40541277650986/1689356454411/ 11 KB
12 KB 58ms
50ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277650986/1689356454411/Product-Thumbnail.png?v=1689356454411&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd2ee80db00c3b3e1b47f9ef612a1baf5b72e7d9c43ad4724d9636136461960

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 584351
x-back-cache: HIT
x-front-hits: 3
x-back-hits: 14
etag: "SCCi2iR4VIBIGgoAROCoaUZkHBICioeimhpmF1mkuOqraomtGXABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVp"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 1c5a7e2dbc29e2ce87f40dbbc168a96c.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, LAX50-P2
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 11574
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDIAoZ3g6gs8WUij%2F4xg%2BBZYYYv95Orj6gTV3JK7CUk1%2FNfjFhuoUXlG9RvmMd%2F9EuOy4VcNJZCs0dNss5sMok4OzaqXqOZKyo%2FOd%2BT0IQEvtWZlDaYfONfed7JzDMonkx1%2BIvLNEhA%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bc44960-MIA
timing-allow-origin: *
x-amz-cf-id: TVwBYbprfq_0XfLtaPyzMO8TNS5SgXUZAjk6lNVsPUDBYEYgbbe1PQ==

GET
H2 200 Product-Thumbnail-hover.jpg
cld.accentuate.io/40541277650986/1689356465842/ 17 KB
18 KB 61ms
52ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40541277650986/1689356465842/Product-Thumbnail-hover.jpg?v=1689356465842&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5007326f1001d08115505abf0ad29d4936db95488fee8ab95b697160bc5e4e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 3086373
x-back-cache: HIT
x-front-hits: 5
x-back-hits: 6
etag: "lAJzAQj8SUnSDylQAPOTR8YUJLwQ#PgkxUN0P3kM5wjUBS5lLJICgQVc1GG&AXpVLreCx9poTUEDmSkYGOH4sLsDuTavM3AzmZ5udoIs#iRD10"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-76-93.us-west-2.compute.internal (Varnish/7.3), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 17486
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R79%2FWo0rhnh40SbfB%2F7toXzARN%2FPRwrGn5I2yC%2FN2aPiyCx5uNDYILlWnrIyi%2BBoHYLrjJ6%2FH%2BDq1RFp3XGnbwEuSzooOZC2s2lXJuM0IBOkGLc%2B0lL4NPN7jacy9C4QXMVQXBms%2FY%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bc34960-MIA
timing-allow-origin: *
x-amz-cf-id: QAr4m7iKjkFwY07ng3QQW-lZ00_QJWj8PCTnIPrxNO4BcYkd-RIwQw==

GET
H2 200 product_img-(1).png
cld.accentuate.io/40540409888810/1686161926442/ 9 KB
10 KB 59ms
51ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40540409888810/1686161926442/product_img-(1).png?v=1689863017023&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f344726e53f2eb81248c299bb435bdfb43bd5aa69b99ca74e92433faefaabac1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 211361
x-back-cache: HIT
x-front-hits: 2
x-back-hits: 14
etag: "&spKLJJqYKm2pqnITATchQBshJaaqxmpokYyUpLykJKIChgwLRAMxY2xc1GO&AXoVPlahsPa0J&0tpcnMlI4McSw7rOJ9tku3DX99tkuJ9a##Yc"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 9700
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYAFK%2FU3AyvWFldqKfGgc2IMVxd1h%2B2JG1UyblQFyaQncfCQqWjh3JasTUug1iFDy9CBwpKYWSiwCfiAPBiZwVpixi7tPj4LA9%2FLPekQcFUT5ijJGxdYj818gf4O6FVB6VKePPQ5x6Y%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bc74960-MIA
timing-allow-origin: *
x-amz-cf-id: JCDhCcrbbVuApM-DRsTNXyFOmXIRcUnRlGSfHDaUbaxcOhryxytcCA==

GET
H2 200 PP_product_thumb_img_hover.jpg
cld.accentuate.io/40540409888810/1686161934164/ 35 KB
35 KB 95ms
87ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40540409888810/1686161934164/PP_product_thumb_img_hover.jpg?v=1686161934164&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4befd2c080c534f5e203fbbd2cfed944995be2fb028fae513fc9563369910387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 37342
x-back-cache: HIT
x-front-hits: 2
x-back-hits: 4
etag: "SCCi2RQ4BZKIagoARjOYul5lZz68pEhkuiEkmYnOi&hrmv4qpvABQkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVp"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:23 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 d09facc1a33a23ae0ece49f16f368ae6.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, DFW57-P4
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 35660
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAhk4UlanvdnXSYmPIx0Wl3Dw63QL4PycnkE%2BjsPIdOMj8Q6yXAdM2esuvsBt2LusYTq8Qo4YS%2F9RyIr4dnkJt1UF2VXYsudfgjNgsknlMWZruMmCfRwfu1sWCNCdr4zjzbmjklH0Yw%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39a7bc94960-MIA
timing-allow-origin: *
x-amz-cf-id: GYoqyh5AWLsE3nulP2L78q-Qcs9tEhMKA2rI-AR5oW3fBoUw_MkcUw==

GET
H2 200 klaviyo.js
static.klaviyo.com/onsite/js/ 2 KB
992 B 35ms
34ms Other
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac549f438a886eb4848aed56ce4bd0761598b3df30cb44c1b435a386bbc33357

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 179078
content-security-policy-report-only: object-src 'none'; script-src 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self'
x-cache: HIT, HIT
content-length: 919
x-served-by: cache-lga21933-LGA, cache-mia-kmia1760072-MIA
server: nginx
x-timer: S1695022284.919398,VS0,VE0
etag: W/"fffac71281a68fa656bef3f60b5319d5"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 2

GET
H2 200 session Show response
shop.app/pay/ 18 B
2 KB 169ms
83ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1&token=cc56a0ec-b2d0-4fcb-b3d8-f70fb2245fa7&shop_id=21814481

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-f8806e35f2de3394be61626ed5f549133eacc5c8f6e034e2231f1ef12f7d162e.js?v=20220906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors admin.shopify.com https: .myshopify.com admin.shopify.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=48.999786
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-frame-options: DENY
x-robots-tag: noindex
date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block
x-request-id: 6c1e5e8d-e8bb-4676-9226-a1cd76b7edd7
x-runtime: 0.004004
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4I3WjQhdCbLRMwDLOYLHd6thdjgjlDJfhyHpryZwUptpxhJXOscx9Aq10avu82a66uM4UqCBaCVHg2kaKA7bPpe8HQmNHK5ozN0EgkzuvnvrzvEofuSjTo4z"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39b4f1c3371-MIA
x-sorting-hat-podid: -1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/ 402 KB
96 KB 46ms
46ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0jjE9bRWjdK9YwiQScw/ZQ==
age: 43480
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98329
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:10 GMT
server: cloudflare
etag: 0x8DB1098882046FE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0a72193a-b01e-010f-04e1-5a7345000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8087e39afa01b3d7-MIA

GET
H2 200 fender_analytics.fd00ab6dfd32f7c922f4.js Show response
static-tracking.klaviyo.com/onsite/js/ 29 KB
12 KB 124ms
35ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.fd00ab6dfd32f7c922f4.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d7d7fbc9d6932a2d423e0bd2f23a926bda23d03a6e254349e628e9afce843d0

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: xeyOSTSOPOiFQX7JpVkPO911sqkDb3NC
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 18 Sep 2023 07:31:24 GMT
x-amz-request-id: M4A8M1RTM12DY1D1
age: 179079
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11311
x-amz-id-2: UnpmnjHDYz28evAcEQDR97Eau0a021zgYsQG+UcWp2hx08aI+u/9mUXtsiWPyN++YGMHiuwLptr0FCqEfw1uoQ==
x-served-by: cache-lga21947-LGA, cache-mia-kmia1760088-MIA
last-modified: Thu, 17 Aug 2023 00:52:08 GMT
server: AmazonS3
etag: "18ff949d863f8737135da84c786c7b92"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: fc9329d052237ae70bd65c86fdfb8e82e8fc66d4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 9, 96024

GET
H2 200 static.094d93e3bce6bc538156.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 124ms
36ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.094d93e3bce6bc538156.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9ac76703fca894ec4e2f5b14034a6089bf643d613e30242d10614b83d20c1a1

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: q96S7ggJ6gtLLn25vWp2SM15fVOomOGj
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 18 Sep 2023 07:31:24 GMT
x-amz-request-id: M4A6B515SHE3AJC5
age: 179079
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 981
x-amz-id-2: hOgx1lgRK0iPFKBo+WzsVipdXIQeTZXfhJiuiVbS5BVp0+3yZYEdQl1ra25oe7zdDLaHYPu/5hY=
x-served-by: cache-lga21954-LGA, cache-mia-kmia1760088-MIA
last-modified: Thu, 17 Aug 2023 00:52:08 GMT
server: AmazonS3
etag: "8c77403047f3eb44a85f28a9d7e04eae"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: fc9329d052237ae70bd65c86fdfb8e82e8fc66d4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 8, 97423

GET
H2 200 runtime.0172d484f0c70cfb4ee0.js Show response
static.klaviyo.com/onsite/js/ 19 KB
8 KB 105ms
35ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.0172d484f0c70cfb4ee0.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc3009e597b953aa561a945d045d45393ec17125ef5545324b17c5d89935049d

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: IGBBheHGDCIEE.sXs8qgK2xTdGI6wItr
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 18 Sep 2023 07:31:24 GMT
x-amz-request-id: QAB5KVK4XA3QZ3BT
age: 179079
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8063
x-amz-id-2: mj75JF4J65wzf2GxXPk6pUtSJWh6dpmj82qPMtCTKBDzXgKDNRqaMJ9IhvljDyeJtaaTwGRi1B4=
x-served-by: cache-lga13624-LGA, cache-mia-kmia1760039-MIA
last-modified: Thu, 14 Sep 2023 14:05:05 GMT
server: AmazonS3
etag: "91e327bc7f311f9bbc2d43e0e18ff38b"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 467a1426c59165c36e6f4ff5f62b7f102962d4a5
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 8, 108865

GET
H2 200 sharedUtils.96a9cbe24767f6d3da31.js Show response
static.klaviyo.com/onsite/js/ 42 KB
16 KB 108ms
37ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.96a9cbe24767f6d3da31.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678dfdbfaf5cd8d3e687b2ca1e805f56fab244e4c1a52d354b7ef4ad632d1b58

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 6tRZdKQpdZ0sjqcj.gZU2Gy52n_r6VqI
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 18 Sep 2023 07:31:24 GMT
x-amz-request-id: KTSRVWEEGA7FR9AX
age: 179079
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 16417
x-amz-id-2: ZGF+zIevswsxwVmM2QJ6qOGMG5Yh3GV+myO663qMhPKphfoWyRu9DGGYyyfaceyRwbtj4XGmDH4=
x-served-by: cache-lga21943-LGA, cache-mia-kmia1760039-MIA
last-modified: Thu, 07 Sep 2023 18:50:13 GMT
server: AmazonS3
etag: "041ad6fd54c82a132f87f3bd9371fe0e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 04621d02bd9b88409281ede70a4a90816a1d07c0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 65, 104358

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 125 KB
42 KB 78ms
78ms Script
application/javascript 2600:9000:21da:200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/hero/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78d652236c11f0b7d7d6dd7f0669240bd4e38b37c0d971e93c9d4626d6df3c81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 0YhFrnn6xx4vwD96YWAgWErXbtF5BqA9
content-encoding: gzip
via: 1.1 4e4f8ee4f88ce6711f13846e91140c60.cloudfront.net (CloudFront)
date: Mon, 18 Sep 2023 07:28:15 GMT
x-amz-cf-pop: EWR53-C1
age: 190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 11 Sep 2023 13:00:23 GMT
server: AmazonS3
etag: W/"97d1c634f161202de19096d3a577a4b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: vSCaqzhTudbr_foprZtZQ-EsCPlt3VupZ-SROwEfRhOUDhPV0nc2rQ==

GET
H3 200 consent-tracking-api.js Show response
www.herocosmetics.us/cdn/shopifycloud/consent-tracking-api/v0.1/ 13 KB
5 KB 45ms
44ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/storefront/load_feature-e603cd7e9de65fb8a26619a69c44d7e62f2a6c96ec2c3702c5f4ecf5dac82419.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

728731c7a039773b25702c0acb4ce65bbd32c27d78bde5b13ecb46a1cf902cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1253
content-encoding: br
server-timing: imagery;dur=22.331, imageryFetch;dur=21.387, cfRequestDuration;dur=7.999897
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7d8514c1-e63a-4e11-a492-a71ae0219d68
last-modified: Mon, 18 Sep 2023 06:44:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og1HKvmdgC9%2BGJskfApmaUYxn3EhE%2F9t2Re%2BYBEKscp%2BhsXH1Q79JEOvAP4YOCI1dLvCkgAg4hYOpZm02DPbcNMd8Z8jvkLLVXyweJ3Rlu%2Bl2hlmgC6xxmxiWJfWv736g7Y6tmPS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 8087e39b9a8c0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid: -1

POST
H2 200 shopify-event.gif
ssapi.herocosmetics.us/ 0
0 281ms
180ms Fetch
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/shopify-event.gif?source_url=https%253A%252F%252Fwww.herocosmetics.us%252F
Requested by: Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: application/json
Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
server: Google Frontend
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: a1675cb541a2c757af3e157f9b43e8a4
access-control-allow-headers: *
content-length: 0

GET
H3 200 cart.js Show response
www.herocosmetics.us/ 283 B
2 KB 88ms
87ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.js?v=1695022284127

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c651c11d40283365f88890125c5835c5cc6d3e6578ca3c71dbf68b98ad26dbf8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=13, db;dur=3, asn;desc="9009", edge;desc="MIA", country;desc="US", servedBy;desc="mmgh", requestID;desc="7d69e95a-2d83-41d9-836b-374ab20cf8d5", cfRequestDuration;dur=52.000046
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 7d69e95a-2d83-41d9-836b-374ab20cf8d5
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z21HkPlt93G90hF7bgXpBwJPxm4b31%2FT4k7mVnh9hGgnSNCm62SyRcwolx4rSdq1Gn%2BJD6u7BFC6RSgdaQO6MLClzxrz%2BwASFZpFUoDNnJpYjRJ%2F09xNbBCcPZ%2BIEipaXSvPWjfZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 8087e39beaa50318-MIA
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

GET
H3 200 / Show response
www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-custom-pixel@0559/sandbox/modern/ Frame 28B6 39 KB
17 KB 47ms
46ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-custom-pixel@0559/sandbox/modern/

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/wpm/b807df045w36eb870bp858e4efdm07092c7am.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6d2f0e4202b79fd97d5a39fc0443cb3cd0dbe2a356162045afe8b50fe216b1c9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 205672
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: HIT
cf-ray: 8087e39c0aac0318-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Mon, 18 Sep 2023 07:31:24 GMT
etag: W/"cacheable:b4a7d75d282ea62d4bd7ed4a02183e36"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfCeEH%2Fr8PJUzH9iGTJX%2BFECcXiwn6npyymxdGn%2FGHysWJFZPlZ%2B1kWbTAVsiovUVl5jqOb2tAWHf6et%2B3LD7ziwYJnI5RoXWvE%2B0NDk%2Bk5tqMP6c77g%2B0UpTQQCOftAklfr28PZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=14, db;dur=4, asn;desc="29871", edge;desc="ATL", country;desc="US", theme;desc="124793159722", servedBy;desc="7l8n", requestID;desc="5de24ad7-a038-4c27-a6e6-313856d4f6ec" cfRequestDuration;dur=10.999918, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 5de24ad7-a038-4c27-a6e6-313856d4f6ec
x-robots-tag: noindex, nofollow
x-shardid: 41
x-shopid: 21814481
x-shopify-stage: production
x-sorting-hat-podid: 41
x-sorting-hat-shopid: 21814481
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
731 B 59ms
58ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.999763
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: b48ab1f5-e7eb-4ec1-adc0-137ef7ae4d7a
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDZ1AQxY9mElOoBLo0Poi%2ByatGPnucgJdeICJj8m6TNzN8BCMeqpnlSWyNVuSWRJ7kMBI%2Brt7VM3NiMt2iY4QjEDYCz8W5qLla6Kc77ncMkwmuQOfltgQprYqQfb5Ok605JO0YYl"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8087e39c1ab80318-MIA

GET
H3 200 s-announcement-bar.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 3 KB
2 KB 48ms
48ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/s-announcement-bar.js?v=145447303840213598461694645148

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c9a7548ccdc127f7e22710f448a4fce37221c4098b62866905b5f13722eba147

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271855
content-encoding: br
server-timing: imagery;dur=63.435, imageryFetch;dur=61.458, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 484f2c31-1a8b-4eb3-adf4-d23ec4af79d2
last-modified: Fri, 15 Sep 2023 04:00:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAuEfIFQk5bpxixB%2B6OCFcKgMXAwoOdkArT%2BpnVlg2E1TwKB9Ucvbk%2BeYCAgCT8yj%2FvTVw7EdbAT76ftQHAn5zTnysD3XsJfMNggO9ZA%2BiPfRDaEsmiZCRshDQL8VIxo6kpiyiAs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39c2aba0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/s-announcement-bar.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 section-header-nav.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 14 KB
4 KB 47ms
47ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/section-header-nav.js?v=13331785384121992661694645163

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

be4eba09307653097e66b55721c45bc9a4299cfdcbaff59ce5137c93d9d87e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 271855
content-encoding: br
server-timing: imagery;dur=91.926, imageryFetch;dur=89.222, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: ff6093b2-ff9b-4fa7-b04f-22135881d415
last-modified: Fri, 15 Sep 2023 04:00:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zLiQqGcKUhFDWGVZGY8opYfAYLImyYeyZPSj3uV3gUo9xnMZXtvhF0Tvih7krrajUNsze%2F8dpAFhvnlQh01RSOZbfFUPBHiLVgo7XKbIuwn4Pd0ow41V0YGFg6VAj7JpnFR6uwS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39c2abb0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/section-header-nav.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H3 200 section-header-search.js Show response
www.herocosmetics.us/cdn/shop/t/230/assets/ 10 KB
3 KB 45ms
45ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/section-header-search.js?v=98202038621640715041694645163

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

65b49da2f9c1c5bc0e790c9af18e8718c98afe3db2ab1a77bb6546f399290c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 271855
content-encoding: br
server-timing: imagery;dur=45.663, imageryFetch;dur=43.624, cfRequestDuration;dur=7.999897
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: adc50286-26bd-4c86-9997-0f927b923fdd
last-modified: Fri, 15 Sep 2023 04:00:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP720TIRym6oa%2F3aofRCn5LwxltlvavfaWlWWQ7tZwstJ20hGiRGv0IyiMBchojdVbkWJCLt1IuPEAhcexj%2F9wGJvNIMdvcfvr2dGFDk06jOBABbZlf7kxJd2vycujde%2FfcbrP9N"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 8087e39c2abd0318-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/2181/4481/t/230/assets/section-header-search.js>; rel="canonical"
x-sorting-hat-podid: 41

GET
H2 200 bundle.js Show response
cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2023-09-12_08-37-14/ 47 KB
15 KB 76ms
75ms Script
text/javascript 2600:141b:13:7a1::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2023-09-12_08-37-14/bundle.js
Requested by: Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/A19H8vTS9KoU0V2U-uthxg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a1::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0eb59dfca4c7d7dc3cdc4a5bb5a90a9911c73e70b849235d091a2a5a43b59a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: vilQqnoJ19jfqtevXBPX76AhdLD06pvu
content-encoding: gzip
date: Mon, 18 Sep 2023 07:31:24 GMT
x-amz-request-id: JP9T2HPQMJ2CAS9A
x-amz-server-side-encryption: AES256
content-length: 14969
x-amz-id-2: 08Lu0aEPpRRH2zRCdx4kKGpE93HkpTuBUJM+JqFdopbsj6f08A/MwiedBR59hLPPSFL+cBqnys4=
last-modified: Tue, 12 Sep 2023 08:37:16 GMT
server: AmazonS3
etag: "f6793186cdfe1fc13738a863f118da9d"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 17 Sep 2024 07:31:24 GMT

GET
H2 200 app.v0.5.4-5056.js Show response
cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/ 36 KB
12 KB 93ms
93ms Script
application/javascript 2600:141b:13:7a1::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widgetsrepository.yotpo.com/widget-assets/widgets-initializer/app.v0.5.4-5056.js
Requested by: Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/A19H8vTS9KoU0V2U-uthxg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a1::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 864bb06e08df0914133d2b094ffdda58aba6f140718e4116c8e6ca7d61a3c13b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: PYQGLfgLhwAY8y1liRsVGu01w4fgIW_W
content-encoding: gzip
date: Mon, 18 Sep 2023 07:31:24 GMT
x-amz-request-id: 4J9STE95SJCCYMT8
x-amz-server-side-encryption: AES256
content-length: 11268
x-amz-id-2: l7tKm5iXbDhb/dMLO8WPaUDOGcc0WTGNuJ9SiyE18MuCRPAfd9oL24scncqm2gPUrqbf59PFN8o=
last-modified: Wed, 13 Sep 2023 14:19:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1694614766/ctime:1694614766/gid:117/gname:jenkins/md5:b6719c0ee3d5caca737d2eb25ac30181/mode:33188/mtime:1694614766/uid:110/uname:jenkins
etag: "b6719c0ee3d5caca737d2eb25ac30181"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 17 Sep 2024 07:31:24 GMT

GET
H3 200 worker.modern.js
www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-app-pixel@0559/sandbox/ 39 KB
17 KB 45ms
44ms Other
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-app-pixel@0559/sandbox/worker.modern.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7b25341cb1cb9cc5963b61183e03057ef8aea8c5323b46d97efd9441a2724d23

