www.hercampus.com Open in urlscan Pro
2606:4700:10::6814:34c3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mailview.bulletinintelligence.com/mailview.aspx?m=2022111701conagra&r=email-0520&l=00e-272&t=c
Effective URL:
https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Submission: On November 18 via api (November 18th 2022, 1:17:41 am UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 33 domains to perform 144 HTTP transactions. The main IP is 2606:4700:10::6814:34c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hercampus.com. The Cisco Umbrella rank of the primary domain is 258291.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.

This is the only time www.hercampus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.230.29.40 199.230.29.40	21622 (PR-NEWSWI...) (PR-NEWSWIRE-USA-1)
27	2606:4700:10:... 2606:4700:10::6814:34c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	88.221.169.143 88.221.169.143	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
7	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
4	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.178.31.183 35.178.31.183	16509 (AMAZON-02) (AMAZON-02)
1	35.178.63.59 35.178.63.59	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
2	34.120.117.212 34.120.117.212	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:78e::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	88.221.169.78 88.221.169.78	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2600:9000:215... 2600:9000:2156:e400:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	52.72.158.232 52.72.158.232	14618 (AMAZON-AES) (AMAZON-AES)
5	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
144	49

1 199.230.29.40 (United States) 1 redirects

ASN21622 (PR-NEWSWIRE-USA-1, US)

mailview.bulletinintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:10::6814:34c3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hercampus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

cdn.bfldr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lux.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.31.183 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-31-183.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.63.59 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-63-59.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

m.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.117.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.117.120.34.bc.googleusercontent.com

ls.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

85e175deb444e37f637b7274979b9b56.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:78e::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:e400:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.158.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-158-232.compute-1.amazonaws.com

pixel.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	hercampus.com www.hercampus.com — Cisco Umbrella Rank: 258291	457 KB
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 804	106 KB
12	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 3294 t.skimresources.com — Cisco Umbrella Rank: 3318 p.skimresources.com — Cisco Umbrella Rank: 4264 r.skimresources.com — Cisco Umbrella Rank: 3163 m.skimresources.com — Cisco Umbrella Rank: 24593 ls.skimresources.com — Cisco Umbrella Rank: 9618	24 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 85e175deb444e37f637b7274979b9b56.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	42 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 435 p.typekit.net — Cisco Umbrella Rank: 564	286 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 173	158 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 783	3 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	248 B
5	keywee.co 1 redirects cdn.keywee.co — Cisco Umbrella Rank: 10904 pixel.keywee.co — Cisco Umbrella Rank: 9691	35 KB
5	bfldr.com cdn.bfldr.com — Cisco Umbrella Rank: 19350	183 KB
4	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3844	60 KB
4	moatads.com z.moatads.com — Cisco Umbrella Rank: 406 mb.moatads.com — Cisco Umbrella Rank: 658 geo.moatads.com — Cisco Umbrella Rank: 657	89 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 852	838 B
3	btloader.com btloader.com — Cisco Umbrella Rank: 937 api.btloader.com — Cisco Umbrella Rank: 1093	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	196 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2410 tr.outbrain.com — Cisco Umbrella Rank: 2187	6 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4753 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1095	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 727	22 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5922 adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
2	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5069 lux.speedcurve.com — Cisco Umbrella Rank: 15014	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	w.org s.w.org — Cisco Umbrella Rank: 916	7 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 146	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2489 p1.parsely.com — Cisco Umbrella Rank: 1889	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	145 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 528	394 B
1	t.co t.co — Cisco Umbrella Rank: 475	376 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 603	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 873	12 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1039	6 KB
1	bulletinintelligence.com 1 redirects mailview.bulletinintelligence.com — Cisco Umbrella Rank: 267952	242 B
144	33

	Domain	Requested by
27	www.hercampus.com	www.hercampus.com static.cloudflareinsights.com
14	analytics.tiktok.com	www.hercampus.com analytics.tiktok.com
7	use.typekit.net	www.hercampus.com use.typekit.net
5	ct.pinterest.com	s.pinimg.com
5	www.facebook.com
5	cdn.bfldr.com	www.hercampus.com
4	cdn.keywee.co	1 redirects cdn.keywee.co
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	static.addtoany.com	www.hercampus.com static.addtoany.com
4	securepubads.g.doubleclick.net	www.hercampus.com securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tr.snapchat.com	sc-static.net
3	bat.bing.com	www.hercampus.com bat.bing.com
3	connect.facebook.net	www.hercampus.com connect.facebook.net
3	t.skimresources.com	www.hercampus.com s.skimresources.com
2	api.btloader.com	btloader.com
2	ad-delivery.net
2	tr.outbrain.com	amplify.outbrain.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	ls.skimresources.com	s.skimresources.com
2	m.skimresources.com	s.skimresources.com m.skimresources.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	r.skimresources.com	s.skimresources.com
2	p.skimresources.com	www.hercampus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.w.org	www.hercampus.com
2	sb.scorecardresearch.com	www.hercampus.com
2	www.googletagmanager.com	www.hercampus.com www.googletagmanager.com
2	z.moatads.com	www.hercampus.com z.moatads.com
1	pixel.keywee.co
1	www.google.com	tpc.googlesyndication.com
1	analytics.twitter.com
1	t.co
1	ad.doubleclick.net
1	btloader.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	85e175deb444e37f637b7274979b9b56.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	lux.speedcurve.com
1	www.google.de	www.hercampus.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.speedcurve.com	www.googletagmanager.com
1	s.skimresources.com	www.googletagmanager.com
1	p1.parsely.com	www.hercampus.com
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	www.hercampus.com
1	cdn.parsely.com	www.hercampus.com
1	mailview.bulletinintelligence.com	1 redirects
144	53

This site contains links to these domains. Also see Links.

Domain
www.hercampusmedia.com
www.generationhired.com
instagram.com
pinterest.com
twitter.com
www.facebook.com
www.youtube.com
www.tiktok.com
flipboard.com
www.snapchat.com
eepurl.com
www.pinterest.com
unsplash.com
www.glossier.com
hcxo.shop
www.spoonuniversity.com
www.collegefashionista.com
www.influencehercollective.com
herfuture.hercampus.com
www.addtoany.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.bfldr.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-23` - `2023-04-24`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-16` - `2023-08-17`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
m.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-10` - `2023-08-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-27` - `2022-11-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.anyword.com Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-10-20` - `2023-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
pixel.keywee.co Sectigo ECC Domain Validation Secure Server CA	`2022-02-01` - `2023-03-03`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Frame ID: 205F6E379680652A01904CCD0857DB21
Requests: 130 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 673294FB868C4B1E1563C39F178ACAB7
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 8E5FCE650B7568DA9AE5DD34671DBF9F
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9439544011269487
Frame ID: C7E6E1C933A90D8489FDCAAFACC4B8C4
Requests: 1 HTTP requests in this frame

Frame: https://85e175deb444e37f637b7274979b9b56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A84FEBCBB3A78A71759C9F45CE3AEED7
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=d85fd102-de5c-48f2-a203-c03efc540081&u_scsid=eba36bd9-68fb-489d-88c8-ef6fef20d8fe&u_sclid=4b09a95c-cc37-45a9-a046-4cd0a0fe6934
Frame ID: F1B60565F2F8750A8FE667E03C75A66C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D964E727FA8D382E125C89BBA00E3621
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 723667FAE7FED84CC4ADD339F0756FC2
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: CCDF3A7DA4776CE5F290C401227E8CAC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 56DCB692F43E7A9A940764796BC8C10B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BF4B37F2CD90824E54A17716A7B6328D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Go-To Glossier Guide

Page URL History Show full URLs

https://mailview.bulletinintelligence.com/mailview.aspx?m=2022111701conagra&r=email-0520&l=00e-272&t=c HTTP 302
https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

