herbalessences.com.my Open in urlscan Pro
23.222.4.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herbalessences.com.my/
Effective URL:
https://herbalessences.com.my/en-my/
Submission: On January 08 via api (January 8th 2023, 8:28:51 pm UTC) from US — Scanned from US

Summary HTTP 37 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 37 HTTP transactions. The main IP is 23.222.4.138, located in Ashburn, United States and belongs to AKAMAI-ASN1, NL. The main domain is herbalessences.com.my.
TLS certificate: Issued by R3 on December 13th 2022. Valid for: 3 months.

This is the only time herbalessences.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.222.4.154 23.222.4.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 19	23.222.4.138 23.222.4.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:24f... 2600:9000:24f0:d200:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
3	18.164.116.112 18.164.116.112	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	173.223.152.153 173.223.152.153	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
37	8

1 23.222.4.154 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-4-154.deploy.static.akamaitechnologies.com

herbalessences.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.222.4.138 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-4-138.deploy.static.akamaitechnologies.com

herbalessences.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:24f0:d200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.116.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-112.jfk50.r.cloudfront.net

videos.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.152.153 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-152-153.deploy.static.akamaitechnologies.com

cdn.pricespider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	herbalessences.com.my 2 redirects herbalessences.com.my	614 KB
8	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4313 videos.ctfassets.net — Cisco Umbrella Rank: 45659	318 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	218 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 674	764 B
1	pghub.io pghub.io — Cisco Umbrella Rank: 2522	4 KB
1	pricespider.com cdn.pricespider.com — Cisco Umbrella Rank: 13743	2 KB
37	7

	Domain	Requested by
20	herbalessences.com.my	2 redirects herbalessences.com.my
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	images.ctfassets.net	herbalessences.com.my
3	videos.ctfassets.net	herbalessences.com.my
3	www.googletagmanager.com	herbalessences.com.my www.googletagmanager.com
2	pixel.tapad.com	1 redirects
1	pghub.io	www.googletagmanager.com
1	cdn.pricespider.com	www.googletagmanager.com
37	8

This site contains links to these domains. Also see Links.

Domain
www.herbalessences.com
www.herbalessences.ca
herbalessences.com.au
herbalessences.de
herbalessences.it
www.herbalessences.es
herbalessences.co.uk
herbalessences.jp
herbalessences-th.com
herbalessencesarabia.com
herbalessences.com.mx
herbalessencesbr.com
www.youtube.com
termsandconditions.pg.com
privacypolicy.pg.com
www.bbb.org

Subject Issuer	Validity	Valid
cert00100-azurecdn.akamaized.net R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
assets.ctfassets.net Amazon	`2022-02-16` - `2023-03-17`	a year	crt.sh
*.pricespider.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-10-05`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://herbalessences.com.my/en-my/
Frame ID: 36CB38454555D969AD8A8272F03D4017
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hair Care and Styling Products | Herbal Essences

Page URL History Show full URLs

http://herbalessences.com.my/ HTTP 301
https://herbalessences.com.my/ HTTP 301
https://herbalessences.com.my/en-my/ Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

37
Requests

97 %
HTTPS

33 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

1176 kB
Transfer

4279 kB
Size

12
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herbalessences.com/en-us
Title: USA / English

Search URL Search Domain Scan URL

URL: https://www.herbalessences.ca/en-ca
Title: Canada / English

Search URL Search Domain Scan URL

URL: https://www.herbalessences.ca/fr-ca
Title: Canada / French

Search URL Search Domain Scan URL

URL: https://herbalessences.com.au/en-au
Title: Australia

Search URL Search Domain Scan URL

URL: https://herbalessences.de/de-de
Title: Germany / Deutschland

Search URL Search Domain Scan URL

URL: https://herbalessences.it/
Title: Italy

Search URL Search Domain Scan URL

URL: https://www.herbalessences.es/es-es
Title: Spain / España

Search URL Search Domain Scan URL

URL: https://herbalessences.co.uk/en-gb
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://herbalessences.jp/
Title: Japan

Search URL Search Domain Scan URL

URL: https://herbalessences-th.com/th-th/
Title: Thailand

Search URL Search Domain Scan URL

URL: https://herbalessencesarabia.com/en/
Title: English

Search URL Search Domain Scan URL

URL: https://herbalessencesarabia.com/ar/
Title: العربية

Search URL Search Domain Scan URL

URL: https://herbalessences.com.mx/es-mx
Title: Argentina

Search URL Search Domain Scan URL

URL: https://herbalessencesbr.com/pt-br/
Title: Brazil/Brasil

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCGiyppVugxsn33bc7R8Z5rw/featured