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
age: 207066
server-timing: processing;dur=21, db;dur=10, asn;desc="19331", edge;desc="ATL", country;desc="US", servedBy;desc="rjdn", requestID;desc="f7c8ac84-0709-4b3f-a7aa-843142492655", cfRequestDuration;dur=7.999897
x-sorting-hat-shopid: 21814481
x-shardid: 41
x-storefront-renderer-rendered: 1
etag: W/"cacheable:71b86bdc3112f6f29b55e36f4baacefd"
x-shopid: 21814481
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en-US
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
x-cache: miss
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f7c8ac84-0709-4b3f-a7aa-843142492655
x-shopify-stage: production
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2vDHneMkV7oDel7Xd6D8D18sPxk4ZLl1vdT24cJhLZuASAXGt2tcpRXTWJW0P4TTOFeuBOszHPpBWIXX3kaCz1ShJnSgVSXuk5U1ValJIIYtgrusT9B3x%2Fk8qOrhwlE47e1QRki"}],"group":"cf-nel","max_age":604800}
cf-ray: 8087e39c4acc0318-MIA
x-sorting-hat-podid: 41

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 223ms
68ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Sep 2023 07:31:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: 8Gwi4EeCMIcCxYUN9eqiam2cCaNz6W7khUeGMkuE//LfMUu09M5D3p72iepG70QSExugzAjkh3HsWJ2KNoKXHA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 246ms
91ms Script
application/javascript 23.49.248.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 30a43d41cdcf85ed7cc1cd9303ff7bddbc09542e6fca67692eaa7a320f75c641

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 2a655482.1fb85ec2
date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-203.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
x-parent-response-time: 17,23.40.19.203
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=8, inner; dur=3
content-length: 1678
pragma: no-cache
server: nginx
x-tt-logid: 20230918073124B44AC358210FE220EDA1
x-cache-remote: TCP_MISS from a23-46-239-77.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.46.239.77
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19b56fbd8f831307d0658db92df94a24c5796c8e543b5161fcfb33f117b13cd0107113846cc6be2fcace53e8607231a9caace4b7a8a76158e05d8e1f9e183cdd1f6f32ec9023182ea64caf0e0a461ab60d4a6a76a96a819fbb93f50c62c33fa490
expires: Mon, 18 Sep 2023 07:31:24 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1867cdf6-9f68-4218-add3-eb13394b9138/2a37bcac-c35d-428d-b5fe-85a0a215829e/ 63 KB
15 KB 53ms
53ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1867cdf6-9f68-4218-add3-eb13394b9138/2a37bcac-c35d-428d-b5fe-85a0a215829e/en.json

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7006f89b5456537765a7a8b2a8f6c70776d02a6fb594b61d0e05227fb7b09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 38505
content-md5: gvb6KlSJAFrxXstqYiVKHg==
content-length: 15475
x-ms-lease-status: unlocked
last-modified: Fri, 10 Feb 2023 21:50:19 GMT
server: cloudflare
etag: 0x8DB0BB0CDE697E4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d3f550f3-b01e-0088-60e1-5a603f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8087e39c8f232604-MIA
expires: Tue, 19 Sep 2023 07:31:24 GMT

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
735 B 64ms
63ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.999950
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: 92f2a79f-e7ed-49c8-a156-bbc5a67448a6
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvUDJVKhOaf1cU1spv%2BKeQjF58AxIZZ9DK79z1GNfsVVbvOlE%2BWUMYJVJZK0H5yRWSNdeu%2BOsc0wsvIYYl7t1dpKwFF68hWrdLVoTb54XNlcz%2Bcfi2ufZQ8CXPRJpWskHTdI0dTw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8087e39caae30318-MIA

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
734 B 58ms
57ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.999836
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: 2193b613-b234-4d29-995d-374d77c007ae
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6XX5nePCxqORtO4eB5XZA6nmauR7cDAdoN7cu7LJtIj4l31p8FhP%2B0R3QGQ4C4tXEl9%2FojNq0hK%2FbK%2BK2AeV29dQUyla6LY2Ivt8sC%2FYlW1KV5b7F5zrzi6XHWFqSQ02BS90nd3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8087e39caae50318-MIA

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
734 B 61ms
60ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/s/trekkie.storefront.b31f2032c0d69b240cfbd23a96457e984a0bbbac.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: 56756226-634d-4ddb-8ed8-c121501276a3
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZd%2Fsl%2FrdkSe5VfFXW3mTMmTXs3910wdKnnXjOtao9PDi7MThjGxiNnldedXEasUjY9j%2FwzEnqjhnQQChl1yIo9ueCCAE6JMNuHf9abTOO8EiEDx%2FkmDTwf109xpSo04k8UbxwfU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8087e39caae60318-MIA

GET
H2 200 analytics.js Show response
ssapi.herocosmetics.us/ 52 KB
23 KB 311ms
311ms Script
text/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssapi.herocosmetics.us/analytics.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 0b80cbf1b25b6587d127572d92a2981f
cache-control: public, max-age=7200
content-length: 23687
expires: Mon, 18 Sep 2023 09:30:39 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 38 KB
17 KB 235ms
92ms Script
application/javascript 13.225.63.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-247.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 28be27d04ce0ebac3fcd2862aa85bd45139b448cfa41647480b6a9f0180289e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
via: 1.1 959ac13ef19fa38a0d3684985f996ffc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16452
x-amz-cf-id: Hf0TLAvJ9HqLBy8psiaNNQvSG_Due7I91u_G2KBvAmG6GixyIpzxYA==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1022 B 35ms
34ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac549f438a886eb4848aed56ce4bd0761598b3df30cb44c1b435a386bbc33357

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 179079
content-security-policy-report-only: object-src 'none'; script-src 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self'
x-cache: HIT, HIT
content-length: 919
x-served-by: cache-lga21933-LGA, cache-mia-kmia1760072-MIA
server: nginx
x-timer: S1695022284.314955,VS0,VE0
etag: W/"fffac71281a68fa656bef3f60b5319d5"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 232ms
92ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c&sign=70516ecb51ad0c6d30135d26fd9c06d331625dbc9b07239a8ffcea2c1dffed0c_20230918

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e765c270288c713886f8b26b862eb40acbcabc0bb3a349aa02d3fa82225f5602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Sep 2023 07:31:24 GMT

GET
H2 200 8804d440-d9dd-11eb-b8bc-0242ac130003
pixel.streetmetrics.io/pixel/ 44 B
44 B 474ms
384ms Image
image/gif 2606:4700:3031::6815:267e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.streetmetrics.io/pixel/8804d440-d9dd-11eb-b8bc-0242ac130003?gtmcb=833191674

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:267e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaJwe1WcHMiEZRzwHfxyvg5h9rl9pMA%2FedHeYMJf86p8YJCN7r8MbuhZKPs1HG2oQ8iO8E1mIaajnyTEA4quckOietgWp7EQJHiq%2B%2F7kdVyVniWcCGaX48pdh8Sde9id2FSC6pXotvwqaXCeiylLxn7u1vtT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 8087e39d8f6925b8-MIA

GET
H3 200 cart.json Show response
www.herocosmetics.us/ 283 B
805 B 66ms
64ms Fetch
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.json

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c651c11d40283365f88890125c5835c5cc6d3e6578ca3c71dbf68b98ad26dbf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1
server-timing: cfRequestDuration;dur=28.000116
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9916b62a-c26a-4cc9-9a37-7cfc69015118
x-sorting-hat-shopid: 21814481
x-storefront-renderer-rendered: 1
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBZayG68hJ%2FwzgtxY7CfyB9kmgm1UqCTzhwuVsD0FZts%2BMBU2ZAxoD6HYuab57YrtIOzhgAKZDbqwBurZOA96rszYWfSBFxJDXwUBsZcstVf03ELVZFe8aJPnrTz4%2BiAN5wGfX9K"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store
cf-ray: 8087e39d2b090318-MIA
x-sorting-hat-podid: 41

GET
H2 200 / Show response
hero.attn.tv/d/ 5 B
266 B 247ms
141ms Fetch
application/json 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/d/?attn_vid=af886addd5d044db87dcfee03d966a33
Requested by: Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 8087e39dddc4db0d-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
249 B 178ms
83ms Ping
image/png 172.64.148.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.25.14_058360bd64&pd=https%3A%2F%2Fwww.herocosmetics.us%2F&u=af886addd5d044db87dcfee03d966a33&c=hero&ceid=_ou&lt=1695022284326&tag=modern&cs=1662344506&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1695022284334
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-expose-headers: Set-Cookie, X-Count, X-Token
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
cf-ray: 8087e39ddbe1db01-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 redemption_options Show response
loyalty.yotpo.com/api/v2/ 4 KB
2 KB 264ms
105ms XHR
application/json 3.233.195.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://loyalty.yotpo.com/api/v2/redemption_options?guid=A19H8vTS9KoU0V2U-uthxg&api_key=4QPV4PDV540793TlWEIItQtt

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.195.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-195-186.compute-1.amazonaws.com

Software

Resource Hash

061f86a77efbb5c2d49cc096ce3237c978f675a675379c28296f41fe0967318f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
ratelimit-reset: 36
via: kong/2.1.4
x-permitted-cross-domain-policies: none
x-kong-proxy-latency: 3
x-ratelimit-limit-minute: 300
x-kong-upstream-latency: 41
x-ratelimit-remaining-minute: 298
ratelimit-limit: 300
x-xss-protection: 1; mode=block
x-request-id: 1b6917484a9afddeffa4f5a15c15db75
x-runtime: 0.035507
referrer-policy: strict-origin
correlation-id: 4fc70842-a1e1-47e3-bc10-99ed18f0dbdb
etag: W/"061f86a77efbb5c2d49cc096ce3237c9"
x-download-options: noopen
access-control-max-age: 7200
x-frame-options: ALLOWALL
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD, PATCH
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers
vary: Accept-Encoding, Origin
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-merchant-id,x-user-email,x-user-id,x-user-token,x-utoken,x-yotpo-token,authority,x-app-key,x-shopify-authorization,x-introspection-authenticated,x-customer-email,x-customer-store-account-id,x-customer-token,sentry-trace,baggage
ratelimit-remaining: 298

POST
H3 200 set_tracking_consent.json Show response
www.herocosmetics.us/ 2 B
3 KB 189ms
188ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/set_tracking_consent.json

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=a04bc3ee-7317-4a8c-b9fb-69d447ef6f7e
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=a04bc3ee-7317-4a8c-b9fb-69d447ef6f7e

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=a04bc3ee-7317-4a8c-b9fb-69d447ef6f7e
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=83, cfRequestDuration;dur=152.999878
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=a04bc3ee-7317-4a8c-b9fb-69d447ef6f7e
x-sorting-hat-shopid: 21814481
x-shopify-generated-cart-token: adc3f317b6fba1fbfd146e30d5f963d9
x-request-id: a04bc3ee-7317-4a8c-b9fb-69d447ef6f7e
x-shardid: 41
x-shopify-stage: canary
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW8FeyW8XULxhLRiU1BQ1OPPT4TCC5ep%2F4FtJWK%2BCA%2BFZL4qFCmN6KW5pt119mhQVubtVOdokEoD5MhCNLo6S6LlLf39yoHcs6l36uSRvrh653Z2AFakLU3EdrdPDU7Vd9hrXcKQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
content-language: en-US
x-download-options: noopen
cf-ray: 8087e39d4b110318-MIA
x-liquid-rendered-at: 2023-09-18T07:31:24.462984222Z
x-sorting-hat-podid: 41

GET
H2 200 hero.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
384 B 83ms
83ms Script
text/javascript 2600:9000:21da:200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/hero.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 4e4f8ee4f88ce6711f13846e91140c60.cloudfront.net (CloudFront)
date: Sun, 17 Sep 2023 12:24:10 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 68834
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: l3Htnyzt2-PyBqlHJedpTS8IcSXppqca0s7NI5p4yxeJQzWBXSOHDg==

GET
H2 200 BestofBeauty_2020_RGB.svg
cld.accentuate.io/11723218878506/1639075221218/ 15 KB
6 KB 54ms
52ms Image
image/svg+xml 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/11723218878506/1639075221218/BestofBeauty_2020_RGB.svg?v=0&options=w_96,h_96
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbbd0772eda291e13d714b63c76011a05b1a830ee633732e379b487cb076dd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Sep 2022 18:46:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 831736
etag: W/"3f1b2974776a4506a81508945086165d-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j1rQw07VDt3es2QNBdXI3GpwRq5f1%2FWlNTB7Tq3GSmNrfmy35OamGyiouay78kN0Wx1f6wu0b0mYlQBIuH7Jn%2Bw2CGN6d7S3r0lXgStCtKzyIAlRlaColn3X3ycxUEvAf%2FEQCVzwaSIgUbkr%2Fnf"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 8087e39dbcfb4960-MIA

GET
H2 200 BZR_Beauty-Icon_2022.png
cld.accentuate.io/11723218878506/1680288965722/ 4 KB
5 KB 50ms
48ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/11723218878506/1680288965722/BZR_Beauty-Icon_2022.png?v=1680288965723&options=w_96,h_96
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed8de3329d64e5adcd14e13e79acfb217c0d8d42ea52321627bbebd848eeb18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 895673
x-back-cache: MISS
x-front-hits: 0
x-back-hits: 0
etag: "SCCi2hU4AIGICQoARPBgqnGemYHCmhekhpoloUFWmGWkegFoIkABQkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVp"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: MISS
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 ip-10-202-84-4.eu-west-2.compute.internal (Varnish/7.3), 1.1 87073b814162adabb8231b787e1902c2.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P2, MAD56-P4
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 4120
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpU5OInUwqiksUl34vOMKEKaGb%2Fmz0MCR9Ch8%2Bph19UR80%2Fh%2BwnOftsq3x80BiKq2x1z8WKh8G0XnZusC0fdmi%2FXFpmFb%2BrUxnuHlXvcz688Rbvbltmbjrumcici6qaB5w403nT6Kcg%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=96x96
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39dbcfc4960-MIA
timing-allow-origin: *
x-amz-cf-id: 7PLHf5pMtsmYTQsxoq6zwIT8n6nJM7tnDQu8xmHrTnLGqo130ArRyA==

GET
H2 200 Product-Thumbnail---MPO-Hover.png
cld.accentuate.io/11723218878506/1639075564611/ 20 KB
20 KB 51ms
50ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/11723218878506/1639075564611/Product-Thumbnail---MPO-Hover.png?v=1681752654428&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227d07f49226139282f27a24f468a315b076188703f931edfb5d572a50a0a5d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 348505
x-back-cache: HIT
x-front-hits: 5
x-back-hits: 3
etag: "SCCi2hS4FJSIKkoAREBguo4gHcZdRUhopZ5SEwFDuOhnhdnv6DABgkAWc1GO&AngVflahsfd0JicxUgsw4xGP5Crz3hsZq5g67PsZ2aE5fyRFVp"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 ip-10-222-76-93.us-west-2.compute.internal (Varnish/7.3), 1.1 31d0f5402937d8e69db50160c44f0fc4.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, MIA3-P4
x-cache: Hit from cloudfront
x-twicpics-source: twicpics
content-length: 20010
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsqy5pwfkNKXQpBpoYZP0Bx703RkWinXT7nGJ9HpBjc8mgQsF%2F6KFHuHfFQ4y1uUZOzmmobgtEK2OXa1Yl4TjQp3iTKtttffWxgSx2GW4bWUuxnaD4dVEAaYnfAZCrGkDeD2Y1AmG6c%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39dbcfd4960-MIA
timing-allow-origin: *
x-amz-cf-id: 7KNrMx5AdSMQZ9fA4oVg9rkEBuwSEO1DppHKU5pCslHMbZG5zzIfcg==

GET
H2 200 Group-658.jpg
cld.accentuate.io/40383244435498/1662657776476/ 22 KB
22 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40383244435498/1662657776476/Group-658.jpg?v=1663041040757&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3763fd729200cb5cea470dd19d7fdf671c1b876a7fab31f4450d14f4276a911

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 639873
x-back-cache: HIT
x-front-hits: 5
x-back-hits: 7
etag: "0CuamEyMpKqyicEF0RBuAsjroDR4RC3zWB1JReQ0Q5FSXEpkNOkvoGg9k1GO&AXoVPlahsPZEJJ96Ro0KSm4sYGHVywN3t#b9EMOmEn7TvI2vlxD"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 1a66f1841a66beb1461c34f28edb09ee.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, NRT57-P1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 22172
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtnMliLBTocXVtjcohy1hU0e03ewfxgAR%2Fr4ElwWF8LsCIMHD%2FYUqm6wOY8ePPJMlrvZuOA%2FIldokQP37hS1cwqeqhHZOGFbmncOrnIe%2Bd3BWubxCM%2BFHIC6hsTQ9lZbrz6fIYjB8M4%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39dbcfe4960-MIA
timing-allow-origin: *
x-amz-cf-id: aGPMIPilMsN1CyTCQ__y3hPmd97ugHGdk6Mtzhg0xDYLHol7jcpozA==

GET
H2 200 MPN_hover_600x600.jpg
cld.accentuate.io/39709455155242/1643137965824/ 21 KB
22 KB 48ms
47ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/39709455155242/1643137965824/MPN_hover_600x600.jpg?v=0&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39af69428f9752c07f3de397b58445aa1d7d521f282cb1e1187bafd6c00363f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 1789287
x-back-cache: HIT
x-front-hits: 1
x-back-hits: 2
etag: "CCi2iS4ApKISkoARSKQRqnYH1FBqGSkaSoi5Tm2ZBScRoYB7VLUiSKAVk1GO&AngVflahsfd0JicxUgswZwGP5Crz3hsZq5g67PsZ2aE5fyRFVpS"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 ip-10-222-76-93.us-west-2.compute.internal (Varnish/7.3), 1.1 42f9f0e9bd0296c3bb45648019b2dce4.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, LAX3-C3
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 21392
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feaicgXXnapF77gFiOVaNCv1DEnuEb1oxYEX3P5hcK48pk9%2BAas7MB5BwNYDED8tjTSsI%2B2eGQ2wlTQ6%2BJKfrpQuEn95a4rh%2FitwIX85MrRV4R2P84b8YOs61M6PXOJWwiehL5OU8M0%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39dbd004960-MIA
timing-allow-origin: *
x-amz-cf-id: ee4gyE2iG48zeNd8IG-WYqG5hcPmPqCmskpwQKbhgfJn2Gkuztnn6A==

GET
H2 200 RBG_thumbnail_1000x1000_hover.jpg
cld.accentuate.io/39951665791018/1646111597314/ 19 KB
20 KB 52ms
51ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/39951665791018/1646111597314/RBG_thumbnail_1000x1000_hover.jpg?v=0&options=w_600,h_600
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6588cb83d1a63fa0ecea6d4702c7b5056cd80bfa62f7517f50957a6ac67bb635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 348505
x-back-cache: HIT
x-front-hits: 7
x-back-hits: 2
etag: "CCi2iV4A4KICQoAROKoeg4lFf5XimegSqZgpVHIqGmkeUYDYxLUiSKAVk1GO&AngVflahsfd0JicxUgswZwGP5Crz3hsZq5g67PsZ2aE5fyRFVpS"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 ip-10-222-76-93.us-west-2.compute.internal (Varnish/7.3), 1.1 af3ea41614ebc7f37ef3e45409fe5d98.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, ATL56-C1
x-cache: Hit from cloudfront
x-twicpics-source: twicpics
content-length: 19790
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnCeprC%2FJi8u7n5utiVBiUY91QhESoObg3K1z0l1%2BvWhQTLIpn0Y8yar9rxPmh5aKziQCihrMAWYNqaJpaCWKHEipAKZTR7zU76Qc8W%2B8HJd5Jrc81BDPZRrlP2VLwmmIhWCt1ZAxT8%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e39dbd014960-MIA
timing-allow-origin: *
x-amz-cf-id: wVM-ZdrTVtQ490jEJcXil6srGwqbH8yPki-V48OmGPu3N5HW2ylAPg==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 13 KB
3 KB 46ms
45ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otFlat.json

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3YDDoBc0IBtk+QRvdtiJyg==
age: 73508
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:03 GMT
server: cloudflare
etag: 0x8DB109883FA6606
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2a5f95d4-601e-00e7-0db8-a5c8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8087e39ddffa2604-MIA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 62 KB
15 KB 44ms
43ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otPcCenter.json

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jrvDF4hzrY2HZpgxWknk0A==
age: 42390
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14749
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:04 GMT
server: cloudflare
etag: 0x8DB109884565BA0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ee38e5e4-a01e-003d-2fe1-5a6dc0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8087e39ddffd2604-MIA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 21 KB
4 KB 45ms
44ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCommonStyles.css

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 42390
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0de875e3-d01e-0039-49e1-5a9842000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8087e39ddffe2604-MIA

GET
H2 200 main.MTE1ODM4MDNhMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
102 KB 73ms
72ms Script
application/javascript 23.49.248.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE1ODM4MDNhMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R434VBHJVP7P6R4110&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aab88c6b39efbcaa8c0ad0a260b54bc46fb8277662af5ae8695b2498955840b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 1fb85ec5
date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907110724BDE14B5CB7BA7985757A
vary: Accept-Encoding
x-cache: TCP_HIT from a23-40-19-203.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019b755f3c8f16833570a0cbff4d6cdeeeccb6cd5de61270c5fc64a4e1dbae38d169076548a4e8e5bcc5fff05e9d891364004b59a3bd22f5ac2cdf87c6014f99dc9517fc7d9701a01b5e929d52f92c1236f3f03311831342e8bc15bb9a2e95fcbb
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=15
content-length: 103681