144
Requests

99 %
HTTPS

46 %
IPv6

33
Domains

53
Subdomains

49
IPs

5
Countries

1924 kB
Transfer

4676 kB
Size

27
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hercampusmedia.com/privacy-policy
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.generationhired.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://instagram.com/hercampus
Title: Instagram

Search URL Search Domain Scan URL

URL: https://pinterest.com/hercampus
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/hercampus
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HerCampusMagazine
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HerCampus
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@hercampus
Title: TikTok

Search URL Search Domain Scan URL

URL: https://flipboard.com/@HerCampus
Title: Flipboard

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/hercampus.com
Title: Snapchat

Search URL Search Domain Scan URL

URL: http://eepurl.com/cYeMs
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://www.generationhired.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://instagram.com/hercampus_nu

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/hc_northwestern/

Search URL Search Domain Scan URL

URL: https://twitter.com/HCNorthwestern

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Her-Campus-Northwestern/153723977993268

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@hercampuswestern

Search URL Search Domain Scan URL

URL: https://unsplash.com/photos/uXxV718_osk
Title: Charisse Kenion

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/olivia-rodrigo-collection
Title: OLIVIA X GLOSSIER

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/boy-brow
Title: Boy Brow

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/cloud-paint
Title: Cloud Paint

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/generation-g
Title: Generation G

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/balm-dotcom
Title: Balm Dotcom

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/glossier-hoodie
Title: Original Pink Hoodie

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/glossier-you
Title: Glossier You Perfume

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/ultralip
Title: Ultra

Search URL Search Domain Scan URL

URL: https://www.glossier.com/products/balm-dotcom-scarf
Title: Balm Dotcom Scarf

Search URL Search Domain Scan URL

URL: http://www.hercampusmedia.com/
Title: Her Campus Media

Search URL Search Domain Scan URL

URL: https://www.hercampusmedia.com/about
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.hercampusmedia.com/careers
Title: Join the Team

Search URL Search Domain Scan URL

URL: http://hcxo.shop/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.spoonuniversity.com/
Title: Spoon University

Search URL Search Domain Scan URL

URL: https://www.collegefashionista.com/
Title: College Fashionista

Search URL Search Domain Scan URL

URL: https://www.influencehercollective.com/
Title: InfluenceHer Collective

Search URL Search Domain Scan URL

URL: https://www.hercampusmedia.com/write-for-her-campus/
Title: Write For Her Campus

Search URL Search Domain Scan URL

URL: https://www.hercampusmedia.com/chapters
Title: Start a Chapter

Search URL Search Domain Scan URL

URL: https://herfuture.hercampus.com/
Title: High School Ambassadors

Search URL Search Domain Scan URL

URL: https://www.hercampusmedia.com/trendsetters
Title: Campus Trendsetters

Search URL Search Domain Scan URL

URL: https://www.hercampusmedia.com/internships
Title: Internships

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mailview.bulletinintelligence.com/mailview.aspx?m=2022111701conagra&r=email-0520&l=00e-272&t=c HTTP 302
https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

144 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Redirect Chain

https://mailview.bulletinintelligence.com/mailview.aspx?m=2022111701conagra&r=email-0520&l=00e-272&t=c
https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

232 KB
30 KB

705ms
674ms

Document
text/html

2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: d4f1660ba50018b232687f1bf2ea51de3a5ad43ca4b5afb5f9f007a0a2bd2a14

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600, must-revalidate
cf-apo-via: origin,miss
cf-cache-status: MISS
cf-edge-cache: cache,platform=wordpress
cf-ray: 76bcde07e93468fb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 18 Nov 2022 01:17:36 GMT
last-modified: Wed, 16 Nov 2022 08:44:10 GMT
link: <https://www.hercampus.com/wp-json/>; rel="https://api.w.org/", <https://www.hercampus.com/wp-json/wp/v2/posts/1093135>; rel="alternate"; type="application/json", <https://www.hercampus.com/?p=1093135>; rel=shortlink
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: YES:3600.000
x-powered-by: WP Engine

Redirect headers

cache-control: private
content-length: 188
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 01:17:34 GMT
location: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-bnn-server: nj3vwbiapppd01

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 146ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5700fb24eb3b3c111a304420a84f46bcfc424f33443671ab4d135687b1df54cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27283
x-xss-protection: 0
server: sffe
etag: "1395 / 218 of 1000 / last-modified: 1668726325"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Nov 2022 01:17:36 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/hercampusmediaheader276881430241/ 251 KB
87 KB 37ms
8ms Script
application/x-javascript 88.221.169.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hercampusmediaheader276881430241/moatheader.js
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-143.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 56aa6add9cee28f897d896cf29800e20f8b12a4acdada88c58adeb08ee0c251d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:09:59 GMT
server: AmazonS3
x-amz-request-id: PG6JZ5HK47ZMWW5S
etag: "c20eac90530489e921dc08dd78f1f478"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=35583
accept-ranges: bytes
content-length: 88541
x-amz-id-2: UFHwO+bG+zFvxGmzirbSJzxpVEs6qMI035OiUz2U8TR5eTs9MoGKuoXgeDFFYZUIfJFXvgOsFmo=

GET
H2 200 freshdesk_plugin.css
www.hercampus.com/wp-content/plugins/freshdesk-support/public/css/ 1 KB
622 B 25ms
23ms Stylesheet
text/css 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/freshdesk-support/public/css/freshdesk_plugin.css?ver=6.0.3
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b747b1b577b52ca0f8778de80a4dd998abcc1e3fbe68b3715515eae6f68f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 28 May 2021 05:47:50 GMT
server: cloudflare
age: 18925
cf-polished: origSize=1782
etag: W/"60b08406-6f6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c2f7068fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chy4ewm.css
use.typekit.net/ 7 KB
1 KB 58ms
9ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/chy4ewm.css

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

44889b2803f42b5cf263956a60de0189aa191aaf2ae4224dde7ec4ebf7467d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 18 Nov 2022 01:17:36 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 970

GET
H2 200 style.min.css
www.hercampus.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 49ms
48ms Stylesheet
text/css 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: cloudflare
age: 18926
etag: W/"62c2d8bd-15b64"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c2f7268fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.hercampus.com/wp-content/plugins/insert-giphy-block/ 146 B
193 B 23ms
22ms Stylesheet
text/css 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/insert-giphy-block/style.css?ver=1626563410
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ba8fae1bed57e1de8cabdb27f73747d529ba1f1e0e8308c693a9c8871dcc65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 17 Jul 2021 23:10:10 GMT
server: cloudflare
age: 18926
cf-polished: origSize=330
etag: W/"60f36352-14a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c2f7468fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-index.css
www.hercampus.com/wp-content/plugins/listicles/build/ 607 B
393 B 20ms
19ms Stylesheet
text/css 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/listicles/build/style-index.css?ver=1639063613
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7107260d5630055d703f6103e6cf9749dcf40a04775acf24afa05933c54b9e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 09 Dec 2021 15:26:53 GMT
server: cloudflare
age: 18926
cf-polished: origSize=608
etag: W/"61b2203d-260"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c2f7568fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookieNSCconsent.min.css
www.hercampus.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/ 6 KB
2 KB 26ms
25ms Stylesheet
text/css 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.9.0
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a69e25e5ec196a9ca4255113b16bdd4f68f8d48d88231d0deb67636413257b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 18:56:34 GMT
server: cloudflare
age: 18926
etag: W/"63753262-18a0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c2f7668fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 theme.min.css
www.hercampus.com/wp-content/themes/hercampus/dist/css/ 392 KB
65 KB 30ms
30ms Stylesheet
text/css 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/themes/hercampus/dist/css/theme.min.css?ver=1.0.1668100047
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8090cccf12cb6b11828eb10390b4e97f4dfd7192f8043a1f8a2b0a1d416e45c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 17:07:27 GMT
server: cloudflare
age: 18926
etag: W/"636d2fcf-62009"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c2f7768fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 addtoany.min.css
www.hercampus.com/wp-content/plugins/add-to-any/ 1 KB
537 B 21ms
20ms Stylesheet
text/css 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 21:39:36 GMT
server: cloudflare
age: 18926
etag: W/"61295b98-5ef"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c2f7968fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ad-tech.min.js Show response
www.hercampus.com/wp-content/mu-plugins/ad-tech/dist/js/ 29 KB
8 KB 35ms
30ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/mu-plugins/ad-tech/dist/js/ad-tech.min.js?ver=1641484296
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d29be0c704e48bdaeb78576e3cb8f3ccd3ce623e4cce04d13c54aaa0f567ff5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jan 2022 15:51:36 GMT
server: cloudflare
age: 18794
etag: W/"61d71008-7582"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2dbc924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
70 KB 140ms
46ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N456SM