Search URL Search Domain Scan URL

URL: https://termsandconditions.pg.com/en-us/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://privacypolicy.pg.com/en/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://privacypolicy.pg.com/en/#iba
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/oh/cincinnati/profile/detergent/the-procter-gamble-company-0292-3036

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herbalessences.com.my/ HTTP 301
https://herbalessences.com.my/ HTTP 301
https://herbalessences.com.my/en-my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://pixel.tapad.com/idsync/ex/receive?partner_id=3267&partner_device_id=2035385301.1673209717&gtmcb=642384834 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=2035385301.1673209717&gtmcb=642384834

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
herbalessences.com.my/en-my/
Redirect Chain

http://herbalessences.com.my/
https://herbalessences.com.my/
https://herbalessences.com.my/en-my/

205 KB
47 KB

143ms
143ms

Document
text/html

23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a0f1a32f3818b422a15a10ba200459bcf9f2b478deb8f0fc8e4f5b164dee9b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 46947
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
content-type: text/html
date: Sun, 08 Jan 2023 20:28:35 GMT
etag: "0247273511d91:0"
expires: Sun, 08 Jan 2023 20:28:35 GMT
last-modified: Fri, 16 Dec 2022 09:59:04 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1;mode=block

Redirect headers

content-length: 159
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
content-type: text/html; charset=utf-8
date: Sun, 08 Jan 2023 20:28:35 GMT
location: https://herbalessences.com.my/en-my/
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1;mode=block

GET
H2 200 Untitled3.jpg
images.ctfassets.net/ewuc6ptqd1ox/fIho4bx5Xm789lWaahTkb/b77a3810e8020eb048fcdc2956ba4cb6/ 156 KB
157 KB 237ms
146ms Image
image/webp 2600:9000:24f0:d200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ewuc6ptqd1ox/fIho4bx5Xm789lWaahTkb/b77a3810e8020eb048fcdc2956ba4cb6/Untitled3.jpg?fm=webp
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:d200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a9005b691a529e8cee9b40dcae257bc082e520b369c64ae4959a2e51e2bd39ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:36 GMT
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
last-modified: Sat, 17 Dec 2022 16:40:45 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
etag: "81463b612a4f1e8cf06a338500f1db7b"
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 160028
x-amz-cf-id: agnW8-BenMEgglIixJY9oRu0xtYOAxG1lH-YZ6zClmE637EwJUZvpw==

GET
H2 400 undefined&fm=webp
herbalessences.com.my/en-my/ 3 KB
3 KB 149ms
147ms Image
text/html 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbalessences.com.my/en-my/undefined&fm=webp

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

f69ec9c7d598b2859ac983ef6adb3a865e7037b097cbc06d8f32582679309483

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 20:28:36 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: private, max-age=604800
content-length: 3490
x-xss-protection: 1;mode=block

GET
H2 200 867853736430cc53.css
herbalessences.com.my/_next/static/css/ 1 KB
2 KB 64ms
62ms Stylesheet
text/css 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/css/867853736430cc53.css

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

20f53e21aa4b3b8263f727eb7c5994c9f74f9403d479b79c1def7dbfd2e36c01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:35 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
accept-ranges: bytes
content-length: 627
x-xss-protection: 1;mode=block

GET
H2 200 webpack-9da69e3684734371.js Show response
herbalessences.com.my/_next/static/chunks/ 3 KB
3 KB 182ms
177ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/chunks/webpack-9da69e3684734371.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

3bba7d3c6532b1fe3f85312ab46c055632626503c7b2613b0bdc4412b8ed87b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31535965
accept-ranges: bytes
content-length: 2050
x-xss-protection: 1;mode=block

GET
H2 200 framework-7ecbf2efb448f4a0.js Show response
herbalessences.com.my/_next/static/chunks/ 126 KB
53 KB 199ms
194ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/chunks/framework-7ecbf2efb448f4a0.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

9b0b8b075ec978c9ddb0551a3f9d4631869aba13814684fb33657d559f9fde21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 53181
x-xss-protection: 1;mode=block

GET
H2 200 main-bfc2fd711c1ad1e5.js Show response
herbalessences.com.my/_next/static/chunks/ 98 KB
39 KB 179ms
174ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/chunks/main-bfc2fd711c1ad1e5.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