POST
H2 200 unrenderedCreative Show response
hero.attn.tv/ 11 KB
3 KB 152ms
152ms Fetch
application/json 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/unrenderedCreative?v=4.25.14&r=&id=af886addd5d044db87dcfee03d966a33&pv=1&l=https%3A%2F%2Fwww.herocosmetics.us%2F&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by: Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29da05b511bb796959ae318b9ec916a59f64e3af29e775b21d65a8b06dd5b52

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 14
cf-ray: 8087e39e3deddb0d-MIA
alt-svc: h3=":443"; ma=86400

POST
H3 200 set_tracking_consent.json Show response
www.herocosmetics.us/ 2 B
3 KB 248ms
248ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/set_tracking_consent.json

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=497c16cd-c59d-423a-b24a-1761e312d683
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=497c16cd-c59d-423a-b24a-1761e312d683

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=497c16cd-c59d-423a-b24a-1761e312d683
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=136, cfRequestDuration;dur=212.000132
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=set_tracking_consent&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=497c16cd-c59d-423a-b24a-1761e312d683
x-sorting-hat-shopid: 21814481
x-shopify-generated-cart-token: ff90944f3e330b193fd578a03eff27a3
x-request-id: 497c16cd-c59d-423a-b24a-1761e312d683
x-shardid: 41
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxHr2O5cikizTj8ZWjiiSBa5OqPyGbs0MqypOCZNzcUrbt6xIYj%2BV%2BKaQzuYqDI5oREQuzewqI03ZkdnwyJ9qjBvmnJ0Ac%2Fpqc0HatZOA25b%2FyFQaHRazEs4x8wmjtaeWpb2%2F2JO"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
content-language: en-US
x-download-options: noopen
cf-ray: 8087e39e8b6b0318-MIA
x-liquid-rendered-at: 2023-09-18T07:31:24.711654113Z
x-sorting-hat-podid: 41

GET
H2 200 Church_&_Dwight_logo.svg.png
cdn.cookielaw.org/logos/7d0a54b5-0170-4a32-9dea-c412dfabf292/81123796-f988-4638-9421-b9170d74556c/ 250 KB
250 KB 45ms
44ms Image
application/octet-stream 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/7d0a54b5-0170-4a32-9dea-c412dfabf292/81123796-f988-4638-9421-b9170d74556c/Church_&_Dwight_logo.svg.png

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0193c7ef24cb1231d427946b421a79fbbffb7b1594b87b7232a485911ae14cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BnKF9dwZQkC4r41PP0cE7A==
age: 60173
content-length: 255863
x-ms-lease-status: unlocked
last-modified: Thu, 06 Feb 2020 16:19:50 GMT
server: cloudflare
etag: 0x8D7AB20643AAE5B
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 0723a926-001e-0074-27e1-5a5ea0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8087e39e9c18b3d7-MIA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 43ms
43ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 79552
x-ms-lease-status: unlocked
last-modified: Fri, 15 Sep 2023 10:31:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e12b3eb4-e01e-008e-0bff-e7ef35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8087e39e9c1cb3d7-MIA

GET
H2 200 173724809895244 Show response
connect.facebook.net/signals/config/ 420 KB
115 KB 120ms
120ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173724809895244?v=2.9.127&r=stable&domain=www.herocosmetics.us

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f51d3686a1270d240a4e53ea183bd87eede1c4fad91fc0dad4ba687027c0b50

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Sep 2023 07:31:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: hwzCX71Ue4dZzi6uwiqqS67jmdpO1Rq6Qz90qPjYHJHsNyX0JjUfcoxhj0HdyvmA7e4nhXBB2XORc5U41BCNHw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0470dae7-028b-4609-a07a-65a3ee776aed.js Show response
tr.snapchat.com/config/us/ 167 B
466 B 166ms
86ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/us/0470dae7-028b-4609-a07a-65a3ee776aed.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d367634135eacdf6a6ebc4262c57f0e86d6f624f7fa545bc5e1d51877d0b14ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Origin: https://www.herocosmetics.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.herocosmetics.us
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 4A0D 672 B
759 B 183ms
109ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed&u_scsid=0f73db6c-1d96-4c05-a2bf-b2988f28bbb5&u_sclid=56dd26b4-6968-4927-b40a-ea204ae367bf

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html
date: Mon, 18 Sep 2023 07:31:24 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 22

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
741 B 68ms
68ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/wpm/b807df045w36eb870bp858e4efdm07092c7am.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: be44d789-6f36-4f7f-923b-15f7ec45bc1f
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2amMcVsJzWm84rbPwks4eMIz4Dj2sN2Jz9vQWBXhHBCOSm0W9%2BxoN%2BETp0KundkGj22o1Wv0nXVYuVI0WCH8m8xThRLOko%2BRhUpTnPvC1TrlTzisAXDe%2BeW%2B%2BYtsgn%2BNr%2BYSd89"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8087e39f3b980318-MIA

GET
H2

200

ga-audiences Show response
www.google.com/ads/
Redirect Chain

https://ssapi.herocosmetics.us/j/collect?v=1&_v=j101&aip=1&a=1866806145&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Pr...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-102753205-1&cid=272856543.1695022285&jid=1524817180&_gid=1073059079.1695022285&gjid=1998516869&_v=j101&z=180067776
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=272856543.1695022285&jid=1524817180&_v=j101&z=180067776

42 B
441 B

224ms
83ms

XHR
image/gif

2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=272856543.1695022285&jid=1524817180&_v=j101&z=180067776

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 18 Sep 2023 07:31:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-102753205-1&cid=272856543.1695022285&jid=1524817180&_v=j101&z=180067776
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 367
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
creatives.attn.tv/creatives-dynamic/multiPage/ Frame 217B 3 KB
2 KB 235ms
81ms Document
text/html 2600:9000:24f1:fe00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fe00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b5fcb6946305a44887ab276422d6aa1a245d8708f1527e29e597aaa3e9f9f3d

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html
date: Mon, 18 Sep 2023 07:31:25 GMT
etag: W/"928dbc4470c536174417581ea5b1ec2d"
last-modified: Mon, 11 Sep 2023 19:37:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
x-amz-cf-id: 3uX6qhoAdWJrn6_d3WcVDgx_d9kOXWpJXqquFVed2eSSqZ-RpdAscg==
x-amz-cf-pop: JFK50-P4
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: zCPD_Z5hn4aHO8CWctaQLTZxV44q897G
x-cache: RefreshHit from cloudfront

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 223ms
80ms Ping
text/plain 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D939QWJC76&gtm=45je39d0&_p=1866806145&_gaz=1&cid=272856543.1695022285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695022284&sct=1&seg=0&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&uid=cc56a0ec-b2d0-4fcb-b3d8-f70fb2245fa7&en=page_view&_fv=1&_ss=1&up.visitor_type=guest
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c&sign=70516ecb51ad0c6d30135d26fd9c06d331625dbc9b07239a8ffcea2c1dffed0c_20230918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 189ms
67ms Ping
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D939QWJC76&cid=272856543.1695022285&gtm=45je39d0&aip=1&uid=cc56a0ec-b2d0-4fcb-b3d8-f70fb2245fa7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D939QWJC76&l=dataLayer&cx=c&sign=70516ecb51ad0c6d30135d26fd9c06d331625dbc9b07239a8ffcea2c1dffed0c_20230918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 74ms
72ms Script
application/javascript 23.49.248.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE1ODM4MDNhMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-akamai-request-id: 1fb85ed1
date: Mon, 18 Sep 2023 07:31:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907110711396E2D244A277881F4C0
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-40-19-203.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019bce09cdace286a8cb6bb3fead61a26655d58e39f18d01fd645f9f0ff9e4a086dd2ce3642b90e93059a0daa50972600ba4cb511d8dd67cb22a0fcc2c1ac50e5d2d672d55db541f44e9c45e2d42bb9d2fcb73a97840703afecd1975847ccfb154
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 35721

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
646 B 114ms
112ms Ping
text/plain 23.49.248.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE1ODM4MDNhMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1fb85ed4
date: Mon, 18 Sep 2023 07:31:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-203.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=8, origin; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230918073124736D8C1B84659E29C097
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.40.19.203
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd195fac459e100c12cce74477c32aa5d27f4c270c29f412a86a6686abb0f7a7634442c00c0ba511c83174c0bfecf20a8b4df2ee60a3fec4393903d8ff6fca24e09ef743cfe069556e199d9def61f884f7c7
access-control-allow-headers: Authorization,*
expires: Mon, 18 Sep 2023 07:31:24 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 4A0D 38 KB
16 KB 72ms
72ms Script
application/javascript 13.225.63.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=0470dae7-028b-4609-a07a-65a3ee776aed&u_scsid=0f73db6c-1d96-4c05-a2bf-b2988f28bbb5&u_sclid=56dd26b4-6968-4927-b40a-ea204ae367bf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-247.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 28be27d04ce0ebac3fcd2862aa85bd45139b448cfa41647480b6a9f0180289e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:19:56 GMT
content-encoding: gzip
via: 1.1 959ac13ef19fa38a0d3684985f996ffc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-C1
age: 36688
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 16452
x-amz-cf-id: SLps7WUbnuUdszOUENYWGiAUg6Vc4Ujz_vItuns-h06Fccg2DwUSsw==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 214ms
67ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=PageView&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1695022284898&sw=1600&sh=1200&v=2.9.127&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1695022284895.2009900296&it=1695022284584&coo=false&eid=sh-a7338112-B53E-4654-0DC1-A9F1A1C88A19&rqm=GET

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Sep 2023 07:31:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 p
tr.snapchat.com/ 68 B
204 B 90ms
89ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Sep 2023 07:31:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 css
fonts.googleapis.com/ Frame 217B 2 KB
1016 B 224ms
84ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap

Requested by

Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c511c09faba45aa0a6ab6af0cf2cc2addca2151768a144790ca61f6202c9e82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 07:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 06:40:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 07:31:25 GMT

GET
H2 200 index-4ef848db.js Show response
creatives.attn.tv/creatives-dynamic/multiPage/assets/ Frame 217B 486 KB
164 KB 78ms
78ms Script
application/javascript 2600:9000:24f1:fe00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/assets/index-4ef848db.js
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fe00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0684c5f2441e430cf81f00869422b1f47677b5304a9c811ab060b803c762437

Request headers

Referer: https://creatives.attn.tv/
Origin: https://creatives.attn.tv
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:37:46 GMT
x-amz-version-id: x2Hx6tcUWzbqwHi1U_tpSbGUDF0dWJiW
content-encoding: gzip
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 561219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 11 Sep 2023 19:37:46 GMT
server: AmazonS3
etag: W/"babd4cfc6f75d5010ebf44c53c7374d3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: tdX-2kOtWBeDy_bQRhJuoCKkx9F6TwyFPQqk8rZn-VHAgl81nHEc-w==

POST
H3 200 hm
tr.snapchat.com/ 68 B
89 B 89ms
88ms Ping
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/hm

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/json
access-control-allow-origin: https://www.herocosmetics.us
cache-control: no-cache, no-transform
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

OPTIONS
H2 200 hm
tr.snapchat.com/ Frame 0
0 60ms
59ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/hm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.herocosmetics.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://www.herocosmetics.us
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 18 Sep 2023 07:31:24 GMT
server: API Gateway
via: 1.1 google

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame C3DD
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1695022284978&u_scsid=5a12b7c0-16a5-45ad-b0d1-725a1b6de689&u_sclid=409d6b99-d81c-4608-971c-97b0c00c1d1d
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1694816406875%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1694816406875%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1694816406875&pnid=140&pcid=c7fed85c-4210-4d7e-8d2e-a6a773f88829

0
18 B

102ms
102ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1694816406875&pnid=140&pcid=c7fed85c-4210-4d7e-8d2e-a6a773f88829

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Mon, 18 Sep 2023 07:31:25 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 18 Sep 2023 07:31:25 GMT
location: https://tr.snapchat.com/cm/p?rand=1694816406875&pnid=140&pcid=c7fed85c-4210-4d7e-8d2e-a6a773f88829
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
651 B 213ms
213ms Ping
text/plain 23.49.248.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE1ODM4MDNhMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1fb85ede
date: Mon, 18 Sep 2023 07:31:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-19-203.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4.2-51256590) (-)
server-timing: inner; dur=121, cdn-cache; desc=MISS, edge; dur=12, origin; dur=131
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230918073125736D8C1B84659E29C09D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 131,23.40.19.203
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd195fac459e100c12cce74477c32aa5d27f4c270c29f412a86a6686abb0f7a76344d8bd9d6b04b3f9d3706b8fc15d451b77cfe25790315eac1bcbec61304fb2d7e51808423fbad485b4a48e8fe656034823
access-control-allow-headers: Authorization,*
expires: Mon, 18 Sep 2023 07:31:25 GMT

GET
H2 200 cssReset-bbce9172.css
creatives.attn.tv/creatives-dynamic/multiPage/assets/ Frame 217B 4 KB
2 KB 69ms
68ms Stylesheet
text/css 2600:9000:24f1:fe00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/creatives-dynamic/multiPage/assets/cssReset-bbce9172.css
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/assets/index-4ef848db.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fe00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbce9172a7ded4b78100317662adcf24a8ccc79f730f3b0c0a5c3996b86754aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 14:54:24 GMT
x-amz-version-id: TFROYQpspSbYQAHX4kDpU0GTgcq97nI9
content-encoding: gzip
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 4207022
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 31 Jul 2023 14:54:24 GMT
server: AmazonS3
etag: W/"30c3db2589c6c66d542e328b2766b7fc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: 7N8W159CkU4q5Op3wZFN0adILxdn1v-vHoc_BO_YxhX0_cWziPBRWA==

GET
H2 200 Logo_6852f925.png
creatives.attn.tv/hero/ Frame 217B 23 KB
24 KB 116ms
115ms Image
image/png 2600:9000:24f1:fe00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.attn.tv/hero/Logo_6852f925.png
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fe00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 489388c496e6154d46c6ed3bb72a397314f236fec26f4e99f400638528cf8e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: aA30quAVRJkq.AGf0tr0S9Sm02_piSae
date: Mon, 18 Sep 2023 07:31:26 GMT
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified: Fri, 21 Apr 2023 18:41:59 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
etag: "be1585c94eb4ed9900ebd7d1d9da8f78"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 23726
x-amz-cf-id: amqfIIUt6KJutmVy2iGaPWEQbz_Q7zVFQqU1b8X1ImSI89Ig-6I96g==

GET
H2 200 desktop_2d0b5218.jpg
creatives.attn.tv/hero/ Frame 217B 781 KB
782 KB 113ms
112ms Image
image/jpeg 2600:9000:24f1:fe00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.attn.tv/hero/desktop_2d0b5218.jpg
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fe00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fba3c0e365340723939176c25f48969e093e4a95734031b93c0ea8c1fa356dab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: zjerTfBE1PJNwM9XtAJsgMN_NV03RFoa
date: Mon, 18 Sep 2023 07:31:26 GMT
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified: Fri, 21 Apr 2023 18:42:36 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
etag: "4899f68d7ae9fdab0391c73247c389e9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 799235
x-amz-cf-id: QDNMghGwgR0jvERH4SEr_HLzCj_e0x2AjAHA1ITwRhG_Z3rVNGtzvQ==

GET
H2 200 font_c677bc0e.woff
creatives.attn.tv/hero/ Frame 217B 51 KB
51 KB 289ms
288ms Font
font/woff 2600:9000:24f1:fe00:a:78b:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.attn.tv/hero/font_c677bc0e.woff
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fe00:a:78b:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdd203223d392f366e83310c6a1ed08b090cbe709ab98220bb45e3574ba7ac2e

Request headers

Referer: https://creatives.attn.tv/creatives-dynamic/multiPage/index.html
Origin: https://creatives.attn.tv
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: k9SlIG_fNGbrJxHzXZV.KsNQhFMGOLin
date: Mon, 18 Sep 2023 07:31:26 GMT
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 51712
last-modified: Thu, 05 Jan 2023 15:03:16 GMT
server: AmazonS3
etag: "c2d96b333b1dc7523110350d07232f5c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: aXADlsGVkfmqFz1mM6HO8aalW_1mt5Lx1hX3ml4U3P-LRE3uWFupsg==

GET
H2 200 datadog-logs.js Show response
www.datadoghq-browser-agent.com/ Frame 217B 33 KB
12 KB 229ms
72ms Script
application/javascript 108.139.53.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.53.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-53-136.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:30:50 GMT
content-encoding: gzip
via: 1.1 f72e244fb4f0eab694c4c73be7c5f44e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 15:01:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 36
etag: W/"9eb57181f3149e3310d96317ef9188ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: 39E7boTju1-thkT0r5rzWpuuEa0FnkdKoq_vRkN3hsEkYCTcxBIJiw==

GET
H2 200 css
fonts.googleapis.com/ Frame 217B 4 KB
744 B 84ms
83ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Jost:700|Jost:400|Roboto%20Condensed:400

Requested by

Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/assets/index-4ef848db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

caee13c3a41f0dd4b28ffb0501a5558eeba0c8db36d407750eeb300ddebd9c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 07:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 07:31:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 07:31:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 68ms
67ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173724809895244&ev=Microdata&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&rl=&if=false&ts=1695022285408&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin%22%2C%22meta%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Hero%20Cosmetics%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22og%3Atitle%22%3A%22Empowering%20Acne%20Prone%20Skin%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Everyone%20deserves%20to%20feel%20amazing%20in%20their%20skin.%20That%E2%80%99s%20why%20we%20make%20customizable%20acne%20toolkits%20to%20handle%20any%20pimple%20challenge.%20Seriously%20effective%20solutions%20with%20powerfully%20clean%20ingredients%20for%20all%20ages%20%26%20skin%20types%20%E2%80%94%20from%20our%20cult-fave%20hydrocolloid%20Mighty%20Patch%20to%20Rescue%20Balm%2C%20Micropoint%20for%20Dark%20Spots%2C%20and%20beyond!%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.herocosmetics.us%2Fcdn%2Fshop%2Ffiles%2Fthumbnail_1e18802f-a1b6-4468-a69b-14bc540564f3.jpg%3Fv%3D1654615915%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2Fcdn%2Fshop%2Ffiles%2Fthumbnail_1e18802f-a1b6-4468-a69b-14bc540564f3.jpg%3Fv%3D1654615915%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=2a8fde7aa67c1e4f6bfb2692435cb794dc96478a5137f2ac601700193b04f1c3&v=2.9.127&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1695022284895.2009900296&it=1695022284584&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Sep 2023 07:31:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 produce_batch
www.herocosmetics.us/.well-known/shopify/monorail/unstable/ 0
736 B 68ms
67ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herocosmetics.us/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/wpm/b807df045w36eb870bp858e4efdm07092c7am.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: c59114b5-eb75-402e-9bce-b8b3c3c1d035
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcGl0IkJIOjIpilwxJ0Ru1clnQwyOpfBVEz%2FtNVzn424416mCkk18kEVSHR6Pqx73%2F0GBL2jByh%2FODFwYhX9ZEsmIvG5G3bWp8qcycp73wKl2T%2BqpfnlW5eKGPOJi87jANh8tJH%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8087e3a40d240318-MIA

GET
H2 200 runtime.baseline.en.fd8c977d2d4a503fda8d.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 62ms
48ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.baseline.en.fd8c977d2d4a503fda8d.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 205082
content-encoding: br
server-timing: imagery;dur=511.880, imageryFetch;dur=72.802, cfRequestDuration;dur=14.999866
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 682756e5-6fee-4c95-988f-c93ffc4444d2
last-modified: Fri, 15 Sep 2023 22:32:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on%2FdoRMbSywQK7xOnjORf%2B2ro8qRIMLX0UAhN6em5JJpPP0DobpmivTcNNkzvdSsG%2BUuVk2KwE2WHOyy8WllcV9c5BaXHTPN6WOvTYUEnfNT59Q9flERkRvVd4m0SPbCXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.baseline.en.fd8c977d2d4a503fda8d.js>; rel="canonical"
cf-ray: 8087e3a47b6b9aef-MIA

GET
H2 200 widget.js Show response
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 443 KB
145 KB 97ms
78ms Script
text/javascript 2600:141b:13:7a1::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a1::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1370f5033d65efa41ab8eb04c25ad6bca019ecb35c5de12d0fcc4d834bd53fd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

ratelimit-reset: 38
content-encoding: gzip
date: Mon, 18 Sep 2023 07:31:25 GMT
x-kong-proxy-latency: 6
env: PRODUCTION
x-ratelimit-limit-minute: 5000
x-kong-upstream-latency: 92
x-ratelimit-remaining-minute: 4994
ratelimit-limit: 5000
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1695022285535_388993485_752756451_219_8176_66_0_146";dur=1
content-length: 147541
correlation-id: 55c51394-61af-4831-98d7-701d8d0ab9aa
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=89
access-control-allow-credentials: true
ratelimit-remaining: 4994

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1022 B 45ms
33ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=LGmb7q&shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac549f438a886eb4848aed56ce4bd0761598b3df30cb44c1b435a386bbc33357

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 179080
content-security-policy-report-only: object-src 'none'; script-src 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self'
x-cache: HIT, HIT
content-length: 919
x-served-by: cache-lga21933-LGA, cache-mia-kmia1760072-MIA
server: nginx
x-timer: S1695022286.512142,VS0,VE0
etag: W/"fffac71281a68fa656bef3f60b5319d5"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 4