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9699cefdd3faa64c45f5920be5dc4ad1210af739b4e251c3af3eaeafd8ef86e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71486
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Nov 2022 01:17:36 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.hercampus.com/wp-includes/js/ 18 KB
5 KB 55ms
50ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: cloudflare
age: 18793
etag: W/"62551487-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2dbe924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hc-logo-black.svg
www.hercampus.com/wp-content/themes/hercampus/src/img/ 4 KB
2 KB 36ms
32ms Image
image/svg+xml 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hercampus.com/wp-content/themes/hercampus/src/img/hc-logo-black.svg
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c53036e28c9ae76f6bb6653c8dfd6d019a56b7c6c07aba09120f88a58e2b9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 May 2021 05:47:50 GMT
server: cloudflare
age: 17591
etag: W/"60b08406-1101"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2dbf924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 img_8744jpg_by_Charisse_Kenion
cdn.bfldr.com/SH6M70M3/as/q76abb-2f97c-a14f2/ 26 KB
26 KB 149ms
100ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bfldr.com/SH6M70M3/as/q76abb-2f97c-a14f2/img_8744jpg_by_Charisse_Kenion?width=719&height=464&fit=crop&auto=webp

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

72583f735d7faac75072fd856bf0319fa498ca0d1c26308019872ca811d4cafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
strict-transport-security: max-age=900
x-amz-request-id: 92T4GEVY50W52RAW
age: 157505
etag: "Fmrm80/xJbdpXIT72vFictqcHmK5ev/unlyn6IiPxvc"
vary: Accept
fastly-io-info: ifsz=75782 idim=1002x715 ifmt=jpeg ofsz=26404 odim=719x464 ofmt=webp
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=300, public
content-disposition: inline
fastly-stats: io=1
accept-ranges: bytes
content-length: 26404
x-amz-id-2: QNymaxvyFSKce9Yb7Z/IHGWgAEPr0/YxvQ9oBIbz7mkAJsUPPyF5q7nw0PXiR9H25XmvW7HAZPs=

GET
H2 200 img_8744jpg_by_Charisse_Kenion
cdn.bfldr.com/SH6M70M3/as/q76abb-2f97c-a14f2/ 10 KB
11 KB 147ms
99ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bfldr.com/SH6M70M3/as/q76abb-2f97c-a14f2/img_8744jpg_by_Charisse_Kenion?width=398&height=256&fit=crop&auto=webp

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3b3a5f2e1e00992e5c6c9c448c671daf66c57dea707c6f0dd654466f4d3566b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
strict-transport-security: max-age=900
x-amz-request-id: 92T4GEVY50W52RAW
age: 157505
etag: "Bwpf6VczrJK6uni70dSoq8oejqyEXX3vEMw8X4dhfDs"
vary: Accept
fastly-io-info: ifsz=75782 idim=1002x715 ifmt=jpeg ofsz=10486 odim=398x256 ofmt=webp
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=300, public
content-disposition: inline
fastly-stats: io=1
accept-ranges: bytes
content-length: 10486
x-amz-id-2: QNymaxvyFSKce9Yb7Z/IHGWgAEPr0/YxvQ9oBIbz7mkAJsUPPyF5q7nw0PXiR9H25XmvW7HAZPs=

GET
H3 200 jquery.js Show response
www.hercampus.com/wp-includes/js/jquery/ 141 KB
44 KB 49ms
49ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a26f948122b1fe863bae3e65f7a64893e6e29e8e760ac075654174f96171cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
cf-bgj: minify
server: cloudflare
age: 18793
etag: W/"6048e0ac-46758"
cf-polished: origSize=288600
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0c9cae924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 69ms
25ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f73b286de67c4d1b452d1e95b2070c8d987d910332b1d830439b6952a781e70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2821
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 00:25:57 GMT
server: cloudflare
etag: W/"bb9-5ec71e264ddf8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 76bcde0d6db56967-FRA

GET
H3 200 addtoany.min.js Show response
www.hercampus.com/wp-content/plugins/add-to-any/ 129 B
294 B 49ms
45ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/add-to-any/addtoany.min.js
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Jun 2021 05:00:02 GMT
server: cloudflare
age: 18793
etag: W/"60c98552-81"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2dc0924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cookieNSCconsent.min.js Show response
www.hercampus.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/ 26 KB
8 KB 22ms
22ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.9.0
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb5ede1d5431c8de3e5e8d1a319321ddcc31f9f518b91e2bb923b74ab063028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 18:56:34 GMT
server: cloudflare
age: 18793
etag: W/"63753262-69ae"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d1da4924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 regenerator-runtime.min.js Show response
www.hercampus.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 66ms
65ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: cloudflare
age: 18793
etag: W/"6254194e-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d1dab924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-polyfill.min.js Show response
www.hercampus.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 59ms
53ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: cloudflare
age: 18793
etag: W/"6254194e-4ac6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2db4924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hooks.min.js Show response
www.hercampus.com/wp-includes/js/dist/ 5 KB
2 KB 59ms
54ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: cloudflare
age: 18793
etag: W/"6254194e-132e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2db6924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 loader.js Show response
www.hercampus.com/wp-content/plugins/wp-parsely/build/ 2 KB
1 KB 29ms
24ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/plugins/wp-parsely/build/loader.js?ver=eba15df5f79bd7d0de45
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 27 Jun 2022 21:58:21 GMT
server: cloudflare
age: 18793
etag: W/"62ba27fd-9c2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2db8924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 p.js Show response
cdn.parsely.com/keys/hercampus.com/ 50 KB
19 KB 54ms
9ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/hercampus.com/p.js?ver=3.5.2
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a27206d292ba914a7be4fa2466c4be72c1791fdb552f3fc53a1c2f4d6f96cb5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Thu, 17 Nov 2022 23:52:21 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jun 2022 15:59:22 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 5115
etag: W/"629e245a-c8ad"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: s4hAMDaLOjTwUUti0p799rcPpZDvvi_FOzVPu26kxlas-jNNlg8hyg==
expires: Fri, 18 Nov 2022 23:52:21 GMT