1c7971f036f38c8f05160a53ea2e149f2bb4b98387d5d9005528623d37c1a425

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38507
x-xss-protection: 1;mode=block

GET
H2 200 _app-9be9a96befd3f697.js Show response
herbalessences.com.my/_next/static/chunks/pages/ 499 B
1 KB 185ms
180ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/chunks/pages/_app-9be9a96befd3f697.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd9a7cf2701878feb90db4ef000a107500d7e74c90e3b81ba928fb4fa56af338

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31535996
accept-ranges: bytes
content-length: 450
x-xss-protection: 1;mode=block

GET
H2 200 566-40f4af24ea4a7191.js Show response
herbalessences.com.my/_next/static/chunks/ 525 KB
192 KB 170ms
166ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/chunks/566-40f4af24ea4a7191.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

08d3bc905b2256df45b397830423793eb3d2ae294cacf95350edf71c58ac00e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31535990
accept-ranges: bytes
x-xss-protection: 1;mode=block

GET
H2 200 %5B%5B...slug%5D%5D-5476c7787587cd55.js Show response
herbalessences.com.my/_next/static/chunks/pages/ 290 KB
98 KB 223ms
219ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/chunks/pages/%5B%5B...slug%5D%5D-5476c7787587cd55.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

84503601c7dd9abf763e7db0d47c5b8abadab707760de422ec39fa0b8219eac3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1;mode=block

GET
H2 200 _buildManifest.js Show response
herbalessences.com.my/_next/static/nxbsWQOCqoSodnxSaWi8j/ 350 B
1 KB 151ms
148ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/nxbsWQOCqoSodnxSaWi8j/_buildManifest.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

07e5b6468fa33a909cc42aa43f384742e9601e8b337d8a07fdf612b328efd37c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31535970
accept-ranges: bytes
content-length: 345
x-xss-protection: 1;mode=block

GET
H2 200 _ssgManifest.js Show response
herbalessences.com.my/_next/static/nxbsWQOCqoSodnxSaWi8j/ 99 B
1 KB 186ms
183ms Script
text/javascript 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/_next/static/nxbsWQOCqoSodnxSaWi8j/_ssgManifest.js

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 188
x-xss-protection: 1;mode=block

GET
H2 200 placeholder.png
herbalessences.com.my/static/images/ 6 KB
7 KB 189ms
187ms Image
image/png 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbalessences.com.my/static/images/placeholder.png

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

436e0ea4943bf212eb49edc28659958f186d00e895eb7994b3bdce9f3a36a8cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 20:28:36 GMT
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
etag: "0f74063511d91:0"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5915
x-xss-protection: 1;mode=block

GET
H2 200 font.css
herbalessences.com.my/static/css/ 1 KB
1 KB 67ms
62ms Stylesheet
text/css 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/static/css/font.css

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

54b827a490f72feff3fbe7904b06fcddd25d3db4fd57be83f36fbee08f441e47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
date: Sun, 08 Jan 2023 20:28:36 GMT
etag: "0f74063511d91:0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 394
x-xss-protection: 1;mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 459 KB
112 KB 91ms
37ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27a5414f70f820cca6472ab4de67685977709b452e77e7d16a50f25e28d7c62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113959
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Jan 2023 20:28:36 GMT

GET
H2 206 HEADER_Video.mp4
videos.ctfassets.net/ewuc6ptqd1ox/42zBScATDOaJsT8XhoqQlA/b5b8bed33dacb828c95733c67aba2f07/ 2 MB
0 354ms
267ms Media
video/mp4 18.164.116.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.ctfassets.net/ewuc6ptqd1ox/42zBScATDOaJsT8XhoqQlA/b5b8bed33dacb828c95733c67aba2f07/HEADER_Video.mp4
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-112.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://herbalessences.com.my/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 08 Jan 2023 20:28:37 GMT
x-amz-version-id: hu6o6Qh20dA8vGbsZNgICHYCPRx_EtiC
via: 1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
Content-Range: bytes 0-11302587/11302588
x-amz-replication-status: COMPLETED
Content-Length: 11302588
last-modified: Fri, 28 Oct 2022 07:40:07 GMT
server: AmazonS3
etag: "0cddc905608b380f713c6a707fe52d62-3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 2CE0VZeN2w1sYcRIyYZvkzfETI_IxI61q6nr2jTxKijEMeybfGxCcw==