GET
H2 200 A19H8vTS9KoU0V2U-uthxg.js Show response
cdn-loyalty.yotpo.com/loader/ 1 MB
187 KB 229ms
201ms Script
text/javascript 2600:141b:13:7a1::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13:7a1::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e2f1cda3b092b233248647653bd91fe75f56a01ecca15098e7635e3ff5503b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

ratelimit-reset: 1
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-permitted-cross-domain-policies: none
x-ratelimit-limit-second: 10000
x-kong-proxy-latency: 2
x-ratelimit-remaining-second: 9999
x-kong-upstream-latency: 337
date: Mon, 18 Sep 2023 07:31:25 GMT
ratelimit-limit: 10000
content-length: 190366
x-xss-protection: 1; mode=block
x-request-id: a11b54bafeb3a22689c742ce2ae556f1
x-runtime: 0.097364
referrer-policy: strict-origin
correlation-id: 062a9aac-c87c-4c83-a599-ba1946612738
etag: W/"4e2f1cda3b092b233248647653bd91fe"
x-download-options: noopen
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-max-age: 86400
access-control-allow-methods: GET,POST
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: false
access-control-allow-origin: *
ratelimit-remaining: 9999
access-control-allow-headers: *

GET
H2 200 tracking_script Show response
cdn.shopify.com/proxy/335f4c414d516db4c89925c19ceb3d99535fe9e70fa66a3189949192c13886b0/bingshoppingtool-t2app-prod.trafficmanager.net/uet/ 639 B
952 B 76ms
65ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/335f4c414d516db4c89925c19ceb3d99535fe9e70fa66a3189949192c13886b0/bingshoppingtool-t2app-prod.trafficmanager.net/uet/tracking_script?shop=tbate.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

c14c7d89d2f50cfddff9e5ab56ce377d0ca5ff385e2a6a22809235253f6e6dc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
content-security-policy: default-src 'none'; sandbox;
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
content-encoding: br
content-disposition: attachment
server-timing: imagery;dur=245.918, imageryFetch;dur=243.828, cfRequestDuration;dur=31.000137
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2400add2-87eb-4626-bb12-f1a42b1690db
last-modified: Mon, 18 Sep 2023 07:25:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2qF%2BmMsOfMbkZ0YSYyv%2F9TRw%2BeFo6YGi2c1rkAuQroIbJdYEGNQ5kvNCpXtFFlfIGKHYV2nVIoBFsNfa%2F8abHSd4vLYwqSIw93zfi27YNpllzy8x0qGegkx6rfjShVGig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
link: <https://cdn.shopify.com/proxy/335f4c414d516db4c89925c19ceb3d99535fe9e70fa66a3189949192c13886b0/bingshoppingtool-t2app-prod.trafficmanager.net/uet/tracking_script>; rel="canonical"
cf-ray: 8087e3a47b699aef-MIA

GET
H2 200 online_store_script.js Show response
d275fvz7g8rvo.cloudfront.net/tbate.myshopify.com/ 2 KB
2 KB 257ms
67ms Script
binary/octet-stream 2600:9000:21dd:6800:1:d5ae:c900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d275fvz7g8rvo.cloudfront.net/tbate.myshopify.com/online_store_script.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:6800:1:d5ae:c900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8f62647260cb6173d253fa37bca50896841e1bd9cbb4197dd5e65204fc6b34b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 17:22:11 GMT
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
last-modified: Sat, 20 May 2023 01:07:56 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 50955
x-amz-server-side-encryption: AES256
etag: "bfafa95f97ecc2d4fde9e6e26b066ebf"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 2182
x-amz-cf-id: _iW90X4jo_MLSqVkhAXomgw-ulOEw0NolymLtS7zuh_cFbbWFKPQvQ==

GET
H/1.1 200
OK quiz-loader.min.js Show response
pc-quiz.s3.us-east-2.amazonaws.com/current/ 2 KB
3 KB 274ms
110ms Script
application/javascript 52.219.108.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pc-quiz.s3.us-east-2.amazonaws.com/current/quiz-loader.min.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.108.186 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81ebf0e633fdfe21f33576abf495d4b1f03849ce2ff33558825ee148b48c2242

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 07:31:26 GMT
x-amz-version-id: nolg2tGvJJ6LBBSqCobxCHVQ5vDbcxxb
Last-Modified: Tue, 22 Mar 2022 13:21:14 GMT
Server: AmazonS3
x-amz-request-id: 9BK3ETX3CTM903P4
ETag: "9dce8788e2ca2584dc3be449a2422b51"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2182
x-amz-id-2: iJLuX8q32rZEm4XPJBI1quMEPByUCn1nrN8nq0gqC11yagOjjigckcgpGkvp/kQ4NQLjRFUHPgg=

GET
H2 200 script.js Show response
geolocation-recommendations.shopifyapps.com/locale_bar/ 56 KB
19 KB 190ms
90ms Script
text/javascript 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation-recommendations.shopifyapps.com/locale_bar/script.js?shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def7cecacce7bcb2fee77d978a2731d332e207eb6e82409539754ab0156e80ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: ; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: ; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: *; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: *; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
cf-cache-status: BYPASS
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=8, socket_queue;dur=2.002, util;dur=0.1, cfRequestDuration;dur=50.999880
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-request-id: 5b8aec0b-d787-4d23-a555-ed00632d6380
x-runtime: 0.007555
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"def7cecacce7bcb2fee77d978a2731d3"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7DCwgblD0%2Bn94r4g6kiIToPgBWuIKy865Y2KpGQPMr0h7Rvzkym1Hcs9nh%2FhBTQdjejqRwZZKxGNC7Mm9CVZyPI%2B%2Blq4FdUP7qxaQJVbGUYu4ogEkfqlYZxwnr%2F%2FOIFfT7WMBjE0DqbE5%2Fy6f%2Fw77M783AHGb25xlChBXE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 8087e3a50f9e220f-MIA

GET
H2 200 dtag.js Show response
cdn.attn.tv/hero/ 5 KB
3 KB 78ms
69ms Script
text/javascript 2600:9000:21da:200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/hero/dtag.js?shop=tbate.myshopify.com
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a96c0f3d85a2dfc2c0f7a85e0fec1ccf780b3cf516c3372190138dfd22dde6a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: lfTGo4lJJi3xl5A3kiV1tkkg6axfqYn3
content-encoding: gzip
via: 1.1 4e4f8ee4f88ce6711f13846e91140c60.cloudfront.net (CloudFront)
date: Mon, 18 Sep 2023 07:29:35 GMT
x-amz-cf-pop: EWR53-C1
age: 111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Oct 2022 16:43:40 GMT
server: AmazonS3
etag: W/"11a14dfc087feaedb628aa9df45dc163"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=120
x-amz-cf-id: --aCSNGOSGvOmqBvAVUkeoaKIiEYjtQ7Pp7grkgWtpAegDZAU0DRWQ==

GET
H2 200 10967_1675165455.js Show response
app.backinstock.org/widget/ 105 KB
27 KB 145ms
46ms Script
text/javascript 2606:4700:e2::ac40:8c1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.backinstock.org/widget/10967_1675165455.js?category=bis&v=6&shop=tbate.myshopify.com

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8c1d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c46e557ba3ccc22ffda95b1d6dcda986aaf81f8dee1f7feea066611ca470d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 1511133
content-encoding: br
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cd335185-9746-4fe8-82a8-1403f2b74167
x-runtime: 0.070706
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Jan 2023 11:44:15 GMT
server: cloudflare
etag: W/"5595ce0c5ffef47a7987fc718c179723"
x-download-options: noopen
x-frame-options: ALLOWALL
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szx6hnd5o%2BjYnw8lAxMoJ7%2BkrJSdTVZBMTyCRhTO4TABXsQRCElLCDShBFouCFDOfflSxVRiNaJebmmpZXLIt%2B%2FLadr50RtaEfPlgJGY9dd18Ze5Uk%2Fky6Z0eSXSsaW%2BhWx7yH3nT%2Brjtq%2BbrMiKJfEg"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2629746
cf-ray: 8087e3a50a144954-MIA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 143ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1f2cc95f-56d2-40f4-ac66-85995abfa13f

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shop/t/230/assets/liveChat.js?v=83089050761543716311694645115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: TDMQPT020DRW1117
age: 51
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: zMRnAvKOAJXxRvPq8+B1zeL5aayaTgRJkXk1UzH1Ado5lR6+z1lafaTP6MEs86XDeFT1Mq3O6PuGW79rziCiBA==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knkJTXXmv0aJhuNhqa96Ee1dSL%2B01zLNxrUnVGZuHTj9UAUNLDeXFm7FLE%2FJdI44LRSzjwbvCsWOV%2FQlQc8Kg5ZvAt4aoRaTE4gxLrmZMZ9LCXqqr3%2FYEaLDUCT5se8c7RC4Bmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 8087e3a50ace8dcc-MIA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/ 2 KB
2 KB 258ms
117ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/775465074/?random=1695022285555&cv=11&fst=1695022285555&bg=ffffff&guid=ON&async=1&gtm=45Fe39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.herocosmetics.us%2F&hn=www.googleadservices.com&frm=0&tiba=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&auid=207420986.1695022284&uamb=0&uaw=0&data=ecomm_pagetype%3Dhome&rfmt=3&fmt=4

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af7d9f734c6cc45ba6b15a57117b5d3bb59dc3282ab5f23e5ed43992418eff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 150ms
59ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 18 Sep 2023 07:31:25 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20BB38411AF844D2883561BBC36ED9F5 Ref B: MIAEDGE1915 Ref C: 2023-09-18T07:31:25Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 hotjar-1133465.js Show response
static.hotjar.com/c/ 11 KB
5 KB 221ms
73ms Script
application/javascript 18.238.55.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Requested by

Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-55.jfk52.r.cloudfront.net

Software

Resource Hash

6053bbda10274d73663fb0f0d1d397679459a4477b754750a25600b75a13d1a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Sep 2023 07:30:46 GMT
via: 1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
age: 39
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/26e29fd76826b77ddf1d0b898426dfb4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: chMd4hIpO5EONORoCKjUK2c64iXzbc-M-D24th-Sf38mATkYtSphRw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 222ms
62ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200176-IAD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 139ms
36ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 589ms
68ms Script
application/javascript 2600:141b:13:7a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ssapi.herocosmetics.us
URL: https://ssapi.herocosmetics.us/gtm.js?id=GTM-N73MWQN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a6::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "d27ea869d7ce22e300e4a4a927526193"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1473

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 36F4
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D29750...

2 KB
2 KB

94ms
92ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=399980115955095300&dcc=t

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

bcd0bf49c281d88577e18cd0994db23aaead060634501134e48821c6ea6284fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1642
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 18 Sep 2023 07:31:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: C2QQ3VYA1CRG3JQZJJBF

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 18 Sep 2023 07:31:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=399980115955095300&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 2EG5XR2M9EC52TH2H3GD

GET
H2 200 collect
ssapi.herocosmetics.us/ 35 B
193 B 108ms
105ms Image
image/gif 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssapi.herocosmetics.us/collect?v=1&_v=j101&aip=1&a=1866806145&t=timing&_s=2&dl=https%3A%2F%2Fwww.herocosmetics.us%2F&ul=en-us&de=UTF-8&dt=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2277&pdt=81&dns=15&rrt=138&srt=39&tcp=76&dit=698&clt=872&_gst=1084&_gbt=1451&_u=YEBAAEABAAAAACAEKI~&jid=&gjid=&cid=272856543.1695022285&tid=UA-102753205-1&_gid=1073059079.1695022285&_fplc=0&gtm=45Fe39d0n81N73MWQN&z=1136470151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:25 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 11fab095cc71bb1964a1ae39899861db
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 809.baseline.en.f398d37a1955c4eb6e20.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
846 B 52ms
49ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/809.baseline.en.f398d37a1955c4eb6e20.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 1497164
content-encoding: br
server-timing: imagery;dur=101.841, imageryFetch;dur=24.114, cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 020a1b23-70ee-4c7e-8780-37fb68074f6c
last-modified: Thu, 31 Aug 2023 23:38:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaFKuXNHY4aP9kCBBnchQjwM6arI2y2E10%2BZsE4fAO9Xx70Wtf8W9YCFAG59eXR1%2F1NJiW4bcKnfNtisT4QYXCVegSX5QRJrc0A6VCJZDD5pBvokX0kKbm5%2BeBJAS4ktkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/809.baseline.en.f398d37a1955c4eb6e20.js>; rel="canonical"
cf-ray: 8087e3a52bc79aef-MIA

OPTIONS
H2 200 impression
hero.attn.tv/ Frame 0
0 69ms
68ms Preflight 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/impression?id=af886addd5d044db87dcfee03d966a33&c=428631&he=false&pt=field_capture&su=https%3A%2F%2Fwww.herocosmetics.us%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://creatives.attn.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-methods: PUT
access-control-allow-origin: https://creatives.attn.tv
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8087e3a54990db0d-MIA
content-length: 0
date: Mon, 18 Sep 2023 07:31:25 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2

PUT
H3 204 impression
hero.attn.tv/ Frame 217B 0
0 154ms
153ms Fetch 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/impression?id=af886addd5d044db87dcfee03d966a33&c=428631&he=false&pt=field_capture&su=https%3A%2F%2Fwww.herocosmetics.us%2F
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/assets/index-4ef848db.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://creatives.attn.tv/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://creatives.attn.tv
x-envoy-upstream-service-time: 8
cf-ray: 8087e3a5bc718dd3-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 200 creative-interactions
hero.attn.tv/ Frame 217B 0
0 67ms
67ms Fetch 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hero.attn.tv/creative-interactions?crid=428631&coeid=_ou&vid=af886addd5d044db87dcfee03d966a33&crap=EMAIL&crat=VIEW&crpi=2&ts=1695022286&he=false
Requested by: Host: creatives.attn.tv
URL: https://creatives.attn.tv/creatives-dynamic/multiPage/assets/index-4ef848db.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://creatives.attn.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://creatives.attn.tv
x-envoy-upstream-service-time: 2
cf-ray: 8087e3a54992db0d-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 Product-Thumbnail---MPO.png
cld.accentuate.io/11723218878506/1639074823992/ 15 KB
16 KB 49ms
48ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/11723218878506/1639074823992/Product-Thumbnail---MPO.png?v=1681752729959&options=w_600,h_600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215d584c4c9953f6013ed804d2e7a25bc8614589821c91fa9e965a83c0cbd440

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 319470
x-back-cache: HIT
x-front-hits: 2
x-back-hits: 5
etag: "qsaRCIQ0PUDTIqZgAEHQUIMEdg4Q3SRKMRsLECFQLMwSZxioFY3JDAgATc1GO&AngVflahsfd0JiczUigjUkAAyWOS4JXYN2OkVTM#UffhdDGj4#Ty"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:25 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, IAD89-C1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 15450
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1UX80eN2xXrsI122q0jbR1DLzAS7fVV06E8X37JWYfltikqXCIxG0ruDALbi5u%2BlHTaaz9%2FRofuvPac80CtKTvC4vhHRspOQBlN3nhZg%2BjleUPjaashpZ72koTx1WO6e%2Fl%2BwsvzWlc%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e3a548584960-MIA
timing-allow-origin: *
x-amz-cf-id: GbKokJ_uVRX6XwQGPbaYWXCIL39TSEBuJ5bxWreyJsP8mUo3ytLIxg==

GET
H2 200 Product-Thumbnail.png
cld.accentuate.io/40383244435498/1662657757168/ 17 KB
18 KB 53ms
50ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/40383244435498/1662657757168/Product-Thumbnail.png?v=1662657757168&options=w_600,h_600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 525956f74dfa611e5cb0b1237994f825ef7daf1b1a8d219e9f8c889670705c35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 319461
x-back-cache: HIT
x-front-hits: 1
x-back-hits: 4
etag: "qk4CQzUCuhx1oMAB2AIZrhIdSaerguo2Wm000yy9IWp0KqCoPDYuoGAjk1GO&AXoVPlaXv3ZSZoPERSBIYK3e50Ejg3a5y72ztqa12WPPki771uA"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:25 GMT
via: 1.1 ip-10-222-75-196.us-west-2.compute.internal (Varnish/7.3), 1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, IAD89-C1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 17776
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dRbcDIAsHNa72XZtCm7z7Ti0GKzDzrS555LgJh%2BbahF8%2F2sHMaNc0ItlsLJa%2BUwAlJ15QigKUROfmkW%2F1xAt%2FY0qvbWSV%2BOxa9C17xi9eHUz2t6xTIyMhzcsCRUJeQqoj9N%2FMUozyc%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e3a548594960-MIA
timing-allow-origin: *
x-amz-cf-id: yDRKQ80ZyMY3D8JLUBO4XFUGRFOavBYvz4uXEP8-0ZBmMQLelMgoBQ==

GET
H2 200 MPN_600x600.png
cld.accentuate.io/39709455155242/1643137960291/ 10 KB
11 KB 52ms
49ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/39709455155242/1643137960291/MPN_600x600.png?v=0&options=w_600,h_600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1db80cc37a5dd7ebedc18acebc888365cca1a4a35118cfd0a94477429caf7a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 3083631
x-back-cache: HIT
x-front-hits: 2
x-back-hits: 5
etag: "AJzAxg8bkDSEylQATJT4cYskIDLRzisR9VDtQ3METNjS9IYvQJQFoFgFk1GG&AXpVLreCx9poTUEDmSkYOCH4sLsDuTavM3AzmZ5udoIs#iRD10l"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:25 GMT
via: 1.1 ip-10-222-73-31.us-west-2.compute.internal (Varnish/7.3), 1.1 84dbb1d289dde64b57ea4df7ce064c9e.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, MIA3-P4
x-cache: Hit from cloudfront
x-twicpics-source: twicpics
content-length: 9934
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apHikPfhkevs41daHAqvBaWnmJMn%2BdcRc6LnhJ%2FcfTP2U6DbDiaoUfgHi5ZorFtjddfB1NYPqvG8%2FpAnz3KCmun0qdUe3eZTv6Kn920kyyocDT8VJgAIaPssSGiUgTJfADSFPrMNekg%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e3a5485a4960-MIA
timing-allow-origin: *
x-amz-cf-id: yC91-j2BiPDxBeaex4lwSGo_7s1wFIi7gk_ufLar5Uc9nA2GyaTcUg==

GET
H2 200 RBG_thumbnail_1000x1000-(1).png
cld.accentuate.io/39951665791018/1646111590044/ 11 KB
12 KB 51ms
48ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/39951665791018/1646111590044/RBG_thumbnail_1000x1000-(1).png?v=0&options=w_600,h_600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ada2d1c945bcd6356007746b1371adf56c2bd54c25b86e518b9cb81ec12bdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 40391
x-back-cache: HIT
x-front-hits: 3
x-back-hits: 5
etag: "8dYqqMGXY0DakMOlRrJ8rebd3uluwBo3KTWYjcBn8Eat25XYmI&EsJWCk1GM&A#iWq3X#4mJ7zIU8iYZUkM55wRegr5XtX9cDUqD#6Xr612fWRIo"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:25 GMT
via: 1.1 ip-10-222-73-31.us-west-2.compute.internal (Varnish/7.3), 1.1 a236446df36d5b308b8a8d34deb153f2.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, ATL56-C1
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 11348
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w87aDOfOkhj3fNV78%2B63F5Ls%2F5ZzPqHkrCBiWacF4F6pRSY3maK%2B5xa2Na9KpzXIxsZyOtEBCeLpiOyQi110Ee8eKjWid88ZbO7PP7iB%2FFKLzSEY78TG8l9ULC%2BAZuh12noTFj1QB%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=600x600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e3a5485c4960-MIA
timing-allow-origin: *
x-amz-cf-id: bjSXIlFIOr8RoNi60f-bF-W-rPE_IkSpGMrUsNB4siYGw6ijtLGrXg==

GET
H2 200 1f2cc95f-56d2-40f4-ac66-85995abfa13f Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 443ms
359ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1f2cc95f-56d2-40f4-ac66-85995abfa13f

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78e4e4179b64cd0ce8e530dcbba70aea378e8272365d3c84f3582d6e5d33cf4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7fd8534f29e3d9a1-SEA, 7fd8534f29e3d9a1-SEA
x-runtime: 0.012886
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"78e4e4179b64cd0ce8e530dcbba70aea"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQ%2FkkhgW58peYNB2WT17qwVaK5emeL7W8qhWRkThvaE7zxYa6Y%2Bo7OfrAfYBgO0znligS34b0LjECDK95Th%2FXZUkK7fyw9Du85tYN2RTdlCzLTbWLYT3H978bPSV%2Bcg8%2BNE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8087e3a63afa5c63-MIA

GET
H3 200 810.baseline.en.d3de5a49b3f490317ed3.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
26 KB 59ms
59ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/810.baseline.en.d3de5a49b3f490317ed3.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 1493120
content-encoding: br
server-timing: imagery;dur=29.750, imageryFetch;dur=29.566, cfRequestDuration;dur=19.000053
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a7aee333-9bfe-4542-93c5-72abba85573f
last-modified: Fri, 01 Sep 2023 00:46:03 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfUf714F9PZTdKgGpo0JYaFvlYF9dCC%2BToYaAzQrFkGkeXB8IXJKyHWfqRKZPUojrk34hXhuddwgN3opMeo6JP9QVTi3oNm20ZhmrE6N5HPRIVxvIhPJXacfUkGIhSIkXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/810.baseline.en.d3de5a49b3f490317ed3.js>; rel="canonical"
cf-ray: 8087e3a5bcb36de3-MIA

GET
H3 200 browsing_context_suggestions.json Show response
www.herocosmetics.us/ 132 B
2 KB 126ms
125ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/browsing_context_suggestions.json?source=geolocation_recommendation&country[enabled]=true&country[exclude]=US&currency[enabled]=true&currency[exclude]=USD&language[enabled]=true&language[exclude]=en&