GET
H3 200 theme-single.min.js Show response
www.hercampus.com/wp-content/themes/hercampus/dist/js/ 81 KB
25 KB 38ms
33ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/themes/hercampus/dist/js/theme-single.min.js?ver=1667792785
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda44bd873cb05cb2a8b78f8a870bb021439208eaa2ce2ad88dcd21bc925c066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 03:46:25 GMT
server: cloudflare
age: 17591
etag: W/"63687f91-14347"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2db9924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mailchimp.js Show response
www.hercampus.com/wp-content/themes/hercampus/src/js/ 1016 B
746 B 27ms
23ms Script
application/javascript 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/themes/hercampus/src/js/mailchimp.js?ver=1626452086
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50f6ecfbc5ebf3299691a51f4429c3779b6f839cb3c26c45e4460a507a9eaf1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 16 Jul 2021 16:14:46 GMT
server: cloudflare
age: 18793
cf-polished: origSize=1413
etag: W/"60f1b076-585"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0d2dba924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 98ms
51ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.hercampus.com/
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 76bcde0d68519b7c-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 58ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=chy4ewm&ht=tk&f=24539.24540.24543.24544.24545.24546.24547.24548.24549.24552&a=83409215&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/chy4ewm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 436 B
610 B 155ms
33ms Script
text/html 35.178.31.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jwz9OEQuCUp3NAjXwwClNhIVsVBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-tg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&pcode=hercampusmediaheader276881430241&rx=871792991266&callback=MoatNadoAllJsonpRequest_94979544
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/hercampusmediaheader276881430241/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.31.183 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-31-183.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: ae4b3e1f5db954b2d7a9198df5512175b69ede8e2b3ac8200cabc4475032b4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "0a95f7e8e66977344d587c7e96cc3f6264ed41a3"
content-length: 436
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 114 B
288 B 185ms
28ms Script
text/html 35.178.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jwz9OEQuCUp3NAjXwwClNhIVsVBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-tg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=HERCAMPUSMEDIA_HEADER1&hp=1&wf=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1668734256109&de=751706228703&rx=871792991266&m=0&ar=48843429bae-clean&iw=ac9915e&q=1&cb=0&cu=1668734256109&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=hercampusmediaheader276881430241&fd=1&it=500&pe=1%3A-%3A-%3A0%3A0&fs=200871&na=894661511&cs=0&callback=MoatDataJsonpRequest_94979544
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/hercampusmediaheader276881430241/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.63.59 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-63-59.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 1ffaf9148099bea3aca42b41ef6c8abcc7acd7e3ac12a84dd85030643d8fb954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "fdcae55332114ceede02dfc56f53dc23c8d41cb7"
content-length: 114
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 6732 1 KB
2 KB 7ms
6ms Document
text/html 88.221.169.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/hercampusmediaheader276881430241/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-143.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2442
content-length: 1374
content-type: text/html
date: Fri, 18 Nov 2022 01:17:36 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 50ms
9ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 19:00:01 GMT
content-encoding: gzip
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 41523
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: CJtDekAX0GNtrJ--43_mMWpDxeOFIj299B14rvi1zehxaeiBZJWgqw==

GET
H2 200 l
use.typekit.net/af/61b4ba/00000000000000007735a167/30/ 47 KB
47 KB 41ms
4ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/61b4ba/00000000000000007735a167/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/chy4ewm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0424e19520bce927755b6b3e6a31fd16af5d494271e3db98516e08aa180b043f

Request headers

Referer: https://use.typekit.net/chy4ewm.css
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
server: nginx
etag: "5fed17d5bea029195a99ba74b516f25ee725434b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48280

GET
H2 200 l
use.typekit.net/af/1416a9/00000000000000007735a15a/30/ 46 KB
46 KB 39ms
5ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1416a9/00000000000000007735a15a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/chy4ewm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c7b46022c4ae5a1798ed9e45a83ed40aead7f761070cb9af515bff95855db307

Request headers

Referer: https://use.typekit.net/chy4ewm.css
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
server: nginx
etag: "bccec9a43405f07681ac803f830df18c2eea2bd9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47244

GET
H3 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
www.hercampus.com/fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 320ms
310ms Font
font/woff2 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Request headers

Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: cloudflare
age: 17214
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 76bcde0d5e36924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17908
expires: Thu, 16 Nov 2023 19:16:52 GMT

GET
H2 200 l
use.typekit.net/af/09d302/00000000000000007735a14e/30/ 47 KB
47 KB 26ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/09d302/00000000000000007735a14e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/chy4ewm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3e2ccf5a974d78a6fdca5b2fe544a4fdeefb3bbe668d1deb95259d421fb3e514

Request headers

Referer: https://use.typekit.net/chy4ewm.css
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
server: nginx
etag: "59adf62a226d21141e081eeac74c10da912bdadf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48228

GET
H2 200 l
use.typekit.net/af/1c49b4/00000000000000007735a15b/30/ 50 KB
50 KB 25ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1c49b4/00000000000000007735a15b/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/chy4ewm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d02aac8e3e7a20b2529c39c29b7adb085f508674d7e308fcbcbca78bdde23eb1

Request headers

Referer: https://use.typekit.net/chy4ewm.css
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
server: nginx
etag: "636cebdf5613833ce4fd55f3a4c1ce9cbe5721c5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 50772

GET
H2 200 l
use.typekit.net/af/5e6988/00000000000000007735a163/30/ 46 KB
46 KB 33ms
20ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5e6988/00000000000000007735a163/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/chy4ewm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94f721cea60b90692738a2e4ab2997bbf8228d7554a4d5c13a909f1d5af03cf2

Request headers

Referer: https://use.typekit.net/chy4ewm.css
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
server: nginx
etag: "6c7f6faf833b2ec0ec96352fe0a408d237d7154e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47152

GET
H3 200 fa-brands-400.woff2
www.hercampus.com/wp-content/themes/hercampus/dist/fontawesome/webfonts/ 77 KB
77 KB 28ms
19ms Font
font/woff2 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/themes/hercampus/dist/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/wp-content/themes/hercampus/dist/css/theme.min.css?ver=1.0.1668100047
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0

Request headers

Referer: https://www.hercampus.com/wp-content/themes/hercampus/dist/css/theme.min.css?ver=1.0.1668100047
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Jun 2021 05:00:02 GMT
server: cloudflare
age: 18793
etag: "60c98552-13280"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76bcde0d5e38924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78464

GET
H2 200 l
use.typekit.net/af/4abf65/00000000000000007735a15d/30/ 47 KB
47 KB 32ms
20ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4abf65/00000000000000007735a15d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/chy4ewm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8c6d48303a9f8ef88ae8895533c6ef87e4ea6776c37dbf3a20519a956a3e98c6

Request headers

Referer: https://use.typekit.net/chy4ewm.css
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
server: nginx
etag: "c376eb069a6278d6a0283f0e01c1f3a15e1c61da"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47668

GET
H3 200 fa-solid-900.woff2
www.hercampus.com/wp-content/themes/hercampus/dist/fontawesome/webfonts/ 138 KB
138 KB 34ms
25ms Font
font/woff2 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hercampus.com/wp-content/themes/hercampus/dist/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/wp-content/themes/hercampus/dist/css/theme.min.css?ver=1.0.1668100047
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Request headers

Referer: https://www.hercampus.com/wp-content/themes/hercampus/dist/css/theme.min.css?ver=1.0.1668100047
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Jun 2021 05:00:02 GMT
server: cloudflare
age: 18793
etag: "60c98552-226c4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76bcde0d5e3b924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140996

GET
H3 200 IMG_7855-2.jpg
www.hercampus.com/cdn-cgi/image/width=130,height=130,quality=80,fit=crop/wp-content/uploads/2022/11/ 4 KB
4 KB 453ms
452ms Image
image/jpeg 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hercampus.com/cdn-cgi/image/width=130,height=130,quality=80,fit=crop/wp-content/uploads/2022/11/IMG_7855-2.jpg

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27457968216f3778f74128b983531b8f1ee1e101aed60833d1a19af41fd8d7ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3943
cf-resized: internal=ok/e q=0 n=94 c=2+9 v=2022.11.4 l=3943
last-modified: Thu, 03 Nov 2022 19:02:22 GMT
cf-bgj: imgq:80,h2pri
server: cloudflare
etag: "cfit7Ag6N5vFwGkFiEdGQ46CIAFpzNVif_QcrzSvXcBQ:6364103e-1a028"
vary: Accept, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76bcde0dae8f924d-FRA

GET
H2 200 voting_box_with_ballot
cdn.bfldr.com/SH6M70M3/as/qdxh19-cwqos8-b2obco/ 4 KB
4 KB 8ms
7ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bfldr.com/SH6M70M3/as/qdxh19-cwqos8-b2obco/voting_box_with_ballot?width=698&height=466&fit=crop&auto=webp