GET
H2 206 HEADER_Video.mp4
videos.ctfassets.net/ewuc6ptqd1ox/42zBScATDOaJsT8XhoqQlA/b5b8bed33dacb828c95733c67aba2f07/ 0
0 8140ms
8056ms Media
video/mp4 18.164.116.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.ctfassets.net/ewuc6ptqd1ox/42zBScATDOaJsT8XhoqQlA/b5b8bed33dacb828c95733c67aba2f07/HEADER_Video.mp4
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-112.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://herbalessences.com.my/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 08 Jan 2023 20:28:37 GMT
x-amz-version-id: hu6o6Qh20dA8vGbsZNgICHYCPRx_EtiC
via: 1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
Content-Range: bytes 0-11302587/11302588
x-amz-replication-status: COMPLETED
Content-Length: 11302588
last-modified: Fri, 28 Oct 2022 07:40:07 GMT
server: AmazonS3
etag: "0cddc905608b380f713c6a707fe52d62-3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: uPCmkmgpeFjOOO2X-4ivxcYUYcpbDexXhMvcTyVDYTD4HuT5Wcm03A==

GET
H2 206 HEADER_Video.mp4
videos.ctfassets.net/ewuc6ptqd1ox/42zBScATDOaJsT8XhoqQlA/b5b8bed33dacb828c95733c67aba2f07/ 0
0 8137ms
8055ms Media
video/mp4 18.164.116.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.ctfassets.net/ewuc6ptqd1ox/42zBScATDOaJsT8XhoqQlA/b5b8bed33dacb828c95733c67aba2f07/HEADER_Video.mp4
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-112.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://herbalessences.com.my/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 08 Jan 2023 20:28:37 GMT
x-amz-version-id: hu6o6Qh20dA8vGbsZNgICHYCPRx_EtiC
via: 1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
Content-Range: bytes 0-11302587/11302588
x-amz-replication-status: COMPLETED
Content-Length: 11302588
last-modified: Fri, 28 Oct 2022 07:40:07 GMT
server: AmazonS3
etag: "0cddc905608b380f713c6a707fe52d62-3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: NfN6iY3R3V6anqGUVzf2yBY_1-RQaLDldk90RqXRDJBEoLuF7C1Imw==

GET
H2 200 AvenirNextW05-Medium.woff2
herbalessences.com.my/static/css/fonts/ 55 KB
56 KB 119ms
119ms Font
application/font-woff2 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/static/css/fonts/AvenirNextW05-Medium.woff2

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/static/css/font.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

50a58c01a1bfee0dcea06219afc9f456cf7256e7b020b61ab5c8e6d8f6612c90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Referer: https://herbalessences.com.my/static/css/font.css
Origin: https://herbalessences.com.my
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 20:28:36 GMT
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
etag: "0f74063511d91:0"
x-frame-options: DENY
content-type: application/font-woff2
cache-control: max-age=31535957
accept-ranges: bytes
content-length: 56548
x-xss-protection: 1;mode=block

GET
H2 200 DidotLTW05-Bold.woff2
herbalessences.com.my/static/css/fonts/ 32 KB
33 KB 113ms
111ms Font
application/font-woff2 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/static/css/fonts/DidotLTW05-Bold.woff2

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/static/css/font.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

01d946c44aa1ac5e4b94b68961a1ee830b3e0e5c589ba3f8bb97a2c200d14b5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Referer: https://herbalessences.com.my/static/css/font.css
Origin: https://herbalessences.com.my
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 20:28:36 GMT
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
etag: "0f74063511d91:0"
x-frame-options: DENY
content-type: application/font-woff2
cache-control: max-age=31535994
accept-ranges: bytes
content-length: 32348
x-xss-protection: 1;mode=block

GET
H2 200 AvenirNextW05-Bold.woff2
herbalessences.com.my/static/css/fonts/ 56 KB
57 KB 133ms
132ms Font
application/font-woff2 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://herbalessences.com.my/static/css/fonts/AvenirNextW05-Bold.woff2

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/static/css/font.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

304c598e604e2dbc563c38bec1bfe1c2e267b00b1bc1305ab98ead224e9de60c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Referer: https://herbalessences.com.my/static/css/font.css
Origin: https://herbalessences.com.my
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 20:28:36 GMT
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
etag: "0f74063511d91:0"
x-frame-options: DENY
content-type: application/font-woff2
cache-control: max-age=31535970
accept-ranges: bytes
content-length: 57204
x-xss-protection: 1;mode=block