Requested by

Host: shopify-gtm-suite.getelevar.com
URL: https://shopify-gtm-suite.getelevar.com/shops/415acc71b987ca41929de242bce23aa27aeecc5c/2.40.1/gtm-suite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

99ebefc6d820d1a4fc5353bdf009f7973e2254581f7917e961480a03bf4fa6f0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=13, db;dur=3, asn;desc="9009", edge;desc="MIA", country;desc="US", servedBy;desc="j7n8", requestID;desc="6c279fbc-f12c-429a-9590-8b6ec9138bde", cfRequestDuration;dur=88.999987
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 6c279fbc-f12c-429a-9590-8b6ec9138bde
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jG6%2BJ6SRUcPF3fjKca8zNybyohZfZpVanR1ghbX4SnwR7bsUAIRg6oWtOUeSkVqx2%2FCoypLBY9lvO4Il40DbwkPCBiVdDVl4rfaOoY9%2FzXeymggAgCR0YbNTSBiOlYtCwPV593Q"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 8087e3a5ddbc0318-MIA
x-sorting-hat-podid: 41

GET
H2 204 25097093.js Show response
bat.bing.com/p/action/ 0
116 B 60ms
59ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25097093.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 18 Sep 2023 07:31:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B349D36BD1F4433AF28C6B0015296BB Ref B: MIAEDGE1915 Ref C: 2023-09-18T07:31:25Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 87ms
87ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25097093&Ver=2&mid=cc0776ca-0960-48d5-a74c-3fa34f6ebc27&sid=5fd38ab055f511ee9b7aa38b911e0200&vid=5fd3fc2055f511ee82c1a1da0c323908&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&p=https%3A%2F%2Fwww.herocosmetics.us%2F&r=&lt=2285&evt=pageLoad&sv=1&rn=204220

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Sep 2023 07:31:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89070903428B4DE183D7A7976B4BBAF6 Ref B: MIAEDGE1915 Ref C: 2023-09-18T07:31:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
19 KB 216ms
67ms Script
text/javascript 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

14f582673c048803bb396b98d193b24c5d05ea85e1b7594c9b5dce1026f0ef57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H2 200 widget.css
staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/ 479 KB
39 KB 76ms
76ms Stylesheet
text/css 2600:141b:13:7a1::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2022-07-03_07-28-28

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.js?shop=tbate.myshopify.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13:7a1::1d72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7898396661257844856834bdb796b82122541ea0c939c89748ce150f2c0953da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695022285884_388993485_752756996_87_7520_66_0_255";dur=1
content-length: 39340
x-xss-protection: 1; mode=block
x-request-id: f94d08375f396e6922bee3c633f1166a
x-runtime: 0.164833
etag: W/"480585e95d974d134410850278de6ba6"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: public, max-age=8391
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H3 200 Information.baseline.en.df408b7e195809ac9ca9.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
36 KB 51ms
51ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/Information.baseline.en.df408b7e195809ac9ca9.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 223244
content-encoding: br
server-timing: imagery;dur=25.366, imageryFetch;dur=25.108, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5a9d5713-e479-41cd-8ac9-adb4e1056f6c
last-modified: Fri, 15 Sep 2023 17:25:38 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F46CVdkuFWSng2JdnJoinObL50BKDvr0B8z2Zk1Tu9uBOKsj%2F%2BqnzkbEX7l4c99JsfMVKh2xRtbWm9brEDCkqxvtLyA%2BCIMWB7f8Ko4N1nbT3p5cyfrWLKYrhI55OqmchA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/Information.baseline.en.df408b7e195809ac9ca9.js>; rel="canonical"
cf-ray: 8087e3a6ad066de3-MIA

GET
H2 200 app.v1.0.368.js Show response
cdn-swell-assets.yotpo.com/ 1 MB
192 KB 198ms
35ms Script
text/plain 192.229.163.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/app.v1.0.368.js
Requested by: Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/A19H8vTS9KoU0V2U-uthxg.js?shop=tbate.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9ACF) /
Resource Hash: 7aa07cb9eb4dcbd11651911e5b51ddfcca63a7407e4e82f6cbe1e217688af9e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
content-encoding: gzip
x-amz-version-id: PqtSMCVj7ESk1vw4sS8qzdrlxa61XPgb
last-modified: Sun, 12 Mar 2023 15:50:42 GMT
server: ECS (mic/9ACF)
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1678636240/atime:1678636240/md5:578610ba47467921af169ff4767b704b/ctime:1678636240
age: 53293
x-amz-request-id: 7Z6BAZTP3P9RENCR
etag: "578610ba47467921af169ff4767b704b+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
content-length: 196015
x-amz-id-2: GxHiKZ2BjwQ6FnDPo5C6iHUsXhqbg1yx6SOalh4xF9ywfNuSy+JdsGQ8LGjIBxkGwiQJaFvHWoc=

GET
H2 200 i
p.yotpo.com/ 35 B
280 B 219ms
64ms Image
image/gif 44.214.249.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&se_va=WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax&cx=eyJwdl91dWlkIjoyOTc3NzUzMzB9&dtm=1695022285885&tid=329796&vp=1600x1200&ds=1600x1200&vid=1&duid=9f42355730c794df&p=web&tv=js-0.13.2&fp=4090298438&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Pacific%2FHonolulu&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.herocosmetics.us%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.249.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-249-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 18 Sep 2023 07:31:26 GMT
cache-control: max-age=86400, private
server: nginx
content-length: 35
expires: Tue, 19 Sep 2023 07:31:26 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 259ms
156ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1695022285908&id=t2_3jqrn4g1&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=acbf4bab-8d15-4eb2-8dd8-bcf3a0f6c72f&aaid=&em=&external_id=2a8fde7aa67c1e4f6bfb2692435cb794dc96478a5137f2ac601700193b04f1c3&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 modules.afe18b03a2724895a0ac.js Show response
script.hotjar.com/ 223 KB
55 KB 229ms
72ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.afe18b03a2724895a0ac.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1133465.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

2511f97f0c01a302b753d9697deba3a0bc995f3ea0ec5ac7e9db919cdb7d44f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 08:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ad22d4e4410fd07809425488bf6e79be.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 254479
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55728
last-modified: Fri, 15 Sep 2023 08:50:05 GMT
etag: "50b731696057a5c499ba8226c71b47ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bTLjIx7gmpwrt6YdiL_s1dIM3qo3Hn4Y_HflT6hQoVfqz3x4Dwu4xQ==

GET
H3 200 icon-arrow-right-black.svg
www.herocosmetics.us/cdn/shop/t/230/assets/ 489 B
1017 B 68ms
46ms Image
image/svg+xml 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/icon-arrow-right-black.svg?v=168596361644200279161694645065

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-east1
age: 271671
content-encoding: br
source-type: image/svg+xml
server-timing: cfRequestDuration;dur=9.999990
source-length: 489
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 362811ed-1604-4058-ac86-aa1eb0ebb862
last-modified: Wed, 13 Sep 2023 23:20:27 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXxvJl6a%2FeKFwNjW3GrHdF8JOEtrHErviTKlsniC3diba7ojv%2BR8LYq2d%2BeKFv6F2mnlkTrcnk7tJi41sRfjqIQL75DnfDRbCJnLPkHjvNgR%2BE3wODynjr7Ul%2BrY4xLw8NiHGVg5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 8087e3a73e410318-MIA
x-sorting-hat-podid: 41

GET
H2 200 product_img-(1).png
cld.accentuate.io/39951666184234/1646111562602/ 3 KB
3 KB 73ms
47ms Image
image/webp 2606:4700:20::681a:44f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cld.accentuate.io/39951666184234/1646111562602/product_img-(1).png?v=1646113179237&options=w_200,h_200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1f436b61101f824b3ac4a93ddd4b5c6df7e58281c9b82d62f3659141a68c25a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age: 226776
x-back-cache: HIT
x-front-hits: 1
x-back-hits: 1
etag: "AJzATh8ICLSIylQAQDDhU#SPLvQjxJsmiECXPfLxT3i4dHYkIJQVoFgFk1GG&AXpVLreCx9poTUEDmSkYOCH4sLsDuTavM3AzmZ5udoIs#iRD10l"
vary: accept,cloudfront-forwarded-proto,ect,host,save-data, Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-front-cache: HIT
access-control-allow-headers: *
date: Mon, 18 Sep 2023 07:31:25 GMT
via: 1.1 ip-10-222-73-31.us-west-2.compute.internal (Varnish/7.3), 1.1 41e3e9b71ac696c1f057fb711a33338e.cloudfront.net (CloudFront)
x-twicpics-quality: 70 (72)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HIO50-C1, ORD52-C3
x-cache: Miss from cloudfront
x-twicpics-source: twicpics
content-length: 2928
server: cloudflare
allow: HEAD, GET, OPTIONS
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZhA3nZsaa9SAMEFBu2xdoLUo1DsuFQn5KY5cktXhslAaFEZ3CcFKCb45qz6LpGfx4qqH1Wh53ikaWRFy9ugypau8thIDZfM6chEsNlEFSR2ob%2FUvis2oH06OnyWLIMApwK6xmFCDUA%3D"}],"group":"cf-nel","max_age":604800}
x-twicpics-options: resize=200x200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8087e3a739124960-MIA
timing-allow-origin: *
x-amz-cf-id: LlZ-HbsyAFfVbvdpf5JsWQQIXg-9Njcri90klaRZAQt1qpzf0ogWMA==

GET
H3 200 icon-coin-yellow-md.svg
www.herocosmetics.us/cdn/shop/t/230/assets/ 647 B
1 KB 66ms
44ms Image
image/svg+xml 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herocosmetics.us/cdn/shop/t/230/assets/icon-coin-yellow-md.svg?v=132818892914967492141694645073

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 271856
content-encoding: br
source-type: image/svg+xml
server-timing: imagery;dur=44.816, imageryFetch;dur=42.065, imageryProcess;dur=0.130;desc="image", cfRequestDuration;dur=9.000063
source-length: 647
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 01180c29-5543-4528-8e63-6cd8ff233233
last-modified: Fri, 15 Sep 2023 04:00:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHoNtXr6ezIaK9k3DTldpqFmsOOQDzuieqZ059GO9lZ0IeOMsVTuwgUMcKiQwWScvM%2BtaQSrj0ykaadGVA%2B0M%2BQAMBUv2qNGGPdV8gRO3NPbm8shBRacySFmIL%2FORyDeU1KIx7ly"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 8087e3a73e420318-MIA
x-sorting-hat-podid: 41

GET
H2 200 /
www.google.com/pagead/1p-user-list/775465074/ 42 B
154 B 99ms
87ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/775465074/?random=1695022285555&cv=11&fst=1695020400000&bg=ffffff&guid=ON&async=1&gtm=45Fe39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.herocosmetics.us%2F&frm=0&tiba=Hero%20Cosmetics%20%7C%20Empowering%20Acne%20Prone%20Skin&data=ecomm_pagetype%3Dhome&fmt=3&is_vtc=1&random=727987998&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
375 B 164ms
54ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4a67eae3-9a5d-4ed9-8f34-b563dcedb697&external_id=2a8fde7aa67c1e4f6bfb2692435cb794dc96478a5137f2ac601700193b04f1c3&integration=gtm-base&p_id=Twitter&p_user_id=0&pl_id=77908ae5-643d-4cdb-8782-3a8d8ba935ca&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F&tw_iframe_status=0&txn_id=o2h0n&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 7
date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: dacbb1630f8c4f62
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 81a5a1ba92b6f88315e8fe3410e13c4ae770c74ce1830d0ab4a30a27a2ad1033
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 232ms
122ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4a67eae3-9a5d-4ed9-8f34-b563dcedb697&external_id=2a8fde7aa67c1e4f6bfb2692435cb794dc96478a5137f2ac601700193b04f1c3&integration=gtm-base&p_id=Twitter&p_user_id=0&pl_id=77908ae5-643d-4cdb-8782-3a8d8ba935ca&tw_document_href=https%3A%2F%2Fwww.herocosmetics.us%2F&tw_iframe_status=0&txn_id=o2h0n&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 75
date: Mon, 18 Sep 2023 07:31:25 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: c7445bd6049affc6
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 43612aac760f079602bd2831854ba0fb4dc239bd6cedd6f4862b73807ba5aa0d
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ 3 KB
676 B 87ms
87ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WXIgH9Bt6STxUW0x3woaABNlpYTzZ4gpEhRmW1ax/widget.css?widget_version=2022-07-03_07-28-28

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 07:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 06:37:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 07:31:26 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 6515 7 KB
8 KB 75ms
75ms Document
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=399980115955095300&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

d98894761a1a131dbc10086f3c27d731f70a18154b0eedcd2b0a8b7c23966e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dbf37e420-750d-8729-b56b-21681afccb08%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.herocosmetics.us/&ex-hargs=v%3D1.0%3Bc%3D2975003540301%3Bp%3DBF37E420-750D-8729-B56B-21681AFCCB08&cb=399980115955095300&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 7398
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 18 Sep 2023 07:31:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 2J4ZJQDCHQ2NV291MZY1

GET
H3 200 734.baseline.en.19f43245d8120188a1f6.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
88 KB 59ms
58ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/734.baseline.en.19f43245d8120188a1f6.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 214854
content-encoding: br
server-timing: imagery;dur=21.269, imageryFetch;dur=21.076, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9ad3e93b-0b88-40a2-8183-05d12c76691f
last-modified: Fri, 15 Sep 2023 19:50:25 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FZXP%2F4g35hLigsW1N5azzqB9%2FD91q3MBoqWaY5ZaynaJhRpoZ5PWF19qlje38Uugw8T2wVIOLeJ%2FdbtZ5%2F%2Bdc6EShOMTWUArjbVK01IjRhs96B49wtjdFkcHSvDt%2F1eJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/734.baseline.en.19f43245d8120188a1f6.js>; rel="canonical"
cf-ray: 8087e3a7fd666de3-MIA

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 62ms
61ms Script
text/javascript 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

be5758a073ac0db0857f5903e15e8aadc9db5f2ae9a55fe63d059acf1292bcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Tue, 17 Sep 2024 07:31:26 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=AKtvri0zR-qg-_dmqav6BA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DAKtvri0zR-qg-_dmqav6BA%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AKtvri0zR-qg-_dmqav6BA

43 B
479 B

187ms
67ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AKtvri0zR-qg-_dmqav6BA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HZ6KTXGEX5MFBFR5J8BD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:26 GMT
an-x-request-uuid: 7e90f9de-5d3d-4c1a-ad9c-2b9fed0c56cb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AKtvri0zR-qg-_dmqav6BA
x-proxy-origin: 38.132.118.76; 38.132.118.76; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=fYiqDTwSRLyCjBMCaryHxQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=fYiqDTwSRLyCjBMCaryHxQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=ae119d61-f561-48c8-8d45-8b897946cfdb

43 B
479 B

185ms
64ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=ae119d61-f561-48c8-8d45-8b897946cfdb

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JNFZMHFNMGVAK9Z2ASXY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=ae119d61-f561-48c8-8d45-8b897946cfdb
access-control-allow-origin: *
date: Mon, 18 Sep 2023 07:31:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=214230604643004055977&ex=neustar.biz

43 B
479 B

73ms
65ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=214230604643004055977&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AV5M9B2CP51RG5C6NYKY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:26 GMT
via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P3
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=214230604643004055977&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: ce_4IyCyOmaWkGuoe2rRi27RnNNPXWCJRJkGo0-kns9kQ0esEOWPtA==
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 6515 43 B
671 B 215ms
59ms Image
image/gif 23.105.12.150
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=7QfgYiV7STa6QMm9k5gRjQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 18 Sep 2023 07:31:26 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=Wq5VD_lBSUikGostGxB5VQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=Wq5VD_lBSUikGostGxB5VQ&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZQf8ziY4BtOYfoagiXK3tAAA

43 B
479 B

171ms
68ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZQf8ziY4BtOYfoagiXK3tAAA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TDJDF5JRHR3NAV3H4FD4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIZBt4Q2jjUbKMf8%2F1Th2BxsFqgNP0nXN8uU4EEKGYypMfGcwuM8iCVZEqRBwlL2sX4a3r%2BJRmVU6v46%2BKrXVB1tA5vxa%2BysOdnQBxl29xFYFGB7BxA2HLuxAXLJ51Eiggm0CSFpbaM36g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZQf8ziY4BtOYfoagiXK3tAAA
cache-control: no-cache
cf-ray: 8087e3aaefd36dc2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=4a7dd19d4eb324e80b48cd90a9dd16f6

43 B
479 B

169ms
67ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=4a7dd19d4eb324e80b48cd90a9dd16f6

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C5GAE9QGD78CTK9WH1E4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=4a7dd19d4eb324e80b48cd90a9dd16f6
Date: Mon, 18 Sep 2023 07:31:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

185ms
73ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X6TCBAPPMYX0DYS28ATY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Mon, 18 Sep 2023 07:31:26 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=0jZ8cAVsQ4q_QYEwxewDAg
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=0jZ8cAVsQ4q_QYEwxewDAg&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=0jZ8cAVsQ4q_QYEwxewDAg

43 B
479 B

176ms
67ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=0jZ8cAVsQ4q_QYEwxewDAg

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y16EHAPJR6C52HNF419A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=0jZ8cAVsQ4q_QYEwxewDAg
date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://capi.connatix.com/us/pixel?pId=32&puId=Z9EeG7WRSJ2TqLO4JGAqiw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D
https://capi.connatix.com/us/pixel?pId=32&puId=Z9EeG7WRSJ2TqLO4JGAqiw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D&final=true
https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=Z9EeG7WRSJ2TqLO4JGAqiw

43 B
479 B

85ms
67ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=Z9EeG7WRSJ2TqLO4JGAqiw

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S3PTNT0W1K7R31WHTW1V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
location: https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=Z9EeG7WRSJ2TqLO4JGAqiw
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8087e3ab3f4909aa-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET sync
t.myvisualiq.net/ Frame 6515 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=7332e8beee2c4ae19c6883cff9274761

43 B
479 B

139ms
64ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=7332e8beee2c4ae19c6883cff9274761

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NXQ5FW7BRX4M4GJTFH2A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=7332e8beee2c4ae19c6883cff9274761
date: Mon, 18 Sep 2023 07:31:26 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 6515 0
122 B 249ms
67ms Image
text/plain 198.54.201.131
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=9IvWo4L9QtWgs9DB1hRrUg&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.201.131 , United States, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-01-pub-prod-nyc.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-6t6f8
date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-E_QrDnRE2pF9oe2pe8JvNseWE29GuhgAjpsY~A&status=OK&ex=gemini

43 B
479 B

77ms
73ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-E_QrDnRE2pF9oe2pe8JvNseWE29GuhgAjpsY~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S1E292JBGVC3PBB68ZED
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-E_QrDnRE2pF9oe2pe8JvNseWE29GuhgAjpsY~A&status=OK&ex=gemini
date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=acae05278fcc25e15be6081baba4efb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

67ms
67ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=acae05278fcc25e15be6081baba4efb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 16RK0H1FNWZCFB56FDJN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=acae05278fcc25e15be6081baba4efb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1695022287066089-285

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

65ms
65ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3797N55X39QPFJDAJZEX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=2NCYS6YC7TS8EKE31KGA:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: 2NCYS6YC7TS8EKE31KGA
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: hBLoqX1PldVIddBig1IjjzFzyiYcbGzH2WRzIHYlHk9ItlcSnRXR_w==

GET
H2 200 map
sync.rfp.fout.jp/ Frame 6515 43 B
284 B 280ms
197ms Image
image/gif 35.186.196.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.rfp.fout.jp/map?dsp_id=12&uid=gjhLlIWPQuG4zq-vsFr9SA
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.196.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.196.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: Accept-Encoding
p3p: CP="ADM NOI OUR"
content-type: image/gif
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 6515 0
338 B 208ms
63ms Image
text/plain 3.214.176.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=w9UM1PvDT9G6NBP1qhoHzQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.176.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-176-219.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: beacon-n021-ash-prod.krxd.net
date: Mon, 18 Sep 2023 07:31:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=115 t=1695022287
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=ae119d61-f561-48c8-8d45-8b897946cfdb&ex=improvedigital.com

43 B
479 B

76ms
72ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=ae119d61-f561-48c8-8d45-8b897946cfdb&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S31VJXACZ9JP14B0Q3PR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=ae119d61-f561-48c8-8d45-8b897946cfdb&ex=improvedigital.com
access-control-allow-origin: *
date: Mon, 18 Sep 2023 07:31:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame 6515 0
186 B 210ms
66ms Image
text/plain 52.1.135.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.135.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-135-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=11d706812fcbcbe39

43 B
479 B

70ms
69ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=11d706812fcbcbe39

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BXE4BCN4MBWMZ5FRPD7M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:27 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=11d706812fcbcbe39
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rQ4GmxjrTBCpCKu1Cv96Ug&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQ4GmxjrTBCpCKu1Cv96Ug

43 B
479 B

68ms
67ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQ4GmxjrTBCpCKu1Cv96Ug

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AP4EY8FQ67YPGRCPRBYY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQ4GmxjrTBCpCKu1Cv96Ug
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=DueIyMYmTnu3iNMNS9CL8g&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=1a9e4fa69a4e78d7f692763a9b652d4&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=DueIyMYmTnu3iNMNS9CL8g

43 B
479 B

69ms
68ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1a9e4fa69a4e78d7f692763a9b652d4&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=DueIyMYmTnu3iNMNS9CL8g

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XZ3JTQGHPKZCTPVQ4KRA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=1a9e4fa69a4e78d7f692763a9b652d4&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=DueIyMYmTnu3iNMNS9CL8g
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1695022287081054-317