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d95d4da7a478336980404c419335bed805699753f053e84226540add0f41edef

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
strict-transport-security: max-age=900
age: 2104416
fastly-io-info: ifsz=24713 idim=1280x854 ifmt=jpeg ofsz=3874 odim=698x466 ofmt=webp
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
fastly-stats: io=1
content-length: 3874
etag: "ssHgrXsCNOMgbZROmwT7hzsTUYF60ZZHLYSnGDYxSCg"
vary: Accept
x-goog-generation: 1595517931834194
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 24713
accept-ranges: bytes

GET
H2 200 self_carepng_by_Pexels
cdn.bfldr.com/SH6M70M3/as/bxssb46zpzjsxpkjw58h5s/ 42 KB
42 KB 9ms
8ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bfldr.com/SH6M70M3/as/bxssb46zpzjsxpkjw58h5s/self_carepng_by_Pexels?width=698&height=466&fit=crop&auto=webp

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c4b95cab266dfd6ee6a80c712fae8c3536530c9760076a11f44d37a59afc487

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
strict-transport-security: max-age=900
age: 1488290
fastly-io-info: ifsz=228994 idim=1600x1066 ifmt=jpeg ofsz=42602 odim=698x466 ofmt=webp
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
fastly-stats: io=1
content-length: 42602
etag: "qsTnbl0BFg4NBfW/6eYMmrYyV6qjtKKJXJvvg4cA1Cw"
vary: Accept
x-goog-generation: 1603908658433053
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 228994
accept-ranges: bytes

GET
H2 200 northwestern
cdn.bfldr.com/SH6M70M3/as/th4rmt5ggjhkc8sckkbvwn2b/ 100 KB
100 KB 101ms
101ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bfldr.com/SH6M70M3/as/th4rmt5ggjhkc8sckkbvwn2b/northwestern?width=698&height=466&fit=crop&auto=webp

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c844c5fca09ea9bf12cbdeb50afe5602d96851613188c641e9c4742656bf6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
strict-transport-security: max-age=900
age: 294331
fastly-io-info: ifsz=2883418 idim=4032x3024 ifmt=jpeg ofsz=102422 odim=698x466 ofmt=webp
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline
fastly-stats: io=1
content-length: 102422
etag: "yPmLGgNAz1WLPfAmE6X3xGNpK2gi9LxbHX9ZqQvZXmQ"
vary: Accept
x-goog-generation: 1665678775417943
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=300, public
x-goog-stored-content-length: 2883418
accept-ranges: bytes

GET
H3 200 hc-logo-white.svg
www.hercampus.com/wp-content/themes/hercampus/src/img/ 4 KB
2 KB 20ms
20ms Image
image/svg+xml 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hercampus.com/wp-content/themes/hercampus/src/img/hc-logo-white.svg
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06fa64117c412ff72e5f208173a7b7118ce8f8513788bcd974ff1cf530cfcb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 May 2021 05:47:50 GMT
server: cloudflare
age: 17573
etag: W/"60b08406-11d7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76bcde0e1f2e924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pubads_impl_2022111401.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c530773071f1aa1e6f7a3b0d20810449c8b6eb39d6e109fcd7082868888f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 20:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131977
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 09:35:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Nov 2023 20:53:49 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 225 B
137 B 131ms
49ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hercampus.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95dfd85f564b7803f552f9cc2c4d0fde120d17dc3c23e8cf19879c6725e381c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 0
expires: Fri, 18 Nov 2022 01:17:36 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 8ms
8ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=19270866&cs_it=b3&cv=3.8.0.210223&ns__t=1668734256375&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&c8=The%20Go-To%20Glossier%20Guide&c9=
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: nPMrevpu152qOvkydQO-t3R76H4Xe6ICKIdPSVPtdBhakQbXy_BOgQ==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 139ms
29ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1668734256394&plid=80484581&idsite=hercampus.com&url=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&sref=&sts=1668734256390&slts=0&title=The+Go-To+Glossier+Guide&date=Fri+Nov+18+2022+01%3A17%3A36+GMT%2B0000+(GMT)&action=pageview&pvid=45111502&u=pid%3Daeb981c0e0868c87618c6368d80fc5da
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 01:17:36 GMT
Cache-Control: no-cache
Last-Modified: Friday, 18-Nov-2022 01:17:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 core.c4ad588e.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 70ms
52ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.c4ad588e.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a90d2b9a8ef6ca85a8d21190509cb54bade6eff7f48379eaa77980b9428fd5bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
Origin: https://www.hercampus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1384439
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 00:25:56 GMT
server: cloudflare
etag: W/"117b8-5ec71e25ea438"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 76bcde0ecc00163f-FRA

GET
H3 200 icons.31.svg.js Show response
static.addtoany.com/menu/svg/ 76 KB
32 KB 45ms
27ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.31.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d102c69c2e02cfd878d735d72dced6641b41c8a80f8570e9ceae04e556dfa56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1747777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 21:26:00 GMT
server: cloudflare
etag: W/"130d9-5eb55bd13de3f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 76bcde0ecd449125-FRA

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 8E5F 741 B
658 B 56ms
55ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 699012
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 76bcde0ecd459125-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 01:17:36 GMT
etag: W/"2e5-5cc9e128a4c38"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H2 200 1f46f-200d-2640-fe0f.svg
s.w.org/images/core/emoji/14.0.0/svg/ 6 KB
6 KB 29ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f46f-200d-2640-fe0f.svg

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

7661153520eb46bf33539924d81f71277e416a88f960e3be396c721aabc3d2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 18 Nov 2022 01:17:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6301
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 action-bar Show response
www.hercampus.com/wp-json/hercampus/v1/ 599 B
559 B 745ms
744ms Fetch
application/json 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hercampus.com/wp-json/hercampus/v1/action-bar

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/wp-content/themes/hercampus/dist/js/theme-single.min.js?ver=1667792785

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e168a1e62d599a527a2176badae2bf3a55b8bc7d1baa7b45ca4d46710ebff4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Fri, 18 Nov 2022 01:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cf-ray: 76bcde0ef82c924d-FRA
link: <https://www.hercampus.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-robots-tag: noindex
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 18 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 102
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 18 Nov 2022 03:15:54 GMT

GET
H2 200 5929X654252.skimlinks.js Show response
s.skimresources.com/js/ 56 KB
21 KB 69ms
25ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/5929X654252.skimlinks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 2cd7a09cd4c659a50ad89dd0420fd6544f87ebf03153ff59b88661ba8561e926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 08:57:57 GMT
server: AmazonS3
x-amz-request-id: M9YJ01XRZM0J2ZK2
etag: "595d0ee41ad695620d088a1cdfa262ba"
x-hw: 1668734256.cds234.am5.hn,1668734256.cds241.am5.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20922
x-amz-id-2: xQnuZR84K41RbOwchiDxQ6ewE1uIGJJS67IDVBO9aQ5ATrbLTLN3VpdFdWSBLhzr01sG/lu6anE=

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 20 KB
7 KB 39ms
7ms Script
application/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=4300779046
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: c5c8f753ef44ddfa1ff871fb3096d12c215e5f82c57306f7c21a42e6e2fa0b56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 1
date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 1902
x-cache: HIT
content-length: 7154
x-served-by: cache-hhn4037-HHN
last-modified: Fri, 18 Nov 2022 00:45:54 GMT
server: Apache
x-timer: S1668734257.526238,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Nov 2022 00:45:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 123ms
46ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CNKBKYQZYE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d19aace1436ce3502388c821d29c63ddf3a4724f101ae578fad1d47f95b9353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Nov 2022 01:17:36 GMT