GET
H2 200 New_Project__34_.jpg
images.ctfassets.net/ewuc6ptqd1ox/4MX8gIN82QlbtiHdbh9QAp/baf0f3376e21b20353c36f718e252f03/ 41 KB
41 KB 330ms
329ms Image
image/webp 2600:9000:24f0:d200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ewuc6ptqd1ox/4MX8gIN82QlbtiHdbh9QAp/baf0f3376e21b20353c36f718e252f03/New_Project__34_.jpg?fm=webp
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:d200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 03d09ad150fedd4d4d2bd8a5b612fa3198529cefca104629cf9e692295d9c26d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:36 GMT
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 00:56:39 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
etag: "af150ee93377611183feb797f2ae96d7"
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 41580
x-amz-cf-id: cjZojfcJl2l-AxdxoFQeeygQWEgCVNypnFRRvdl9xT26segJUx19YQ==

GET
H2 200 magnifier.svg
herbalessences.com.my/static/images/ 737 B
2 KB 63ms
63ms Image
image/svg+xml 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbalessences.com.my/static/images/magnifier.svg

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

9128bb829bd70450768d66001a4da5597ec18f5ad2f60094bcbff9a6d3a6a67a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 20:28:36 GMT
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
etag: "0f74063511d91:0"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=31535988
accept-ranges: bytes
content-length: 737
x-xss-protection: 1;mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
21ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 18:44:02 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6274
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 08 Jan 2023 20:44:02 GMT

GET
H2 200 ps-widget.js Show response
cdn.pricespider.com/1/lib/ 5 KB
2 KB 553ms
64ms Script
application/x-javascript 173.223.152.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pricespider.com/1/lib/ps-widget.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.152.153 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-152-153.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 48882847908b4c62522038ab815efbc7c766209ef9273e397a6462d148bd3acb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:37 GMT
content-encoding: gzip
content-length: 1874
last-modified: Wed, 26 Oct 2022 23:58:16 GMT
server: AkamaiNetStorage
etag: "45a06d183db6e8315ad1c4be2e8abba9:1667408543.09849"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2938
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 08 Jan 2023 21:17:35 GMT

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 195ms
103ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 19:35:17 GMT
content-encoding: gzip
age: 3199
x-guploader-uploadid: ADPycduXx3eg2slEu8_bxQ_SKshiVh8i3j-NfYPDXzmPHGqDNQJB8kPozFIXOt2B1fys8URPlqB1SazmReOPDWS92NZm1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 9
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3690
last-modified: Tue, 05 Apr 2022 17:08:24 GMT
server: UploadServer
etag: "1f39af8c4109e6a95d6895228aab0692"
vary: Accept-Encoding
x-goog-generation: 1649178504809914
x-goog-hash: crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-meta-last-modified: 2022-07-11T15:04:42.732Z
x-goog-stored-content-length: 3690
x-goog-meta-cache-control: public, max-age=230400
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 65ms
64ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BSGLTKZPWT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

652651271fa3cf253f4bac238cd4825af69661c5a490be79aac3a2ab623fc08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Jan 2023 20:28:36 GMT

GET
H2 200 KEW_LOGO_GOLD_250x250.png
images.ctfassets.net/ewuc6ptqd1ox/17wTon2mdM8VqAA4elRSFU/b832ffd021a361121bb1d92cba2710a5/ 13 KB
14 KB 214ms
202ms Image
image/webp 2600:9000:24f0:d200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ewuc6ptqd1ox/17wTon2mdM8VqAA4elRSFU/b832ffd021a361121bb1d92cba2710a5/KEW_LOGO_GOLD_250x250.png?fm=webp
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:d200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f8e871c89f787ab6d5dcc835de676236359a6adadbe377a2de5d458f37f215b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:36 GMT
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Dec 2022 00:56:51 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
etag: "02c6bd8df84b3168eb015acf0e806f70"
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 13710
x-amz-cf-id: HQF6411rXGWKh0NKlGLl-YOMzvgPVpYFlPfsA1Kp9JI81tcgjT-mww==

GET
H2 200 PETA.png
images.ctfassets.net/ewuc6ptqd1ox/xGgi64y6c4EcQ8Llksd58/da64766ce96644dfcd8a74e8fe778784/ 8 KB
8 KB 254ms
242ms Image
image/webp 2600:9000:24f0:d200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ewuc6ptqd1ox/xGgi64y6c4EcQ8Llksd58/da64766ce96644dfcd8a74e8fe778784/PETA.png?fm=webp
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:d200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: bc5474b2715cc7773858278f8b5b072d827b6df7c85ba16ae419946b46bb1d65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:36 GMT
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
last-modified: Sat, 31 Dec 2022 04:27:49 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
etag: "403508a3a0af39156dd32c93ca9bbbc7"
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 7990
x-amz-cf-id: xuxaFMB8JKjoWuEfSAPIwJxSprJfcpdstx2NCLalMJHyCArJQ7Ch9w==