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=UKwL1tPSSkiYNnlkTaJKig&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=UKwL1tPSSkiYNnlkTaJKig&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13106388975118785264064329789567090867

43 B
479 B

67ms
67ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13106388975118785264064329789567090867

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G9EYVQ8R2MA4A1MB3SEK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-2-v046-07870188d.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: oPQFWO1/QZo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13106388975118785264064329789567090867
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=uNQCug3DSlWH5Rp1_Ugdow
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594858868441447362&gdpr=&gdpr_consent=

43 B
479 B

71ms
71ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594858868441447362&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PQW66F32N15CASW0K4Y3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10594858868441447362&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4305385767934839413

43 B
479 B

66ms
65ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4305385767934839413

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AEJGY51BGBBEYWPAPZGR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4305385767934839413
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET partner
sync.search.spotxchange.com/ Frame 6515 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22d77e83ca-545f-4a8e-abc5-92ae21319125%22,%22Time%22:%2220230918T073127.252015%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d77e83ca-545f-4a8e-abc5-92ae21319125

43 B
479 B

68ms
68ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d77e83ca-545f-4a8e-abc5-92ae21319125

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Q5T1WF73JBJPJQSMDRAR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d77e83ca-545f-4a8e-abc5-92ae21319125
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEOdEX8wxbqY3yrSGnuAR8ts&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOdEX8wxbqY3yrSGnuAR8ts&gdpr=0&action=GET_ID&etid=&domid=1109
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5730215081755541431&opid=apx&ops=&utidl=tech:goo:CAESEOdEX8wxbqY3yrSGnuAR8ts&gdpr=0&action=GET_ID&etid=&domid=1109
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-49741418875&gdpr=0

43 B
479 B

66ms
65ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-49741418875&gdpr=0

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y3FZJFZGVW6W6Y8TWC0B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-49741418875&gdpr=0
date: Mon, 18 Sep 2023 07:31:28 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPIOXq2yp_gmLX5b8iFwZFs&google_cver=1

43 B
479 B

69ms
69ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPIOXq2yp_gmLX5b8iFwZFs&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M1GC8AM4CDHXY1E9N8QW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPIOXq2yp_gmLX5b8iFwZFs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 6515 20 B
20 B 199ms
60ms Image
text/plain 34.239.232.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-190.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: usermatch-a019-ash-prod.krxd.net
date: Mon, 18 Sep 2023 07:31:27 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3381d1398a6f53af063d9c812a8118d8

43 B
479 B

72ms
71ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3381d1398a6f53af063d9c812a8118d8

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KQSC0H8PXZ5NGN62KVFJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:27 GMT
via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3381d1398a6f53af063d9c812a8118d8
content-length: 0
x-amz-cf-id: 6mCgUKfEC4GQXd-FBiRc23ieWQwZlRAiB09DS114jkSq4Gnz31-6AQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=f12acfee-a030-cdc4-1d5a-26f465198a70

43 B
479 B

68ms
68ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=f12acfee-a030-cdc4-1d5a-26f465198a70

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PFDJANER88B7FT9KK1R5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=f12acfee-a030-cdc4-1d5a-26f465198a70
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LFXL_nYMTKvoLMWU8BfZgTc4cf84ZgIC

43 B
479 B

70ms
69ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LFXL_nYMTKvoLMWU8BfZgTc4cf84ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R8P455CGZ3GXD3A1XTY1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQE9Sd76A%2Fw5M5XTBlOtLHdJWNeDZaUz1avWs1Z%2FppYKlfYrnbjA20UBUtsbs5hnbPmyUgEJkcbdxN6B6OZR4h82gBiATC8G2nRpM0eZFgWvUTPXojIJYD8nOjJz18dqCUgfFaz5fbmzFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LFXL_nYMTKvoLMWU8BfZgTc4cf84ZgIC
cache-control: no-cache
cf-ray: 8087e3afa9966dc2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://eb2.3lift.com/xuid?mid=8341&xuid=invV5oXuTxuAnl-26Bgv1g&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=invV5oXuTxuAnl-26Bgv1g&dongle=az46&gdpr=0&cmp_cs=&us_privacy=&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=2993537602421251521901

43 B
479 B

68ms
68ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=2993537602421251521901

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WGP0JZVZGMY7X085MT8F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=2993537602421251521901
date: Mon, 18 Sep 2023 07:31:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=CA6AC2EE99268155

43 B
479 B

100ms
100ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=CA6AC2EE99268155

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JY5AJY0VF2H97CRYQBMW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Frontend-ID: 12
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=CA6AC2EE99268155
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 amazon
crb.kargo.com/api/v1/dsync/ Frame 6515 43 B
359 B 182ms
60ms Image
image/gif 54.235.139.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/amazon?exid=SDWpFwqrQbqcRrBhwwlIlg&r=https://s.amazon-adsystem.com/ecm3?ex=KargoHMT&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_ns_n-eq-HMT3_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-fo-HMT_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_n-kg-HMT_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=w9UM1PvDT9G6NBP1qhoHzQ&dmt=3&ex-pl-n-g-hmt=pl0XYF1LT-OSUEoOuhd0Fw&ep=ttam_T219Ay-cPciHbT10psmkp27XHL59Of-xGGYtPZlalueKPnH7_7PdNx34pM8NVIXsITYyvjlUOjeG4dJqkuHPbZYMU8FY_uWyy1md8eEZYYCeZeYr805MSN_wt_icHx9NApyfsGNqgzEW1126FluP9UZAW5XXR2WGbXe68xKf78gBox9tLAlqbxPVzIXFHQJG_Jm7ksN84bPSLiRD4H0h0MZKrVXrB2VXqBrdQE43C7U0uEVHGk5E6IcZvIaxoLs80VtEH0BapIxTSVyPCaiIrLKkbD_UPc6KDfeOtB0C9yrIPYgFLwQZYUpKx8YN5SUY-xDsJhkVxCNX2Q--Y-4VYEK0CXD2HCiLDovWCwo9z5HIHpdm3HuLU60flPdTMK50PZDd3JwFStg83jo0LHy4taMSsVIsuxkSOSL_tE8O7bNZsRbc8vRY0IWnuLan898-efl3BTYujuF90LXV4Wi7Y4b81K29vaQ6noEnrIqhnW2fU7GnQntUnr-maz_L6FMPjknscWs2ccs0BIhXlvJpHOpmEGyOMH2goz6lzVTQ8-NEgqOG4khSFxIn9EmdNBcI9TAV0lQMcxkyymW_iCEqZTQ3ao18ouRZkeI0Pok8jfb9705Y_YOXmGmxjURqUVNKk4vRAjv-KifZcbT71AmLsMMgNHe-mAiSPIouMfJsCBURAjErdW8ofgSVizpiTzBD2j9N0nz3pWvcOhCAMdfq_ac723GWxtDq03fPs86ALncdrky8Bf6MZm6-9a5ZifSPwcj4VyKdpEV2wZlmZ4MevyZdvkQTDQbZIOjDI06io-ZQnJyFIZgbD2IXoG4TZYFXv1ARWojGEnZS1X-tOEMgejZUewJSAhGIcsoJoJMqpJQ6VFUfRmZv9fgCa_Bm-LWbUl-97rWXPAq7fnbSKdV6SUamlnA3aQhnIpqygt42XBI7xjz7JOjZYlprPie
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.139.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-139-126.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=5730215081755541431&ex=appnexus.com

43 B
479 B

65ms
65ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5730215081755541431&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EA7Y00ZDMCR3NR7DWX1F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
an-x-request-uuid: 89e35a7e-5325-4a9c-86e4-9f81d3ae0dae
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?id=5730215081755541431&ex=appnexus.com
x-proxy-origin: 38.132.118.76; 38.132.118.76; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=dnGtqpvyTpaO3E1p_vEa0g&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=dnGtqpvyTpaO3E1p_vEa0g

43 B
479 B

67ms
66ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=dnGtqpvyTpaO3E1p_vEa0g

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TNWYY95A9HWRR4C739AX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=dnGtqpvyTpaO3E1p_vEa0g
date: Mon, 18 Sep 2023 01:44:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=jCufeuGTU2mfzKq-3Ibggg&ex=rubiconproject.com&status=ok

43 B
479 B

64ms
64ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=jCufeuGTU2mfzKq-3Ibggg&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NSBEJGVKSYQG1V5VZCJS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=jCufeuGTU2mfzKq-3Ibggg&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=pl0XYF1LT-OSUEoOuhd0Fw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

62ms
62ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ES5XGBV00Z1A5XZP1610
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=8888&j=0
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e3cba261e24724e120afcdb43cdf4bc9

43 B
479 B

106ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e3cba261e24724e120afcdb43cdf4bc9

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TPHS6XD7JHTNZVZGJK9W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e3cba261e24724e120afcdb43cdf4bc9
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0ACFFC07652500D6C2022E8922

43 B
479 B

66ms
66ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0ACFFC07652500D6C2022E8922

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 30PTY4YJ0CCJCGK8ZAAK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:27 GMT
server: openresty/1.21.4.1
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0ACFFC07652500D6C2022E8922
access-control-allow-origin: https://www.homedepot.com
access-control-expose-headers: User-NDAT
cache-control: no-cache, private
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
content-length: 151
expires: Mon, 18 Sep 2023 07:31:26 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4dbd7ff578bd59fb8835f8798ab630c2acc2c91ae7968333eaceb373dd13bd39

43 B
479 B

66ms
66ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4dbd7ff578bd59fb8835f8798ab630c2acc2c91ae7968333eaceb373dd13bd39

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 36RBJP5YH0S3SBGET6EH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4dbd7ff578bd59fb8835f8798ab630c2acc2c91ae7968333eaceb373dd13bd39
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=JXD5kp2wSCeMjw7khbgTgA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=JXD5kp2wSCeMjw7khbgTgA

43 B
479 B

80ms
80ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=JXD5kp2wSCeMjw7khbgTgA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3B4S16DZWQ849V6275SV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:28 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=JXD5kp2wSCeMjw7khbgTgA
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=25D285F4-6DBB-4FD1-B35F-27D0159F9F85

43 B
479 B

78ms
78ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=25D285F4-6DBB-4FD1-B35F-27D0159F9F85

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RRQQYRA1SAPNV2QGRX87
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=25D285F4-6DBB-4FD1-B35F-27D0159F9F85
date: Mon, 18 Sep 2023 07:31:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072986&val=lJOTn1JkRSy00MC3hroi9A&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=lJOTn1JkRSy00MC3hroi9A

43 B
479 B

68ms
68ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=lJOTn1JkRSy00MC3hroi9A

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C7S7X1ATDH65C7V4PP8W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 18 Sep 2023 07:31:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=lJOTn1JkRSy00MC3hroi9A
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6515
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=6567768b-e191-4a0a-88fd-3bc6dc26627e-tuctc018250

43 B
479 B

72ms
71ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=6567768b-e191-4a0a-88fd-3bc6dc26627e-tuctc018250

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Sep 2023 07:31:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PY6KC638J1YV0E3X1CJM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=6567768b-e191-4a0a-88fd-3bc6dc26627e-tuctc018250
date: Mon, 18 Sep 2023 07:31:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69897

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 0DD0 921 KB
265 KB 81ms
64ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1f2cc95f-56d2-40f4-ac66-85995abfa13f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VC227HWC1SB9BP0S
age: 1086411
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /u++PB0KhW/JIMyXvniOxWbHKCXrk5NG742GSQzUeQMsfdV1Sq7QedmdfdDlKUwuwlNC/FdBPttbEZbpSgVsfQ==
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3155ef9816fdf792d367e746086c583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXiZyi3rU1Lunqh4XHPeRMAyteBH8iwxtD65n7g4HiwpDM1OlrXlzVAhTGqICpUPl4%2FXPvSE1OVo3OTCyjqdHwLUKXrqD07AC4lGdQEODWLhvUAtfuHP%2F4GbHNQNJqgpaoayBko%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8087e3a8cdd58dcc-MIA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 91ms
60ms Media
audio/mpeg 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.11225417142271277

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5211150affa5b8350f60ea5a4f77a41fdde7b4160cc3df64a7830a05c1925a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.herocosmetics.us/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 18 Sep 2023 07:31:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 cart.js Show response
www.herocosmetics.us/ 283 B
2 KB 153ms
152ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/cart.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4f67edfb4ed2824cce76fae1eb2af5e25d11e863ea335f3929275829b9fe6437

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=15, db;dur=5, asn;desc="9009", edge;desc="MIA", country;desc="US", servedBy;desc="zgd9", requestID;desc="b62d9f0c-7314-4fd6-92f8-77bc6a2eb70b", cfRequestDuration;dur=115.999937
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: b62d9f0c-7314-4fd6-92f8-77bc6a2eb70b
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 21814481
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQK%2BTeWDyOvK4F6m9F8yVyrWOnkXZgBKTtNB6ww1dRxPv7Lsq%2BcB%2BXwR8HJ6AGwmw8SDWF%2BfHQ3e5Af4VFvEHmScsk80XDafCIjI2P58eEjCuYkDU97nbZwP%2BXGd0kuR6vrvVvnJ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 8087e3a8fea90318-MIA
x-sorting-hat-podid: 41
x-cartjs-updatedat: 0

GET
H3 200 208.baseline.en.d13f404ca07e7265619f.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
193 KB 59ms
59ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/208.baseline.en.d13f404ca07e7265619f.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 320502
content-encoding: br
server-timing: imagery;dur=142.452, imageryFetch;dur=43.342, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 608366fc-1a66-4cec-be2d-b6e9b8a191d8
last-modified: Thu, 14 Sep 2023 14:28:49 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ugdxw85bd0FmBCyuJbRPpblhpA4KIdOU%2FlmdYyu8HshwbbtQCjVyEkqNO5BZSgMxO4P4PSAfceatwapPd1N1UmqBiBkM9uXiwWF8ZSqeOI7X%2Fh9ax1ipst25bFPsqRwgkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/208.baseline.en.d13f404ca07e7265619f.js>; rel="canonical"
cf-ray: 8087e3a8fda56de3-MIA

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 760ms
284ms XHR
application/json 63.32.22.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.32.22.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-22-194.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dade80ebcccb57e814d6e8e5941f36dc6b5f21bcc03c6f2e0078c78cfb0d12f3

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Sep 2023 07:31:27 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 loggedincustomer Show response
www.herocosmetics.us/apps/ 3 B
2 KB 358ms
357ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herocosmetics.us/apps/loggedincustomer

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.herocosmetics.us/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-central1,gcp-us-central1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: cfRequestDuration;dur=319.000006, earlyhints
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 21814481
x-request-id: 89ecda64-899d-4314-920f-9797e9045399
x-shardid: 41
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56hQqdOzZ2adO3AfQEPXWKaMT1ea%2FsMT%2BwTBlFmIEPAlC4%2FUSuPFh2rxWIDZAfRtfeZOYGCa7ajNp7NnXY%2B3jOuFjihNYkzopCnw3Ws7x0XSi6sVvOLGcZjGhoIo7a4S30hR4yxn"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: application/json; charset=utf-8
x-shopid: 21814481
cf-ray: 8087e3ab2f520318-MIA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 41

POST
H3 200 produce
www.herocosmetics.us/.well-known/shopify/monorail/v1/ 0
735 B 63ms
62ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herocosmetics.us/.well-known/shopify/monorail/v1/produce
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: shops.myshopify.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herocosmetics.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: 3dd97590-6658-43fc-a794-09d4e1374fb2
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtC%2F7wnphiv8kJFxN%2F48N5XXvyrFtnKYG2pHWXgL6NPvV914SFdkzmyde0icAN1vyeuVo%2FDmXfghEWq3G1n1fZMKHif14c5pOyuIgcCz8xDC26aEh5Sjp0MgXhpo%2FNAlYjay4cvk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.herocosmetics.us
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8087e3abaf770318-MIA

GET
H3 200 451.baseline.en.8f387d6838ec2533b82b.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
26 KB 48ms
47ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/451.baseline.en.8f387d6838ec2533b82b.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 821505
content-encoding: br
server-timing: imagery;dur=60.092, imageryFetch;dur=59.905, cfRequestDuration;dur=7.999897
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 65ffca17-5f87-48bf-ac4b-39b9fe81c5fc
last-modified: Fri, 08 Sep 2023 19:19:39 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OR7FcfLgERwx6Ql39tcbwcGgEluQC6ArGF6XwBa7CxGy4SpCrm10jW%2Fyevd1JNSpD3j5%2BTVNU42yZBO3M6Eu%2BrGXp8xyOC02RedPZjDlJAjwJtnAvVARYZ28E1FeC09jAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/451.baseline.en.8f387d6838ec2533b82b.js>; rel="canonical"
cf-ray: 8087e3abae886de3-MIA

GET
H2 200 main.b4887131.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 98ms
93ms Script
application/javascript 2600:141b:13:7a6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a6::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "aa7df97ef17cd5e7b3b0e69ee5fe57f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18175

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 0DD0 25 KB
6 KB 47ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDF3FE976HR4V00W
age: 1840945
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0blpswMIFAOhaVlqnAzdEHdtFfFaaGOi0CdPv+HUzj2+AAujGo6szwFwyDrsM12QGgkbEMVxSxQ=
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsFgKM19uIPzvNRNrTFGayXk6vsE354lqAPPn612ZqKcYR7dwbxVLrKOw%2BeBQMKmLcwwr1eC9T%2FrAhMcwNJ50HMV2fb5vj5fofekPkcr%2BqZoNIBds0H6rNsidLhAaF9L6JIuXrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8087e3aca84e8dcc-MIA
expires: Fri, 23 Aug 2024 03:39:37 GMT

GET
H2 200 config Show response
herocosmetics.zendesk.com/embeddable/ Frame 0DD0 820 B
1 KB 182ms
78ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herocosmetics.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2650788b0179a99616bf99980e8c67f11456a40f9b007ffa83052f5660d2b6dc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-6c598dd9f9-wcrfz
x-cached: STALE
x-request-id: 8087dfdd7e912939-LAX
x-runtime: 0.002332
last-modified: Mon, 18 Sep 2023 07:29:41 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAISiYttd6i5NbSuPzSH7BPfbgpJECNXLurR%2B8RKypp%2FcPTxb9V%2BTVWiiEXbExSn8MkH4VH3HcNmE2IUseGn9O6kApLCKuCUzpS9cMiMa5ePItV0je01St716F4q%2BmX7orA%2BFERJdlLFpls%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8087e3ad4ad04c21-MIA

GET
H3 200 app.baseline.en.e5e326210075791c897c.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
329 KB 58ms
57ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.baseline.en.e5e326210075791c897c.js

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 197054
content-encoding: br
server-timing: imagery;dur=68.621, imageryFetch;dur=68.407, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4cf6f41c-03d9-437f-aa3d-e4cc029c29ff
last-modified: Sat, 16 Sep 2023 00:46:44 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2Bkowv4eqAM%2BQrGaGfmv8HitO3bCgFgRViXykQSlvFbCawaAT8tPY28e6wjKVaB2%2BpddX2p3%2FObwG1nHBnV6PknFSWQ3gMpeFg%2BCd2WuMdOxyxeAHBBndqbwsg1Z0WbNLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.baseline.en.e5e326210075791c897c.js>; rel="canonical"
cf-ray: 8087e3ad0f096de3-MIA

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
816 B 159ms
67ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613867077094&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1695022286881&dep=2%2CPAGE_LOAD
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 08daf7d9b447083b35810607993da728edef5c5c54f0a4d1d14f97feabe217c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1630903117975770
content-length: 389
pin-unauth: dWlkPVlqWm1OelJsWldRdE9XWmtPQzAwWW1FM0xUZzVabU10Tnpkak9EVTVOVE5qTlRFeA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: ebb329885d2cf937e4434aa41a5b3d0817051309
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
506 B 158ms
68ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613867077094&cb=1695022286883&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/cdn/shopifycloud/shopify/assets/shop_events_listener-4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 08daf7d9b447083b35810607993da728edef5c5c54f0a4d1d14f97feabe217c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 5803646566045150
content-length: 389
pin-unauth: dWlkPVpUVTBNbUZoTXpZdFlUVTJNQzAwWldJeUxXRmpZVGd0TlRBMk1tSTVaREprTnpnMQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.herocosmetics.us
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: ebb329885d2cf937e4434aa41a5b3d0817051309
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web-widget-chat-sdk-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 0DD0 202 KB
51 KB 50ms
50ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:26 GMT
x-amz-version-id: Gf4KFmmSRtALGQTFrJvpXz0Cxt2OhtK2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDFFE7MMEGNE31NJ
age: 1840945
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tejftzGEnw4bQ+y20xwWi2EehpKJil3jYIkE0TCnIzAR2MG+Xj/Hk/wrE4E3DbnCkShhL3ypAQU=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3208a9957c2dcf9612763d1d3138069"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAS0eHyw1D4YtBqaQNeSgHmsE7HzvkWSZviYK%2Fs9QBrobf6i1go9O6yG64QBoEk4y1SsfyCNdNy6KaPhrDwv7%2BBmPfBFJzcHkEXKIfv2fxsP2UvHVlMhEw%2BNbfBiv97ZyWsaPD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8087e3ad48ad8dcc-MIA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
184 B 87ms
69ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613867077094&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1695022286956
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: ebb329885d2cf937e4434aa41a5b3d0817051309
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 5455104334003456
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bootstrap.min.css
cdn-swell-assets.yotpo.com/ Frame 37D6 128 KB
17 KB 36ms
35ms Stylesheet
text/css 192.229.163.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Requested by: Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.368.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B23) /
Resource Hash: d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
content-encoding: gzip
x-amz-version-id: null
last-modified: Sat, 03 Nov 2018 07:07:15 GMT
server: ECS (mic/9B23)
age: 16698163
x-amz-request-id: W87M0PV960R476FY
etag: "ac7e8e8ff20e7d843326d71a28ecb087+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
content-length: 16944
x-amz-id-2: yJncTmWc1xaMWECMhsuocPcY3XUemIObS7SY6WScTwUWMQOf1359zXp/30cWmFSR8PFrw3ZOM64=