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame C7E6 0
134 B 131ms
41ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9439544011269487
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 87ms
19ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=10.401765153370263
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 88ms
21ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=10.401765153370263
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H2 200 / Show response
r.skimresources.com/api/ 204 B
400 B 67ms
21ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/5929X654252.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

e89d3292942d6be13eeb02d58bd139cc5f46b1ea0b00a46612696c8db4ddf689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.hercampus.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 139ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1521168210&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&dp=%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&ul=en-us&de=UTF-8&dt=The%20Go-To%20Glossier%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1074294793&gjid=1105037494&cid=1704411393.1668734257&tid=UA-10885536-1&_gid=373470171.1668734257&_r=1&gtm=2wgb90N456SM&cd1=northwestern&cd2=&cd3=Article&cd4=opinion&cd5=hc_resources&cd6=kayln%20jackson&cd7=internal_tags&cd8=beauty%2Cglossier%2Cmakeup%2Cnew!%2Colivia%20rodrigo%2Cskincare%2Cwishlist&cd9=&cd10=chapter_level&cd11=anonymous%20user&cd14=No&cd15=style&cd16=beauty&cd18=2022-11-16%2008%3A44%3A07&z=1092917724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hercampus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
349 B 138ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CNKBKYQZYE&gtm=2oeb90&_p=1521168210&_gaz=1&cid=1704411393.1668734257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668734256&sct=1&seg=0&dl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&dt=The%20Go-To%20Glossier%20Guide&en=page_view&_fv=1&_ss=1&ep.author=kayln%20jackson&ep.chapter=northwestern&ep.chapter_level=&ep.content_type=Article&ep.keywords=beauty%2Cglossier%2Cmakeup%2Cnew!%2Colivia%20rodrigo%2Cskincare%2Cwishlist&epn.content_id=1093135&ep.sponsored=No&ep.user_role=anonymous%20user&ep.category=style&ep.sub_category=beauty&ep.article_type=opinion&ep.node_id=&ep.page=%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&ep.publish-date=2022-11-16%2008%3A44%3A07
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CNKBKYQZYE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hercampus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 63ms
18ms Ping
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CNKBKYQZYE&cid=1704411393.1668734257&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CNKBKYQZYE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hercampus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 144ms
54ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CNKBKYQZYE&cid=1704411393.1668734257&gtm=2oeb90&aip=1&z=1282644618

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5929X1598010.js Show response
m.skimresources.com/widget/code/ 476 B
889 B 85ms
8ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m.skimresources.com/widget/code/5929X1598010.js
Requested by: Host: s.skimresources.com
URL: https://s.skimresources.com/js/5929X654252.skimlinks.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6330fefb8b254919b68a210d6f0f09936d43a2fd555621ec34f77cdcaddd1beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: twXtrXrLgj7cN6A9R3txaS7jeLvreaue
date: Fri, 18 Nov 2022 00:40:16 GMT
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jun 2020 15:28:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2241
etag: "a2643343cee4fddca0e56210ecb7f868"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 476
x-amz-cf-id: XeNh7O7QW3KnVP-II-_tvVsdSIxf8RBGkOOyobI56B1CnvH81ypJuQ==

POST
H3 200 link Show response
t.skimresources.com/api/v2/ 22 B
44 B 75ms
42ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/5929X654252.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.3 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.hercampus.com
warning: 299 - "Deprecated API"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 api Show response
ls.skimresources.com/ 2 B
22 B 81ms
46ms XHR
application/json 34.120.117.212
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ls.skimresources.com/api

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/5929X654252.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

212.117.120.34.bc.googleusercontent.com

Software

Python/3.8 aiohttp/3.7.4.post0 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.8 aiohttp/3.7.4.post0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hercampus.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 206 api
ls.skimresources.com/ Frame 0
0 134ms
42ms Preflight
text/plain 34.120.117.212
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.skimresources.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.117.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 212.117.120.34.bc.googleusercontent.com
Software: Python/3.8 aiohttp/3.7.4.post0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hercampus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.hercampus.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 18 Nov 2022 01:17:36 GMT
server: Python/3.8 aiohttp/3.7.4.post0
via: 1.1 google

POST
H3 200 / Show response
r.skimresources.com/api/ 176 B
168 B 38ms
21ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/5929X654252.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

c22c5f95b6382f348fd4487180648e7045c01ed1cc5898aa760499830df23c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.hercampus.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10885536-1&cid=1704411393.1668734257&jid=1074294793&gjid=1105037494&_gid=373470171.1668734257&_u=YEBAAEAAAAAAACAAI~&z=2117309695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 18 Nov 2022 01:17:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hercampus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.min.js Show response
m.skimresources.com/widget/scripts/ 4 KB
1 KB 21ms
21ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m.skimresources.com/widget/scripts/loader.min.js
Requested by: Host: m.skimresources.com
URL: https://m.skimresources.com/widget/code/5929X1598010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0856da6f076f28d706af4c73399891fa5075bfef2177ab416e05aff00da047df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ntFkj9lTwgeZhZtSNAxxtbhGrWH9Wy86
content-encoding: gzip
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date: Fri, 18 Nov 2022 01:17:36 GMT
last-modified: Thu, 18 Mar 2021 10:49:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 17
etag: W/"74019f935fcd21e3514db10d15a644d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6vPAaIB-c3IIRyBzjPUasK8_jR7rch8YCLqb7M1qXjGcDnBMPR20Bg==

POST
H3 200 page Show response
t.skimresources.com/api/v2/ 22 B
43 B 42ms
42ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/5929X654252.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.3 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.hercampus.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 rum Show response
www.hercampus.com/cdn-cgi/ 0
143 B 17ms
16ms XHR
text/plain 2606:4700:10::6814:34c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hercampus.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:34c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json

Response headers

date: Fri, 18 Nov 2022 01:17:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.hercampus.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 76bcde119b51924d-FRA

GET
H2 200 /
lux.speedcurve.com/lux/ 0
108 B 31ms
9ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lux.speedcurve.com/lux/?v=304&id=4300779046&sid=166873425661870307&uid=166873425661870307&l=The%20Go-To%20Glossier%20Guide&NT=1668734254995fs318ds320de329cs329sc335ce350qs350bs1024be1073ol1027oi1448os1452oe1469oc1894ls1895le1895sr1200fc1200lc1371&LJS=d16t16f8c1n41e1r70x7154l1500s1623&PS=ns29bs0is27269ss8bc8ic27972ia3it11dd11nd2939vh1200vw1600dh3835dw1600ds29866ct4G_er0nt0dm8&CPU=s|63,n|1,d|63,x|63,i|1270,1207|63&fl=64&HN=www.hercampus.com&CLS=0.065465&PN=%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-hhn4037-HHN
date: Fri, 18 Nov 2022 01:17:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668734257.119986,VS0,VE1
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 1f4e3.svg
s.w.org/images/core/emoji/14.0.0/svg/ 404 B
486 B 7ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f4e3.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