GET
H2 200 MOD2_Ingredients.png
images.ctfassets.net/ewuc6ptqd1ox/7lBxZg4QS2fecIArYvwCji/20790e85ae5ec1c41a3712b05a8ed595/ 97 KB
98 KB 368ms
361ms Image
image/webp 2600:9000:24f0:d200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/ewuc6ptqd1ox/7lBxZg4QS2fecIArYvwCji/20790e85ae5ec1c41a3712b05a8ed595/MOD2_Ingredients.png?fm=webp
Requested by: Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:d200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 41c057e984a5f2ab3f6d662fe74a7271d167d8f8ca1de278eda25c47bf68676d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:37 GMT
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 05:20:45 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3
etag: "b5c3853925919c91751f3b6413162a7c"
x-cache: Miss from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 99636
x-amz-cf-id: 3WnSzM4CPi0kzTBggzBinKAoy4-KdEyt5dpMvjhD-Y2dLdSXbjkYTg==

GET
H2 200 main-logo.png
herbalessences.com.my/static/images/ 15 KB
16 KB 96ms
90ms Image
image/png 23.222.4.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://herbalessences.com.my/static/images/main-logo.png?fm=webp

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.4.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-4-138.deploy.static.akamaitechnologies.com

Software

Resource Hash

a762d5029879153f5d716e652eed6d9c66958801b03a5a46d9bebebfcdc9b89b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/en-my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net *.iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com *.bazaarvoice.com *.google-analytics.com www.facebook.com *.googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src *; frame-src 'self' www.youtube.com feed.pghub.io *.adsrvr.org *.doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 20:28:36 GMT
last-modified: Fri, 16 Dec 2022 09:59:02 GMT
etag: "0f74063511d91:0"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 15679
x-xss-protection: 1;mode=block
expires: Sun, 08 Jan 2023 20:28:36 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 76ms
29ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 19:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Jan 2023 20:44:45 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 45ms
44ms Ping
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BSGLTKZPWT&gtm=2oe120&_p=2054859690&cid=2035385301.1673209717&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Hair%20Care%20and%20Styling%20Products%20%7C%20Herbal%20Essences&dl=https%3A%2F%2Fherbalessences.com.my%2Fen-my%2F&sid=1673209716&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.global_gtm_platform=Advanced&ep.content_category=(not%20set)&ep.content_subcategory=(not%20set)&ep.content_type=(not%20set)&ep.pg_category=(not%20set)&ep.pg_segment=(not%20set)&ep.pg_brand=(not%20set)&ep.pg_product_name=(not%20set)&ep.pg_gtin=(not%20set)&ep.pg_subbrand=(not%20set)&ep.pg_brand_group=(not%20set)&ep.pg_brand_group_code=(not%20set)&ep.pg_sector=(not%20set)&ep.pg_subsector=(not%20set)&ep.marketing_program_number=(not%20set)&up.clientid=(not%20set).&up.lead_key=(not%20set)&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BSGLTKZPWT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 20:28:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herbalessences.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 44ms
43ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2054859690&t=pageview&_s=1&dl=https%3A%2F%2Fherbalessences.com.my%2Fen-my%2F&dp=herbalessences.com.my%2Fen-my%2F&ul=en-us&de=UTF-8&dt=Hair%20Care%20and%20Styling%20Products%20%7C%20Herbal%20Essences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAACAGqi~&jid=1601546577&gjid=211269522&cid=2035385301.1673209717&tid=UA-32663782-1&_gid=1449306802.1673209717&_r=1&gtm=2wg120N94XXFB&cd1=en-MY&cd2=48654&cd3=MY&cd4=Herbal%20Essences&cd5=English&cd6=Modern%20Web&cd7=prod&cd8=Azure&cd9=CMG&cd10=Production&cd11=GTM-PGQ9J3N&cd12=UA-5660335-54&cd13=(not%20set)&cd14=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20used)&cd18=(not%20set)&cd19=337074446&cd20=0&cd21=(not%20set)&cd22=false&cd23=false&cd24=(not%20set)&cd25=(not%20set)&cd26=(not%20set)&cd27=(not%20set)&cd28=Price%20Spider&cd29=(not%20set)&cd31=(not%20set)&cd32=(not%20set)&cd33=(not%20set)&cd34=(not%20set)&cd35=(not%20set)&cd36=(not%20set)&cd37=(not%20set)&cd38=(not%20set)&cd39=(not%20set)&cd40=(not%20set)&cd42=(not%20set)&cd43=false&cd44=false&cd45=false&cd46=Advanced&cd47=G-BSGLTKZPWT&cd48=(not%20set)&cd49=(not%20set)&cd50=2035385301.1673209717&z=439448097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://herbalessences.com.my/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 20:28:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herbalessences.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 39ms
38ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2054859690&t=pageview&_s=1&dl=https%3A%2F%2Fherbalessences.com.my%2Fen-my%2F&dr=&dp=%2Fen-my%2F&ul=en-us&de=UTF-8&dt=Hair%20Care%20and%20Styling%20Products%20%7C%20Herbal%20Essences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAjAAAAACAHqi~&jid=1691140007&gjid=219626013&cid=2035385301.1673209717&tid=UA-5660335-54&_gid=1449306802.1673209717&_r=1&gtm=2wg120N94XXFB&cd29=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&cd31=(not%20set)&cd32=(not%20set)&cd33=(not%20set)&cd34=(not%20set)&cd35=(not%20set)&cd36=(not%20set)&cd37=(not%20set)&cd38=(not%20set)&cd39=(not%20set)&cd40=(not%20set)&cd42=(not%20set)&cd43=(not%20set)&cd44=(not%20set)&cd46=Advanced&cd48=(not%20set)&cd50=2035385301.1673209717&cd41=(not%20set)&z=1268923296