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 37D6 30 KB
7 KB 139ms
44ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.368.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 11801529
cdn-cachedat: 07/15/2022 17:39:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fd988eff7e18a1438cab136d55eb10e6
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8087e3ae6b0e9abf-MIA
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ 8 KB
745 B 83ms
83ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,bold,normal

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.368.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 07:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 07:01:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 07:31:27 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame B153 565 B
401 B 63ms
63ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.herocosmetics.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 18 Sep 2023 07:31:27 GMT
pinterest-version: ebb329885d2cf937e4434aa41a5b3d0817051309
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1622840856259076

GET
H3 200 734.baseline.en.2ed0c231ecc27f505f88.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
35 KB 52ms
51ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/734.baseline.en.2ed0c231ecc27f505f88.css

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 223245
content-encoding: br
server-timing: imagery;dur=217.675, imageryFetch;dur=29.088, cfRequestDuration;dur=7.999897
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: caa01c7e-2daa-4506-9349-78e523eaddda
last-modified: Fri, 15 Sep 2023 17:23:04 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl0SdBuqtxhaH0heYVof%2BHQI887MAEu8J1O%2FrlZr%2FBw%2FKrJ2H3lxGMUHp5O5UFMQ4o1JbxFgAYY6lTxeQuSqgovDYy9hm7wR%2FnyiO0nOCWBPhVl4KtGYjn4tjLXSOSeRIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/734.baseline.en.2ed0c231ecc27f505f88.css>; rel="canonical"
cf-ray: 8087e3ae8f8f6de3-MIA

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
330 B 67ms
66ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613867077094&cb=1695022287126&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlqWm1OelJsWldRdE9XWmtPQzAwWW1FM0xUZzVabU10Tnpkak9EVTVOVE5qTlRFeA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.herocosmetics.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Sep 2023 07:31:27 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: ebb329885d2cf937e4434aa41a5b3d0817051309
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
x-pinterest-rid: 8644355078309144
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 37D6 8 KB
745 B 83ms
83ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:300,400,700,bold,normal

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.368.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Sep 2023 07:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 05:55:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Sep 2023 07:31:27 GMT

GET
H3 200 app.baseline.en.c04a900501671c645958.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 49ms
48ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.baseline.en.c04a900501671c645958.css

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 388647
content-encoding: br
server-timing: imagery;dur=79.921, imageryFetch;dur=79.111, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c59f631d-72a5-4e86-bbae-f0cad3cc3744
last-modified: Wed, 13 Sep 2023 19:33:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWFrJ1oNvrYbZxm4ikJ%2BFBd2iFbFsE%2FsnTr9pmwVsxGCasoS9YHXJREV4N2DV5jC6S9UAMvlaYbpCPey1MxVdowFDTi66GzjKlE0jIqxrlWpg07B%2B202DUl5w11a7URHqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.baseline.en.c04a900501671c645958.css>; rel="canonical"
cf-ray: 8087e3af4fd36de3-MIA

GET
H3 200 739.baseline.en.4926185a8bfbcf2468cb.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 50ms
50ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/739.baseline.en.4926185a8bfbcf2468cb.css

Requested by

Host: www.herocosmetics.us
URL: https://www.herocosmetics.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Leduc, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.herocosmetics.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 826913
content-encoding: br
server-timing: imagery;dur=39.086, imageryFetch;dur=37.795, cfRequestDuration;dur=11.999846
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0b31262e-ff8c-4a67-a506-2dbd4ce02470
last-modified: Fri, 08 Sep 2023 17:49:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXu4B0xQJCrIn2Dz%2B69bXZgz9cxYBQEE8eHgRU1vVKh%2FFhafdaUYM7tGHltDlNL2P0llPuHEwWxHV2UR3%2FNOwEd8w1IjwJ3SYyVWmH8Ee9sFUO0YBTCjf1Yr5eH%2FPjt6mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/739.baseline.en.4926185a8bfbcf2468cb.css>; rel="canonical"
cf-ray: 8087e3afbfee6de3-MIA

GET
H2 200 web-widget-chat-incoming-message-notification-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 0DD0 236 B
617 B 45ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
x-amz-version-id: 46qKELeTBWCwzvVGXozLgYao3Jv6zCoR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDF9HF3Y8W0PVSQC
age: 1840945
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fZDV0xg3FsFxrpZT9QCSaXjJuIqYZ/vFRf9YulowyRM5BpKf0DQIj2BxZq4TB6yykA80c5/5Xc6LsuxXSreimA==
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lil3KaNz4niDIQbtDq34wmGKZtTCsPCPDs%2BcIc6TplUlB%2Fgc%2B83SFJ0UNWiW13TMAB1ayF1BGWzeARvnnlGxaiv7LwREWK%2B%2FJTSjcGO0BvGOH0wyYxFHLg7qp5lU6oTmIbuv3Lo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8087e3b1fb628dcc-MIA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 0DD0 19 KB
20 KB 49ms
48ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 18 Sep 2023 07:31:27 GMT
x-amz-version-id: Dhfyi7.BwdDs73khKVLly.CpqC3d5sZl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 91EYW58DWWJ9G5PF
age: 8688900
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: J6+o8cLTcs9Rv9aYxL55RpBzPwOz8zYrpvObjb0LsP7Awf2vb230RiEwpu09p+X+P51xfZKDu30=
last-modified: Mon, 01 May 2023 05:14:24 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E7L0CnXGu1dZ%2Be%2FqkWSeTa%2BMshnrZlF6T7In3QQ2BssdmeKYb%2B7DYlMAj5VqNEypeb5sXNatTw%2BMv4l5iX%2BGFszvBSKjaR2%2F8eRknv7NV2EYKrwjEYgPPGKOJ4lWWwVTQat2uE%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8087e3b24b878dcc-MIA
expires: Tue, 30 Apr 2024 05:14:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID

Verdicts & Comments Add Verdict or Comment

258 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

127 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 14:51:48	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.herocosmetics.us/	1970-01-20 23:37:24	Name: secure_customer_sig Value:
www.herocosmetics.us/	1970-01-20 15:10:31	Name: localization Value: US
www.herocosmetics.us/	1970-01-20 15:10:31	Name: cart_currency Value: USD
.herocosmetics.us/	1970-01-20 23:35:58	Name: _y Value: cc56a0ec-b2d0-4fcb-b3d8-f70fb2245fa7
.herocosmetics.us/	1970-01-20 14:50:24	Name: _s Value: e25213cc-6035-45c3-ae94-e8ee627e7ace
.herocosmetics.us/	1970-01-20 23:35:58	Name: _shopify_y Value: cc56a0ec-b2d0-4fcb-b3d8-f70fb2245fa7
.herocosmetics.us/	1970-01-20 14:50:24	Name: _shopify_s Value: e25213cc-6035-45c3-ae94-e8ee627e7ace
.herocosmetics.us/	1970-01-20 14:50:24	Name: _shopify_tm Value:
.herocosmetics.us/	1970-01-20 15:10:31	Name: _shopify_tw Value:
.herocosmetics.us/	1970-01-20 23:35:58	Name: _shopify_m Value: session
.herocosmetics.us/	1970-01-20 15:10:31	Name: _orig_referrer Value:
.herocosmetics.us/	1970-01-20 15:10:31	Name: _landing_page Value: %2F
.herocosmetics.us/	1970-01-20 14:50:24	Name: _shopify_sa_t Value: 2023-09-18T07%3A31%3A24.245Z
.herocosmetics.us/	1970-01-20 14:50:24	Name: _shopify_sa_p Value:
www.herocosmetics.us/	1970-01-20 15:20:36	Name: shopify_pay_redirect Value: pending
.herocosmetics.us/	1970-01-20 16:59:58	Name: _gcl_au Value: 1.1.207420986.1695022284
www.herocosmetics.us/	1970-01-21 00:26:22	Name: __attentive_id Value: af886addd5d044db87dcfee03d966a33
www.herocosmetics.us/	1970-01-21 00:26:22	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjk1MDIyMjg0MzMwLFwidW9cIjoxNjk1MDIyMjg0MzMwLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcImFmODg2YWRkZDVkMDQ0ZGI4N2RjZmVlMDNkOTY2YTMzXCJ9In0=
www.herocosmetics.us/	1970-01-21 00:26:22	Name: __attentive_cco Value: 1695022284332
www.herocosmetics.us/	1970-01-21 00:26:22	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2OTUwMjIyODQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lmhlcm9jb3NtZXRpY3MudXMvIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjk1MDIyMjg0LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5oZXJvY29zbWV0aWNzLnVzLyJ9fQ==
.tiktok.com/	1970-01-21 00:11:58	Name: _ttp Value: 2VYoHAqyQoS0K265LDvP7778as5
www.herocosmetics.us/	1970-01-20 14:50:24	Name: __attentive_pv Value: 1
www.herocosmetics.us/	1970-01-20 14:50:24	Name: __attentive_ss_referrer Value: ORGANIC
www.herocosmetics.us/	1970-01-20 15:10:31	Name: cart_sig Value: b315e27a77863f3a7cb0452f1a85ad15
.www.herocosmetics.us/	1970-01-20 23:35:58	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Sep+17+2023+21%3A31%3A24+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=63221f26-01b0-48e4-aa31-3c97ff705826&interactionCount=0&landingPath=https%3A%2F%2Fwww.herocosmetics.us%2F&groups=C0001%3A1%2CBG3%3A1%2CC0004%3A1%2CC0003%3A1%2CC0002%3A1
.herocosmetics.us/	1970-01-21 00:20:08	Name: _scid Value: 9f37e092-5e47-432b-9e84-f1e65808ff07
.herocosmetics.us/	1970-01-21 00:20:08	Name: _scid_r Value: 9f37e092-5e47-432b-9e84-f1e65808ff07
www.herocosmetics.us/	1970-01-20 14:51:48	Name: __attentive_dv Value: 1
.herocosmetics.us/	1970-01-20 14:51:48	Name: _gid Value: GA1.2.1073059079.1695022285
.herocosmetics.us/	1970-01-20 14:50:22	Name: _gat_UA-102753205-1 Value: 1
.herocosmetics.us/	1970-01-21 00:26:22	Name: _ga_D939QWJC76 Value: GS1.1.1695022284.1.0.1695022284.60.0.0
.herocosmetics.us/	1970-01-21 00:26:22	Name: _ga Value: GA1.1.272856543.1695022285
.herocosmetics.us/	1970-01-20 23:35:58	Name: _tracking_consent Value: %7B%22region%22%3A%22USFL%22%2C%22reg%22%3A%22%22%2C%22con%22%3A%7B%22CMP%22%3A%7B%22m%22%3A%221%22%2C%22a%22%3A%221%22%2C%22p%22%3A%221%22%2C%22s%22%3A%22%22%7D%7D%2C%22lim%22%3A%5B%22GDPR%22%5D%2C%22v%22%3A%222.1%22%7D
.herocosmetics.us/	1970-01-21 00:11:58	Name: _tt_enable_cookie Value: 1
.herocosmetics.us/	1970-01-21 00:11:58	Name: _ttp Value: wZkKgTZZLqBrTlj_AQh9kh9AwVE
.herocosmetics.us/	1970-01-20 16:59:58	Name: _fbp Value: fb.1.1695022284895.2009900296
.snapchat.com/	1970-01-21 00:11:58	Name: sc_at Value: v2\|H4sIAAAAAAAAAEs2TEqySEtK0U0zNDHTNTE2NdZNTEwx17U0M7ZMSjUGShpb1BiaGFgZmlmaGhgZGVmY1iAxDQAM/K6nQAAAAA==
.tapad.com/	1970-01-20 16:16:46	Name: TapAd_TS Value: 1695022285176
.tapad.com/	1970-01-20 16:16:46	Name: TapAd_DID Value: c7fed85c-4210-4d7e-8d2e-a6a773f88829
.tapad.com/	1970-01-20 16:16:46	Name: TapAd_3WAY_SYNCS Value:
.herocosmetics.us/	1970-01-21 00:20:08	Name: _sctr Value: 1%7C1694944800000
.herocosmetics.us/	1970-01-20 14:51:48	Name: _uetsid Value: 5fd38ab055f511ee9b7aa38b911e0200
.herocosmetics.us/	1970-01-21 00:11:58	Name: _uetvid Value: 5fd3fc2055f511ee82c1a1da0c323908
www.herocosmetics.us/	1970-01-21 00:26:22	Name: _sp_id.4add Value: 9f42355730c794df.1695022286.1.1695022286.1695022286
www.herocosmetics.us/	1970-01-20 14:50:24	Name: _sp_ses.4add Value: *
.bing.com/	1970-01-21 00:11:58	Name: MUID Value: 3443705B32A46C872BA363CB33C86D9C
.bat.bing.com/	1970-01-20 15:00:27	Name: MR Value: 0
.herocosmetics.us/	1970-01-20 16:59:58	Name: _rdt_uuid Value: 1695022285906.acbf4bab-8d15-4eb2-8dd8-bcf3a0f6c72f
.amazon-adsystem.com/	1970-01-20 19:32:36	Name: ad-id Value: A6mcfhtJUUWSjGA_uT34SOU
.amazon-adsystem.com/	1970-01-21 00:26:22	Name: ad-privacy Value: 0
www.herocosmetics.us/	1969-12-31 23:59:59	Name: locale_bar_accepted Value: 1
mpsnare.iesnare.com/	1970-01-20 23:35:58	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: mvwz1BFLe+IyZmOISRq62DUYXnun/Frw7EYp39lOzPA=
.yotpo.com/	1970-01-20 23:35:58	Name: pixel Value: 50496ef3-2a83-43b5-5222-6ed15bde5653
.t.co/	1970-01-21 00:26:22	Name: muc_ads Value: 2b1354c3-39ba-41d2-acff-db52ad4ffd8d
.twitter.com/	1970-01-21 00:26:22	Name: guest_id_marketing Value: v1%3A169502228610632695
.twitter.com/	1970-01-21 00:26:22	Name: guest_id_ads Value: v1%3A169502228610632695
.twitter.com/	1970-01-21 00:26:22	Name: personalization_id Value: "v1_DcWANm6O+tkBIBpfPs03Dw=="
.twitter.com/	1970-01-21 00:26:22	Name: guest_id Value: v1%3A169502228610632695
.herocosmetics.us/	1970-01-20 23:35:58	Name: _hjSessionUser_1133465 Value: eyJpZCI6ImVmMTA4ZWQwLWUzYjItNWU0YS1iMGUxLWU0MTRlYjFhM2ZiNSIsImNyZWF0ZWQiOjE2OTUwMjIyODYyODMsImV4aXN0aW5nIjpmYWxzZX0=
.herocosmetics.us/	1970-01-20 14:50:24	Name: _hjFirstSeen Value: 1
.herocosmetics.us/	1970-01-20 14:50:22	Name: _hjIncludedInSessionSample_1133465 Value: 1
.herocosmetics.us/	1970-01-20 14:50:24	Name: _hjSession_1133465 Value: eyJpZCI6ImJiNzljMThlLWRkNGItNDEyZC04Njg2LTU3YmUzMmJiNDBkZiIsImNyZWF0ZWQiOjE2OTUwMjIyODYyODUsImluU2FtcGxlIjp0cnVlfQ==
.herocosmetics.us/	1970-01-20 14:50:24	Name: _hjAbsoluteSessionInProgress Value: 0
.casalemedia.com/	1970-01-20 23:35:58	Name: CMID Value: ZQf8ziY4BtOYfoagiXK3tAAA
.casalemedia.com/	1970-01-20 16:59:58	Name: CMPS Value: 408
.casalemedia.com/	1970-01-20 16:59:58	Name: CMPRO Value: 408
.connatix.com/	1970-01-20 15:33:34	Name: cnx_userId Value: 8faa9b2a8eab45948721c284e5730556
.smartadserver.com/	1970-01-21 00:20:36	Name: pid Value: 1053084565109556129
.smartadserver.com/	1970-01-21 00:20:36	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:37:24	Name: csync Value: 144:7QfgYiV7STa6QMm9k5gRjQ
.360yield.com/	1970-01-20 16:59:58	Name: tuuid Value: ae119d61-f561-48c8-8d45-8b897946cfdb
.360yield.com/	1970-01-20 16:59:58	Name: tuuid_lu Value: 1695022286
.bidswitch.net/	1970-01-20 23:35:58	Name: tuuid Value: e992aef0-8d5c-4ca4-aec5-ed41fbee56f3
.bidswitch.net/	1970-01-20 23:35:58	Name: c Value: 1695022286
.bidswitch.net/	1970-01-20 23:35:58	Name: tuuid_lu Value: 1695022286
.yahoo.com/	1970-01-20 23:36:19	Name: A3 Value: d=AQABBM78B2UCELVJlKuwiltxahZyA-zRuKUFEgEBAQFOCWURZdxH0iMA_eMAAA&S=AQAAAt1cO3_JqFEJ82NpanplL7E
.adnxs.com/	1970-01-20 16:59:58	Name: uuid2 Value: 5730215081755541431
.agkn.com/	1970-01-20 23:35:58	Name: ab Value: 0001%3A6amUdgzZWAo%2FtJXL0nxjdfh9lQq21WIR
.tremorhub.com/	1970-01-20 23:36:19	Name: tvid Value: d6b2e2a258db48d69ae1d0b83bd090ee
.tremorhub.com/	1970-01-21 00:26:22	Name: tv_UIAM Value: 7332e8beee2c4ae19c6883cff9274761
.bluekai.com/	1970-01-20 19:12:27	Name: bku Value: b/X991fXOtPiOjX7
.bluekai.com/	1970-01-20 19:12:27	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.360yield.com/	1970-01-20 16:59:58	Name: umeh Value: !416,0,1757230286,-1
.adnxs.com/	1970-01-20 16:59:58	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2C%ytHX.`!]tbPl1M]o$IyEVUcJSq<Ujtk8zo#fDGlC<tE)LVD3<9cv%-2A3T:Q#BI7y)N[UD!!-$Y#-)c
.analytics.yahoo.com/	1970-01-20 23:35:58	Name: IDSYNC Value: "195g~2dzj:19b9~2dzj"
.360yield.com/	1970-01-20 16:59:58	Name: um Value: !416,3trTqM2qr5wz2KIOiCe5cOqb,1702798286
.herocosmetics.us/	1970-01-20 14:51:48	Name: _cmp_a Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D
www.herocosmetics.us/	1970-01-20 14:50:24	Name: keep_alive Value: 704c0fe6-8db4-4134-83d7-f7d541a6d27f
.krxd.net/	1970-01-20 19:09:34	Name: _kuid_ Value: PzY_px5o
.pinterest.com/	1970-01-20 23:35:58	Name: ar_debug Value: 1
ads.samba.tv/	1970-01-21 00:20:36	Name: sambapxid Value: 11d706812fcbcbe39
.herocosmetics.us/	1970-01-20 23:35:58	Name: _pin_unauth Value: dWlkPVlqWm1OelJsWldRdE9XWmtPQzAwWW1FM0xUZzVabU10Tnpkak9EVTVOVE5qTlRFeA
.rubiconproject.com/	1970-01-20 23:35:58	Name: khaos Value: LMOKI772-7-LBLN
.ct.pinterest.com/	1970-01-20 23:35:58	Name: _pinterest_ct_ua Value: "TWc9PSZBcndieit3OEs3UENldzhxTGNsdzVRR0FMdDhRUkZXRXIvZ3c3WXJQd1RuQlFxVTlVckh1YzJuWXVmM2dlUExHd29OS3g3T2dxVGlqd0J1b0U0cmhoN1NydFBaNDZkNUNOdGgyRmxRQTdwdz0mQTZGZEh0M05Sa0RLdDlMV0N6L2lMYkJtYjg0PQ=="
.mookie1.com/	1970-01-21 00:19:10	Name: id Value: 10594858868441447362
.mookie1.com/	1970-01-21 00:19:10	Name: mdata Value: 1\|10594858868441447362\|1695022287172
.mookie1.com/	1970-01-21 00:19:10	Name: ov Value: c79b6b7bdfa68c7ed4a41810f330c453
.adform.net/	1970-01-20 15:33:34	Name: C Value: 1
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1695022287_1
.serving-sys.com/	1970-01-20 15:33:34	Name: u2 Value: d77e83ca-545f-4a8e-abc5-92ae213191254Oy070
.adform.net/	1970-01-20 16:16:46	Name: uid Value: 4305385767934839413
.demdex.net/	1970-01-20 19:09:34	Name: demdex Value: 13106388975118785264064329789567090867
widget-mediator.zopim.com/	1970-01-20 15:00:27	Name: AWSALBCORS Value: hz6F1SNULtccorNZbpX2ncmtC98mJNeUyUbfs8RiI1MssTtkas89t+SeZwIKe7Pmj3RpsCqss28gZyc1xAnq4Xcy44Na8dXAbFLVpxSyGCiGa7+cM0TUNJcFnhzB
.doubleclick.net/	1970-01-21 00:26:22	Name: IDE Value: AHWqTUmn39AmARNKHcPLJwVQIWolNTaMNCBZ89TEczp6pwbbM3321kR7-sMiD603l9A
.openx.net/	1970-01-20 23:35:58	Name: i Value: 7a508cca-151d-49c9-8782-6c8b690d726d\|1695022287
.scorecardresearch.com/	1970-01-21 00:26:22	Name: UID Value: 181a742694f5bffd20c94171695022287
.dpm.demdex.net/	1970-01-20 19:09:34	Name: dpm Value: 13106388975118785264064329789567090867
.3lift.com/	1970-01-20 16:59:58	Name: tluid Value: 2993537602421251521901
.kargo.com/	1970-01-20 23:35:58	Name: ktcid Value: 5cc5d180-cf4f-09a9-5b9a-1b06622719f6
.herocosmetics.us/	1970-01-20 23:35:58	Name: __zlcmid Value: 1Hum8BGnrrSNbwO
.pubmatic.com/	1970-01-20 16:59:58	Name: KRTBCOOKIE_290 Value: 23219-dnGtqpvyTpaO3E1p_vEa0g&KRTB&23261-dnGtqpvyTpaO3E1p_vEa0g
.pubmatic.com/	1970-01-20 15:33:34	Name: PugT Value: 1695001450
.ispot.tv/	1970-01-21 00:26:22	Name: pt Value: v2:4dbd7ff578bd59fb8835f8798ab630c2acc2c91ae7968333eaceb373dd13bd39\|0613170a82071cb01550ddf1fc4d16212c1bcc9b97c110f029ca347c80d869f0
.rubiconproject.com/	1970-01-20 23:35:58	Name: audit Value: 1\|KNCJU3tZT56Jgi4tNdMixHRQG5Ro8ljwFDzH9pPFuxk8fCYmOTvXgyFf/L50Xb+02fX1inihaW1CbuL7wqM7W1b7+lYqTGSeQS7q4WQ6vbXZTuL9XoaHv+iEw3tw1Uy4WCH6sZYBic5/pOe1CWJEfoSn0+I4giw+qF7VFZLzNs+yqVI1k5poNA==
.semasio.net/	1970-01-20 23:35:58	Name: SEUNCY Value: CA6AC2EE99268155
.exelator.com/	1970-01-20 17:43:10	Name: EE Value: "e3cba261e24724e120afcdb43cdf4bc9"
.ninthdecimal.com/	1970-01-20 23:35:58	Name: ndat Value: Ch5o7mUH/M/C1gAlIokuAg==
.exelator.com/	1970-01-20 17:43:10	Name: ud Value: "eJxrXxzq6XKLQSHVODkp0cjMMNXIxNzIJNXQyCAxLTklycQ4OSXNJCnZcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQfEl%252BUWb6otDgxUUpaQyLSopPBR8NngUA2m0rFA%253D%253D"
.yieldmo.com/	1970-01-20 23:35:58	Name: yieldmo_id Value: 3R75bMM665MHKSbV7uiy%7C1694995200000%7C0
.ads.yieldmo.com/	1970-01-20 23:35:58	Name: ptramazon Value: JXD5kp2wSCeMjw7khbgTgA
.pubmatic.com/	1970-01-20 23:35:58	Name: KADUSERCOOKIE Value: 25D285F4-6DBB-4FD1-B35F-27D0159F9F85
.taboola.com/	1970-01-20 23:35:58	Name: t_gid Value: 6567768b-e191-4a0a-88fd-3bc6dc26627e-tuctc018250
.taboola.com/	1970-01-20 23:35:58	Name: t_pt_gid Value: 6567768b-e191-4a0a-88fd-3bc6dc26627e-tuctc018250
.mediarithmics.com/	1970-01-20 23:35:58	Name: mics_vid Value: 49741418875
.mediarithmics.com/	1970-01-20 23:35:58	Name: mics_uaid Value: web:1:d10dcab4-5f4e-463a-9241-c4f28eb674c9
.mediarithmics.com/	1970-01-20 23:35:58	Name: mics_lts Value: 1695022288124