d54e9bc9bba49d0fbeeb0a47349c430e3e66b0731bc642cce0e1e5691d185d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 18 Nov 2022 01:17:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 404
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 158ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hercampus.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 161ms
51ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hercampus.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
534 B 453ms
450ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2830000988119911&correlator=2522034869055374&output=ldjh&gdfp_req=1&vrg=2022111401&ptt=17&impl=fifs&iu_parts=17275066%2Chercampus%2Cschool%2Csidebar_1%2Carticle_footer%2Carticle_in_stream_1%2Carticle_in_stream_2%2Carticle_in_stream_3%2Carticle_in_stream_4%2Carticle_in_stream_5%2Carticle_in_stream_6%2Carticle_in_stream_7%2Carticle_in_stream_8%2Carticle_in_stream_9%2Carticle_in_stream_10%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F14%2C%2F0%2F1%2F2%2F15&prev_iu_szs=300x600%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C970x90%7C728x90&ifi=1&adks=4053744201%2C2941394177%2C2702671007%2C3768508600%2C3265879316%2C2638665387%2C1264610585%2C3209381390%2C545441048%2C711774041%2C711766802%2C1248485460%2C2363083801&sfv=1-0-40&prev_scp=ad-type%3Dhpu-sidebar%26position%3Dsidebar_1%2Cbtf%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_footer%26position%3Darticle_footer%2Cbtf%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_1%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_2%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_3%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_4%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_5%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_6%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_7%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_8%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_9%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Darticle_in_stream%26position%3Darticle_in_stream_10%2Cbtf%2Carticle_in_stream%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad-type%3Dsticky%26position%3Dsticky%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&cust_params=environment%3Dprod%26post-id%3D1093135%26page-type%3Dpost%26title%3Dthe%2520go%2520to%2520glossier%2520guide%26tag%3Dbeauty%252Cglossier%252Cmakeup%252Cnew!%252Colivia%2520rodrigo%252Cskincare%252Cwishlist%26article-type%3Dopinion%26chapter%3Dnorthwestern%26chapter-level%3Dgold%26NID%3D%26category%3Dstyle%26sub-category%3Dbeauty%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&sc=1&cookie_enabled=1&abxe=1&dt=1668734258422&lmt=1668588250&dlt=1668734256022&idt=545&adxs=1100%2C271%2C291%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C315&adys=1072%2C2223%2C1678%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&frm=20&vis=1&psz=300x600%7C870x90%7C830x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1&msz=300x600%7C728x90%7C830x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C970x-1&fws=512%2C0%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1704411393.1668734257&ga_sid=1668734258&ga_hid=1521168210&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

294acb8a0aa558a10a0f29962d383562edc37a64200583551f364afe18650d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hercampus.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 207ms
79ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a92744adb2f79769e5506908c778b1cda7b1321ad65d1d5dad5150223fd5e083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11106
x-xss-protection: 0

GET
H2 200 container.html Show response
85e175deb444e37f637b7274979b9b56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A84F 6 KB
3 KB 197ms
54ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85e175deb444e37f637b7274979b9b56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 01:17:38 GMT
expires: Sat, 18 Nov 2023 01:17:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 183ms
104ms Script
application/javascript 2a02:26f0:1700:78e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:78e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 scevent.min.js Show response
sc-static.net/ 27 KB
12 KB 90ms
36ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 43cf94adadc78b282518b7beabeee72520e2bae9c2328c5474388ad77b41e9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: gzip
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 11968
x-amz-cf-id: dOXyxcXXg9r25vGMDs0oyX-ZvycD5NVXdsQLtJywg_OuM5PFmCSpsg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 244ms
5ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230036-FRA

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 16 KB
6 KB 98ms
21ms Script
application/x-javascript 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ef6ab96978d8f6c32e6e171324ea26ec9bdee003c2c3c115de92956639d837b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 01:17:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5276
Expires: Fri, 18 Nov 2022 01:37:38 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 164 KB
47 KB 236ms
116ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Requested by: Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 00267ff109767adc7ea072e0c7b35add68a3adb41a59cbb6e9a574d1b518a28e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id: 3920df81.4d7ff7b
date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 105,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=14, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20221118011738CA916DF22CE9A81CD036
x-cache-remote: TCP_MISS from a23-32-16-71.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.32.16.71
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa1567e0234f18e25ecc883822114295478c19404ac0511970f068781b7edb6ba68d1d016ce8896ed95aef38dca3e02564ff20e5c5d3bd26f4aa633bb6c2aeacc3be
expires: Fri, 18 Nov 2022 01:17:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 60ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 18 Nov 2022 01:17:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cCbOjiVGRdkluXiqcSTdM0UFu+yx0kFdTKDKKThfJeDMcsrO4k/LYuwovkbnVj1i8safPKNG66HAZQuHL5lNig==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 105ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.hercampus.com
URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 18 Nov 2022 01:17:38 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A09A18D5C579473DA310DE348557275D Ref B: FRAEDGE1118 Ref C: 2022-11-18T01:17:38Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11430

GET
H2 200 tag Show response
btloader.com/ 13 KB
6 KB 97ms
37ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5690665060007936&upapi=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456SM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd08ba2df1ee6e0e9b399e1c6e126d754ffaddeaabafb23b8f4cff06110959b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 00:21:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3374
etag: W/"61e0bdb76b3f33768da2d4019b3425a3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxeuzfYPgmM2V%2FKfvdEg9cETNq1Wuc2NrAI%2BGCO5sAkM5%2FOGIcOSzn5USaayA4IbYKfXa9C69Fg%2BAjSBHTql8nMl2ckuXcVYK38uepp0YPwUCznbkqIMt6xOL8WXNrwfBobhExgY4NfOow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 76bcde1c1c8fbb73-FRA

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

20ms
16ms

Script
application/javascript

2600:9000:2156:e400:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Server: 2600:9000:2156:e400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 01:15:53 GMT
content-encoding: gzip
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 172906
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
x-amz-cf-id: SEu7MfRZDnO5Onp6aUcjVjaosUX9wAX7ud-F6s5U67wgaqeVXpSEyw==

Redirect headers

date: Fri, 18 Nov 2022 01:17:31 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 8
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
content-length: 0
x-amz-cf-id: yKPZpKycP7zKTbJyDBRQgXidaw1CikChNO6z5MclUZB8-2r_xAkB5g==

GET
H3 200 605971433449383 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 76ms
62ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/605971433449383?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5ebbe5f5fb39e5a0c3dc73461cd18bb44db217b97986e9a4383d797d6eb1f9e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 18 Nov 2022 01:17:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PjDZ6sJ//Ao58ObhDPrEzjSb0+g+iT79Mn6MtrkV8VgGwYlGyllH12ia68LTDj8Bf4A2nXnBi9P7waA7LoUiTA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame F1B6 0
53 B 152ms
26ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=d85fd102-de5c-48f2-a203-c03efc540081&u_scsid=eba36bd9-68fb-489d-88c8-ef6fef20d8fe&u_sclid=4b09a95c-cc37-45a9-a046-4cd0a0fe6934

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 18 Nov 2022 01:17:38 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
482 B 151ms
25ms XHR
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=d85fd102-de5c-48f2-a203-c03efc540081&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