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://herbalessences.com.my/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 20:28:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herbalessences.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
39 KB 57ms
56ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGQ9J3N

Requested by

Host: herbalessences.com.my
URL: https://herbalessences.com.my/en-my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

609f029fed4a1a502176c29ca19233430eb33557437f084b949f6b20241b9828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39657
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Jan 2023 20:28:39 GMT

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3267&partner_device_id=2035385301.1673209717&gtmcb=642384834
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=2035385301.1673209717&gtmcb=642384834

95 B
122 B

93ms
54ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=2035385301.1673209717&gtmcb=642384834

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://herbalessences.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 20:28:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sun, 08 Jan 2023 20:28:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=2035385301.1673209717&gtmcb=642384834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.herbalessences.com.my/	1969-12-31 23:59:59	Name: ARRAffinity Value: 1058983f9492741eb52aa9d75ad97ad7a96a96ce2583b1ef1ff5fdd1bb7076ff
.herbalessences.com.my/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 1058983f9492741eb52aa9d75ad97ad7a96a96ce2583b1ef1ff5fdd1bb7076ff
.herbalessences.com.my/	1970-01-20 10:56:25	Name: _gcl_au Value: 1.1.1881552149.1673209717
.herbalessences.com.my/	1970-01-20 08:48:16	Name: _gid Value: GA1.3.1449306802.1673209717
.herbalessences.com.my/	1970-01-20 18:22:49	Name: _ga_BSGLTKZPWT Value: GS1.1.1673209716.1.0.1673209716.0.0.0
.herbalessences.com.my/	1970-01-20 08:46:49	Name: _gat_UA-32663782-1 Value: 1
.herbalessences.com.my/	1970-01-20 18:22:49	Name: _ga Value: GA1.3.2035385301.1673209717
.herbalessences.com.my/	1970-01-20 08:46:49	Name: _gat_UA-5660335-54 Value: 1
herbalessences.com.my/	1969-12-31 23:59:59	Name: global_visit_counter Value: 1
.tapad.com/	1970-01-20 10:13:13	Name: TapAd_TS Value: 1673209719328
.tapad.com/	1970-01-20 10:13:13	Name: TapAd_DID Value: a3ee7842-7a9c-43df-a773-62f201a3b196
.tapad.com/	1970-01-20 10:13:13	Name: TapAd_3WAY_SYNCS Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://herbalessences.com.my/en-my/undefined&fm=webp Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://pghub.io/ Message: Refused to frame 'https://pandg.tapad.com/' because it violates the following Content Security Policy directive: "frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net *.jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com".
javascript	warning	URL: https://herbalessences.com.my/en-my/ Message: The resource https://herbalessences.com.my/en-my/undefined&fm=webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://herbalessences.com.my/en-my/ Message: The resource https://herbalessences.com.my/en-my/undefined&fm=webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org .iesnare.com connect.facebook.net .crazyegg.com .adsrvr.org .bazaarvoice.com .google-analytics.com .googletagmanager.com blob:; style-src 'self' 'unsafe-inline' cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com; media-src 