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://www.herocosmetics.us/ Message: The resource https://www.herocosmetics.us/cdn/shop/t/230/assets/FuturaPT-Book.woff2?v=5995143545136339961694645051 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.herocosmetics.us/ Message: The resource https://www.herocosmetics.us/cdn/shop/t/230/assets/FuturaPT-ExtraBold.woff2?v=15753262588351468981694645055 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.herocosmetics.us/ Message: The resource https://www.herocosmetics.us/wpm@807df045w36eb870bp858e4efdm07092c7a/web-pixel-shopify-app-pixel@0559/sandbox/worker.modern.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
app.backinstock.org
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
capi.connatix.com
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn-widgetsrepository.yotpo.com
cdn.attn.tv
cdn.cookielaw.org
cdn.shopify.com
cdnjs.cloudflare.com
cld.accentuate.io
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
content.hotjar.io
cookie-matching.mediarithmics.com
crb.kargo.com
creatives.attn.tv
ct.pinterest.com
d275fvz7g8rvo.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
ekr.zdassets.com
events.attentivemobile.com
fonts.googleapis.com
geolocation-recommendations.shopifyapps.com
geolocation.onetrust.com
googleads.g.doubleclick.net
hero.attn.tv
herocosmetics.us
herocosmetics.zendesk.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
loyalty.yotpo.com
match.360yield.com
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
odr.mookie1.com
p.yotpo.com
pc-quiz.s3.us-east-2.amazonaws.com
pi.ispot.tv
pixel.rubiconproject.com
pixel.streetmetrics.io
pixel.tapad.com
public-prod-dspcookiematching.dmxleo.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
shop.app
shopify-gtm-suite.getelevar.com
ssapi.herocosmetics.us
ssum-sec.casalemedia.com
static-tracking.klaviyo.com
static.ads-twitter.com
static.hotjar.com
static.klaviyo.com
static.myshlf.us
static.zdassets.com
staticw2.yotpo.com
stats.g.doubleclick.net
sync-amazon.ads.yieldmo.com
sync.rfp.fout.jp
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
www.datadoghq-browser-agent.com
www.dwin1.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.herocosmetics.us
www.imdb.com
www.redditstatic.com
x.bidswitch.net
sync.search.spotxchange.com
t.myvisualiq.net
104.16.53.111
104.18.26.193
104.18.72.113
104.244.42.3
104.244.42.5
104.36.115.113
107.23.111.41
108.138.106.100
108.139.47.50
108.139.53.136
13.225.63.247
13.35.93.109
141.226.224.48
142.250.64.66
146.75.36.157
151.101.128.84
151.101.194.133
151.101.2.133
151.101.65.140
151.101.66.132
172.64.144.121
172.64.146.152
172.64.148.35
18.164.113.226
18.164.96.90
18.219.26.209
18.238.55.55
184.50.205.247
185.146.173.20
185.167.164.49
192.229.163.223
198.54.201.131
2001:4860:4802:38::15
23.105.12.150
23.227.38.32
23.227.38.33
23.227.38.74
23.227.60.200
23.49.248.203
2600:141b:13:7a1::1d72
2600:141b:13:7a6::1931
2600:1f18:612b:4232:333c:fbab:e531:2e93
2600:9000:21da:200:1c:9484:cec0:93a1
2600:9000:21dd:6800:1:d5ae:c900:21
2600:9000:2209:f400:f:8ce2:fb80:93a1
2600:9000:24f1:fe00:a:78b:4e00:93a1
2606:4700:20::681a:44f
2606:4700:3031::6815:267e
2606:4700:4400::6812:2089
2606:4700::6810:7caf
2606:4700::6811:180e
2606:4700::6812:83ec
2606:4700::6812:acf
2606:4700:e2::ac40:8c1d
2607:f8b0:4004:c08::9c
2607:f8b0:4006:808::200e
2607:f8b0:4006:809::2008
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2004
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::396
3.13.10.152
3.214.176.219
3.233.195.186
34.111.113.62
34.120.58.162
34.200.65.202
34.239.232.190
34.98.64.218
35.173.120.247
35.186.196.148
35.190.43.134
35.190.90.30
35.211.178.172
35.71.139.29
44.214.249.104
50.16.197.56
50.57.31.206
52.1.135.30
52.219.108.186
52.39.147.20
52.46.128.147
52.6.11.66
54.208.211.39
54.210.106.16
54.235.139.126
54.36.150.180
63.251.28.233
63.32.22.194
68.67.178.10
69.173.151.100
8.28.7.83
0193c7ef24cb1231d427946b421a79fbbffb7b1594b87b7232a485911ae14cfa
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
061f86a77efbb5c2d49cc096ce3237c978f675a675379c28296f41fe0967318f
08daf7d9b447083b35810607993da728edef5c5c54f0a4d1d14f97feabe217c0
099b80f7881a84f6d61abd40094ea5f47172cc686d3323216a7b946be385b225
0c46e557ba3ccc22ffda95b1d6dcda986aaf81f8dee1f7feea066611ca470d5d
0c7006f89b5456537765a7a8b2a8f6c70776d02a6fb594b61d0e05227fb7b09d
0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189
107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26
12a830366ed648c938e9fd2984bfa14cdd221731a1c7569015818da8ade2ae1b
1335632a1bcde72fe95a0d919eab088b1318019746563e0595646a23318e29a9
1370f5033d65efa41ab8eb04c25ad6bca019ecb35c5de12d0fcc4d834bd53fd8
14f582673c048803bb396b98d193b24c5d05ea85e1b7594c9b5dce1026f0ef57
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
1dd2ee80db00c3b3e1b47f9ef612a1baf5b72e7d9c43ad4724d9636136461960
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1fab550aa4ad8ee1224a59e305847120a71b1dc0c0de5eec815bf7b113ccc9d7
215d584c4c9953f6013ed804d2e7a25bc8614589821c91fa9e965a83c0cbd440
227d07f49226139282f27a24f468a315b076188703f931edfb5d572a50a0a5d2
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
2511f97f0c01a302b753d9697deba3a0bc995f3ea0ec5ac7e9db919cdb7d44f5
25e91f0c16604cc2bc123780e97121e82b9f358997a01563909b4c8df6d33d97
2650788b0179a99616bf99980e8c67f11456a40f9b007ffa83052f5660d2b6dc
28be27d04ce0ebac3fcd2862aa85bd45139b448cfa41647480b6a9f0180289e3
2cca9aeb7396d396549ccf1811f14f95124ec7a36c4e99c2e2f00016d05a6302
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f0b75d8eef5d343677271314fe8250ffb198d8d43d0a693bc8a28dcdb4aa959
30a43d41cdcf85ed7cc1cd9303ff7bddbc09542e6fca67692eaa7a320f75c641
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39af69428f9752c07f3de397b58445aa1d7d521f282cb1e1187bafd6c00363f6
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3fa4fd1e31aabb8a3ff5f8bbaae61c86fcb33566abfc08a3b9ff473eaff624d2
3fc7c0c0ed93860d3cd63425004cdd43107736041f18ad632f83c98e1b3511fb
42ada2d1c945bcd6356007746b1371adf56c2bd54c25b86e518b9cb81ec12bdf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4620b7978e4a9ac9b189bb434985724435751e09e5e44a25a48b615ae8420594
489388c496e6154d46c6ed3bb72a397314f236fec26f4e99f400638528cf8e11
49d534f81ce5014a63bb7a35994839e7bb043eba7f7bf8052c69a52c04a39167
4af7d9f734c6cc45ba6b15a57117b5d3bb59dc3282ab5f23e5ed43992418eff6
4befd2c080c534f5e203fbbd2cfed944995be2fb028fae513fc9563369910387
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4c718e6c04604e704e210624d400222cd989eb140a8b7ff479ced4f7c116e96e
4e2f1cda3b092b233248647653bd91fe75f56a01ecca15098e7635e3ff5503b3
4e52d9676b6d0db0bad5fcb9fb59dd2d642a9dd98ec265eaf2aa144bf6463ba2
4f67edfb4ed2824cce76fae1eb2af5e25d11e863ea335f3929275829b9fe6437
5199483a59a14781892e0b13c274251bd95dfe66df669f77c1ce6fb084e47a70
525956f74dfa611e5cb0b1237994f825ef7daf1b1a8d219e9f8c889670705c35
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
54de354b4d7d3eb9116966f4021f8e554ee71beb5885e2626ef5f743ce49103d
585f7acdf02d094353eba06f3a24ecb7da385e2fa8b2c02fb2c3ff751b119081
5b5fcb6946305a44887ab276422d6aa1a245d8708f1527e29e597aaa3e9f9f3d
5b9f5c0e8bf4a5792e2094b5c15c5c2ec55bf9b3f7140b26f3e86f96e5ee4e3b
5f1949c18fa89949138494eabd29776dd2557dc81b0df883120ef4dc57ba9548
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6053bbda10274d73663fb0f0d1d397679459a4477b754750a25600b75a13d1a2
642c592342b7a6aab5718d7ae9c33a70a97c351f5b1236413cb1adb6e3b7f075
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6588cb83d1a63fa0ecea6d4702c7b5056cd80bfa62f7517f50957a6ac67bb635
65b49da2f9c1c5bc0e790c9af18e8718c98afe3db2ab1a77bb6546f399290c27
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
678dfdbfaf5cd8d3e687b2ca1e805f56fab244e4c1a52d354b7ef4ad632d1b58
6a3dbb230b9c333a39405f7dc4115a91bb3dcae67f68c76ac5c81451dc2f4ac2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c93c907c562479e404425339f0abfbe874d66cad18b60f72d2b104aa5e5d33b
6c9c18f6f9f1bf995f2481e9d06afcf744fd311719209fccb70f0fde554101d7
6d2f0e4202b79fd97d5a39fc0443cb3cd0dbe2a356162045afe8b50fe216b1c9
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
728731c7a039773b25702c0acb4ce65bbd32c27d78bde5b13ecb46a1cf902cc8
738b2590b63545921b31c5f5778ffb9a6a2cde05f676efb98e5d860a2271fd2e
7898396661257844856834bdb796b82122541ea0c939c89748ce150f2c0953da
78d652236c11f0b7d7d6dd7f0669240bd4e38b37c0d971e93c9d4626d6df3c81
78e4e4179b64cd0ce8e530dcbba70aea378e8272365d3c84f3582d6e5d33cf4f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aa07cb9eb4dcbd11651911e5b51ddfcca63a7407e4e82f6cbe1e217688af9e3
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b25341cb1cb9cc5963b61183e03057ef8aea8c5323b46d97efd9441a2724d23
7d7d7fbc9d6932a2d423e0bd2f23a926bda23d03a6e254349e628e9afce843d0
7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e
81ebf0e633fdfe21f33576abf495d4b1f03849ce2ff33558825ee148b48c2242
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864bb06e08df0914133d2b094ffdda58aba6f140718e4116c8e6ca7d61a3c13b
86a30eb73fc2d2a95b896cb0121c230c2b4f0683a00d4031ac7158d313107977
88f24e7d97caf5b2406ff74dcbf9918f549f573b5815bf4254d17ce882d6113a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ed8de3329d64e5adcd14e13e79acfb217c0d8d42ea52321627bbebd848eeb18
8fabdf480e32f1ad0e6b8d37e7032f2aafeb71ec6d4a1c3ccdcc59da1c7c0f53
9102e7d07194ef0d231630e5acb69d75f2e44f6c48610aa0f8330fbb6fa2794b
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
9232c3acc1ba4a1dc61ac6abb16fbc90a2bd4c937d6fad946a1bc9dcf737c4b4
9294daa358be6e41fd4a2a685351b7ed54140f850306a74af3a22a9dd697f5c1
92c6eefe273943383cb3f5c648f3af597a7f405cf3855db5d89280843df029ea
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9675f96d6a3cf8f15b36372d79fec2778241c0b119c21560e0e9b69c4235cb82
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99ebefc6d820d1a4fc5353bdf009f7973e2254581f7917e961480a03bf4fa6f0
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9bfae488ab5c2e8005516633194e7400e639e957ae1be99a12b427d1b05b1a5c
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9f51d3686a1270d240a4e53ea183bd87eede1c4fad91fc0dad4ba687027c0b50
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a0684c5f2441e430cf81f00869422b1f47677b5304a9c811ab060b803c762437
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a37ddb046549bd50c20d598dc823792cafe56f1eee6a5a026c18dc57fb6f7ba7
a88b08a859185d0776e3e6213457c45c8b8daa014cfa88ae5396a92ae7bf2913
a8f62647260cb6173d253fa37bca50896841e1bd9cbb4197dd5e65204fc6b34b
a96c0f3d85a2dfc2c0f7a85e0fec1ccf780b3cf516c3372190138dfd22dde6a9
aab88c6b39efbcaa8c0ad0a260b54bc46fb8277662af5ae8695b2498955840b9
ac549f438a886eb4848aed56ce4bd0761598b3df30cb44c1b435a386bbc33357
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aebd044b99ee305fe596e71b1e9bc1bec4c18d9b2850a7b9e0a5fcfd8ca4099c
b1db80cc37a5dd7ebedc18acebc888365cca1a4a35118cfd0a94477429caf7a6
b79adf570b66bcd072b6f3ea35e760f7433030c083c686a08b6ba740f532098a
b9ac76703fca894ec4e2f5b14034a6089bf643d613e30242d10614b83d20c1a1
bbce9172a7ded4b78100317662adcf24a8ccc79f730f3b0c0a5c3996b86754aa
bcd0bf49c281d88577e18cd0994db23aaead060634501134e48821c6ea6284fc
be4eba09307653097e66b55721c45bc9a4299cfdcbaff59ce5137c93d9d87e80
be5758a073ac0db0857f5903e15e8aadc9db5f2ae9a55fe63d059acf1292bcd4
be6f848e03258e6446f687863fd27c600bce134c233d30acb67c1eba7e72de36
bfbbd0772eda291e13d714b63c76011a05b1a830ee633732e379b487cb076dd8
bfd8d391f98decb7dd02f6a829bd29862dd6381227da98f5beb7854e1e5dfef6
c0eb59dfca4c7d7dc3cdc4a5bb5a90a9911c73e70b849235d091a2a5a43b59a4
c14c7d89d2f50cfddff9e5ab56ce377d0ca5ff385e2a6a22809235253f6e6dc5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22eaaf5b4ff3d514512d4cc2cbee55733cfaeb237accfd9255406019b5296ea
c511c09faba45aa0a6ab6af0cf2cc2addca2151768a144790ca61f6202c9e82b
c651c11d40283365f88890125c5835c5cc6d3e6578ca3c71dbf68b98ad26dbf8
c9a7548ccdc127f7e22710f448a4fce37221c4098b62866905b5f13722eba147
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caee13c3a41f0dd4b28ffb0501a5558eeba0c8db36d407750eeb300ddebd9c9c
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1f436b61101f824b3ac4a93ddd4b5c6df7e58281c9b82d62f3659141a68c25a
d367634135eacdf6a6ebc4262c57f0e86d6f624f7fa545bc5e1d51877d0b14ac
d3ed6cb466bd654fe36c57faacb1c88ad4e2793087431d6ffc5366961a4c978f
d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580
d903a35a90276fed8d286f4de9f6ab44db076826cdb14a82d2e418aeb79b92ac
d98894761a1a131dbc10086f3c27d731f70a18154b0eedcd2b0a8b7c23966e3a
dade80ebcccb57e814d6e8e5941f36dc6b5f21bcc03c6f2e0078c78cfb0d12f3
dc131657068707ac57506e3053ea092a346e7364ec91bc922b4f78921e73a9e4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def7cecacce7bcb2fee77d978a2731d332e207eb6e82409539754ab0156e80ef
df6d50f6d26fbb16a4c128cf7d532ec819d4b89d6c746ecbb80f64bf2d6b6224
df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557
dfe6ab5a8bde60423658b6a7a8ca8e7c8f8356472ae9fbc961b373dd3259004b
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e25e8382d3216860a27d91ea16c12f4ae6877bada8a19e7d7fd717b686094c5c
e3763fd729200cb5cea470dd19d7fdf671c1b876a7fab31f4450d14f4276a911
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5211150affa5b8350f60ea5a4f77a41fdde7b4160cc3df64a7830a05c1925a4
e603cd7e9de65fb8a26619a69c44d7e62f2a6c96ec2c3702c5f4ecf5dac82419
e765c270288c713886f8b26b862eb40acbcabc0bb3a349aa02d3fa82225f5602
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
eb23842e002864729d3e39cf25f636f55d6fce297c0154dd6b54d1f5b815d671
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29da05b511bb796959ae318b9ec916a59f64e3af29e775b21d65a8b06dd5b52
f344726e53f2eb81248c299bb435bdfb43bd5aa69b99ca74e92433faefaabac1
f5007326f1001d08115505abf0ad29d4936db95488fee8ab95b697160bc5e4e7
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8806e35f2de3394be61626ed5f549133eacc5c8f6e034e2231f1ef12f7d162e
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
fba3c0e365340723939176c25f48969e093e4a95734031b93c0ea8c1fa356dab
fc3009e597b953aa561a945d045d45393ec17125ef5545324b17c5d89935049d
fcb97b72594d4f0110e64015bbad6d4da999c490365101ee334b9e29f9371943
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fdd203223d392f366e83310c6a1ed08b090cbe709ab98220bb45e3574ba7ac2e
fe2b91cc4671d8b5bc223a1ba00b2c0105898aa5540ec60832633ee2636b23de
ff14a7f621615b85abfaee3fb05739f3fa3c5b98d49ea86fde00f0850a1cbabe

www.herocosmetics.us Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

265 Requests

85 %HTTPS

27 %IPv6

82 Domains

103 Subdomains

63 IPs

7 Countries

5817 kBTransfer

13470 kBSize

127 Cookies

16 Outgoing links

Page URL History

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.herocosmetics.us Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

85 %
HTTPS

27 %
IPv6

82
Domains

103
Subdomains

63
IPs

7
Countries

5817 kB
Transfer

13470 kB
Size

127
Cookies

265 HTTP transactions
0 data transactions