'self' videos.ctfassets.net .iesnare.com data:; img-src 'self' cdn.pricespider.com wwwassets.pricespider.com embeddedcloud.pricespider.com i.ytimg.com images.ctfassets.net pixel.tapad.com .bazaarvoice.com .google-analytics.com www.facebook.com .googletagmanager.com data:; font-src 'self' fonts.gstatic.com; connect-src ; frame-src 'self' www.youtube.com feed.pghub.io .adsrvr.org .doubleclick.net .jebbit.com consumersupport.pg.com pg-lex.my.salesforce-sites.com ct.pinterest.com www.facebook.com; manifest-src *
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pricespider.com
herbalessences.com.my
images.ctfassets.net
pghub.io
pixel.tapad.com
videos.ctfassets.net
www.google-analytics.com
www.googletagmanager.com
107.178.246.49
173.223.152.153
18.164.116.112
2001:4860:4802:34::178
23.222.4.138
23.222.4.154
2600:9000:24f0:d200:12:94b3:c380:93a1
2607:f8b0:4006:81d::2008
35.241.45.217
01d946c44aa1ac5e4b94b68961a1ee830b3e0e5c589ba3f8bb97a2c200d14b5e
03d09ad150fedd4d4d2bd8a5b612fa3198529cefca104629cf9e692295d9c26d
07e5b6468fa33a909cc42aa43f384742e9601e8b337d8a07fdf612b328efd37c
08d3bc905b2256df45b397830423793eb3d2ae294cacf95350edf71c58ac00e2
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
1c7971f036f38c8f05160a53ea2e149f2bb4b98387d5d9005528623d37c1a425
20f53e21aa4b3b8263f727eb7c5994c9f74f9403d479b79c1def7dbfd2e36c01
27a5414f70f820cca6472ab4de67685977709b452e77e7d16a50f25e28d7c62f
304c598e604e2dbc563c38bec1bfe1c2e267b00b1bc1305ab98ead224e9de60c
3bba7d3c6532b1fe3f85312ab46c055632626503c7b2613b0bdc4412b8ed87b9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41c057e984a5f2ab3f6d662fe74a7271d167d8f8ca1de278eda25c47bf68676d
436e0ea4943bf212eb49edc28659958f186d00e895eb7994b3bdce9f3a36a8cc
48882847908b4c62522038ab815efbc7c766209ef9273e397a6462d148bd3acb
50a58c01a1bfee0dcea06219afc9f456cf7256e7b020b61ab5c8e6d8f6612c90
54b827a490f72feff3fbe7904b06fcddd25d3db4fd57be83f36fbee08f441e47
609f029fed4a1a502176c29ca19233430eb33557437f084b949f6b20241b9828
652651271fa3cf253f4bac238cd4825af69661c5a490be79aac3a2ab623fc08e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
84503601c7dd9abf763e7db0d47c5b8abadab707760de422ec39fa0b8219eac3
9128bb829bd70450768d66001a4da5597ec18f5ad2f60094bcbff9a6d3a6a67a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a0f1a32f3818b422a15a10ba200459bcf9f2b478deb8f0fc8e4f5b164dee9b9
9b0b8b075ec978c9ddb0551a3f9d4631869aba13814684fb33657d559f9fde21
a762d5029879153f5d716e652eed6d9c66958801b03a5a46d9bebebfcdc9b89b
a9005b691a529e8cee9b40dcae257bc082e520b369c64ae4959a2e51e2bd39ce
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc5474b2715cc7773858278f8b5b072d827b6df7c85ba16ae419946b46bb1d65
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f69ec9c7d598b2859ac983ef6adb3a865e7037b097cbc06d8f32582679309483
f8e871c89f787ab6d5dcc835de676236359a6adadbe377a2de5d458f37f215b4
fd9a7cf2701878feb90db4ef000a107500d7e74c90e3b81ba928fb4fa56af338

herbalessences.com.my Open in urlscan Pro 23.222.4.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

33 %IPv6

7 Domains

8 Subdomains

8 IPs

1 Countries

1176 kBTransfer

4279 kBSize

12 Cookies

19 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

herbalessences.com.my Open in urlscan Pro
23.222.4.138 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

33 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

1176 kB
Transfer

4279 kB
Size

12
Cookies

37 HTTP transactions
0 data transactions