088acaffd942e7ef5d55b2f4df7423fecc9c75cc559b1d25a02baae07d911fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.hercampus.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 475ms
88ms Script
application/javascript 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00dbddd200ef6cfd04713f31c1a5729b74
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 01:17:39 GMT
content-encoding: gzip
X-TraceId: ca5ae04be51243fa138a919743d920e3
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 522ms
95ms Image
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00dbddd200ef6cfd04713f31c1a5729b74&apiObjVersion=2.0-gtm&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&optOut=false&bust=08566968790572049&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 01:17:39 GMT
Cache-Control: no-cache
content-encoding: gzip
X-TraceId: 38d3bd26a8e08cf90e5999a7755b0297
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 92ms
20ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1726855
x-guploader-uploadid: ADPycduLdztAz3Zp6zreifkFu5_1QrxowykP8MxCIy_wGanytb-liSOblGYBA6T_hqpeEIO_afL_r4_fEgI9WLfUW57YpA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BilNPerHFGCDMB3GKFNrk5054ExFpzg3rUK86XCoVWnIaHpnRiQKnp6Z%2BYBvZiYiER6Q3454XILShiuY76lQ4hNtE8jK02Rsfnk42cYWQeZljvJR78oKhZF4Rlz7c%2F09kiZAYPoDQN9sZh3iEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 76bcde1d1f16994e-FRA
expires: Sat, 29 Oct 2022 02:33:10 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 155ms
37ms Image
image/x-icon 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 12:59:37 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
940 B 89ms
19ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5990912178270456
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1726855
x-guploader-uploadid: ADPycduLdztAz3Zp6zreifkFu5_1QrxowykP8MxCIy_wGanytb-liSOblGYBA6T_hqpeEIO_afL_r4_fEgI9WLfUW57YpA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hog8m%2Fy49SZkQWt0NZjSWlfHuyJINgF7jm6Zbx12bsfByj75n%2Bs8%2FPfO7Rcb5isVAIDun1Maw7TW7BtbQrE7hCgtfbnMDA0VJA8Jnf6X73oM6DoF%2FUclSuZ2YB63mOhnpSR64Av4YG1%2BAXQBaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 76bcde1d1f18994e-FRA
expires: Sat, 29 Oct 2022 02:33:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 192ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Nov 2022 01:17:38 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
303 B 69ms
28ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=d85fd102-de5c-48f2-a203-c03efc540081&ev=PAGE_VIEW&intg=gtm&e_desc=the%20go%20to%20glossier%20guide&pl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&bt=1d53c387&if=false&m_dcl=1469&m_fcps=1199&m_pi=1448&m_pl=1895&m_pv=v2&m_rd=3687&m_sl=3602&rf=&trackId=8d3e6473-4ae2-4607-8310-1d3d32e939ec&ts=1668734258682&u_c1=c5d2bec0-c928-44ae-902e-379914ed6e70&u_sclid=4b09a95c-cc37-45a9-a046-4cd0a0fe6934&u_scsid=eba36bd9-68fb-489d-88c8-ef6fef20d8fe&v=2.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 204 134599769.js Show response
bat.bing.com/p/action/ 0
118 B 151ms
125ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134599769.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 18 Nov 2022 01:17:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07FB01B4C68B4676BF54495CF3885BAD Ref B: FRAEDGE1118 Ref C: 2022-11-18T01:17:38Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 50ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134599769&Ver=2&mid=3fb6e142-df6f-4b61-96f0-e52208c64020&sid=caa7383066de11ed8ba037747dfd6fb7&vid=caa7c0f066de11eda8b90bf84c5ec23d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Go-To%20Glossier%20Guide&kw=beauty,glossier,makeup,new!,olivia%20rodrigo,skincare,wishlist&p=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&r=&lt=1895&evt=pageLoad&sv=1&rn=669400

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Nov 2022 01:17:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5BE18CB11D84B6A8E1861E9406F2D4F Ref B: FRAEDGE1118 Ref C: 2022-11-18T01:17:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 149.js Show response
cdn.keywee.co/config/ 212 B
552 B 20ms
16ms Script
application/javascript 2600:9000:2156:e400:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/149.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8699f049c6b6da5ca7683aebfa89947f1bbac8f8d037fe5e6158ffb07ccb70e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 09:42:57 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Thu, 15 Nov 2018 09:11:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 56485
etag: "b90ebc65f9f1e06560eac7d9d2ce870e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 212
x-amz-cf-id: U5RM2EGykXAYHI9gWr1Rnj1_YJocT4z9IaPkoOVYmJDU0rcWCF8QNg==

GET
H2 200 main.9a94ee76.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 103ms
102ms Script
application/javascript 2a02:26f0:1700:78e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:78e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 39ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=605971433449383&ev=PageView&dl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&rl=&if=false&ts=1668734258772&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22368630217453215%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22902278707230226%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1668734258757.1215412531&it=1668734258578&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 18 Nov 2022 01:17:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 adsct
t.co/i/ 43 B
376 B 169ms
111ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=843e1a4e-c037-4b8b-aa6f-93263bb61194&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=24a8e8b4-5360-47cb-b6c4-f03a79bf40d2&tw_document_href=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4tcx&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 108
date: Fri, 18 Nov 2022 01:17:38 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f5338f530a20bf26
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 519d41cca55b9dc1c6f29851a46a51809cfb194feda9c9e9a18aaae18da7e6a3
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 183ms
111ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=843e1a4e-c037-4b8b-aa6f-93263bb61194&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=24a8e8b4-5360-47cb-b6c4-f03a79bf40d2&tw_document_href=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4tcx&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 18 Nov 2022 01:17:38 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0345a51526a3ac29
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: de6e804d16b98c0a71474fb529823089089e688791bf5c84d029413323a70898
content-length: 43

GET
H2 200 sp-2.9.1.js Show response
cdn.keywee.co/dist/ 75 KB
26 KB 12ms
11ms Script
application/x-javascript 2600:9000:2156:e400:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 04:29:00 GMT
content-encoding: gzip
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Sun, 14 Oct 2018 12:37:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 4308519
etag: W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=315360000
x-amz-cf-id: Zfvfj5SqoDqt__SEC7wwFvt_2b-CpvQ4q_hPxfDEGLGGGxzd7b1zzQ==

GET
H3 200 456091197919002 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/456091197919002?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0571e0590b427f46834c61207ec0ba6928f22ad65b3252813ab545335e06d115

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 18 Nov 2022 01:17:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tg7WMd6ajGxkVk9ixW4njtcvsNA3p5JovzdO8XFGxeG56/g3KjXAu4h4xraQizsBhRCm8SWmsLD671brZRujHA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 134ms
132ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id: 8918a2d1.4d8001d
date: Fri, 18 Nov 2022 01:17:38 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 119,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=8, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 20221118011738C4FC4F892F936E1D2CC7
x-cache-remote: TCP_MISS from a23-32-16-75.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.32.16.75
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa1578919cd9dc3e64e6f57e992438903d7bce85b089be7073072a490893774456ae68560069a8e3e4b122e827592b8bbe38614d90f7a670b4db34309e43b3cc54a7
expires: Fri, 18 Nov 2022 01:17:38 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
685 B 112ms
109ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2504346d.4d80042
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=9, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221118011738515C328FEC64EE1CD531
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.11
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15b86a2134cf6dac68f48731dfda2a627c7eb90e841842d2364068d9dc032e517de4a42308123d68e57284382b268bb721d86b41325d3d64b0f920aae19426760b
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
686 B 120ms
116ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8918a58a.4d80046
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 97,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=10, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221118011738D83EF819A848201CAEA7
x-cache-remote: TCP_MISS from a23-32-16-75.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.32.16.75
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa1578919cd9dc3e64e6f57e992438903d7bfa0c3636682e11245cbb7ff47304fa4add00a64d1891f9bbef36faca444f726e409a905f4e604c289e8d7552a6879f2c
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
689 B 117ms
114ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6e49dc59.4d80047
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 96,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=10, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022111801173813215C85737B8F23BE9A
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.220.104.16
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa159457d0fd8b942b36f27decf3f2815b6df427adfe3eb17281786f33783cf69913000b5970084c489cfae08094065028e29573ee39fb66bf99974dd83f96712096
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
686 B 115ms
112ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6e49db8c.4d80048
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221118011738D7C359A61F327713E383
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.16
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa159457d0fd8b942b36f27decf3f2815b6d84cd06d02b56b18675660d51aafe7b3e0118b9cb39670f10a358462b74094355aa9e4919252338bc4d7c8bc05c9ef560
expires: Fri, 18 Nov 2022 01:17:39 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 107ms
105ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BU889AFKFOS2799BO3JG&hostname=www.hercampus.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6e596ad970b96e188d7a544c450822272be400d13f18c144b0e39118bd78ed07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-akamai-request-id: 681961f3.4d80055
date: Fri, 18 Nov 2022 01:17:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202211180117380023D4FC15937C18D5ED
x-cache-remote: TCP_MISS from a23-32-16-84.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.32.16.84
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15b9250c298654d473cbebcf2a9033a608a8d8b305dc823260d03cd417badc67d1e3bdef58608eaa8a01817c6a41e37db5586264a4ca55a149b76cf7ceac650526
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
688 B 116ms
116ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2a6c9c09.4d80056
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 99,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=12, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221118011738D582BB1D584C6C1906E6
x-cache-remote: TCP_MISS from a23-220-104-18.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.104.18
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15489b3a35c824b97b443854ae0391a88a3a4bd46d183810023aeed2a4f83b9335742ad8730e0babcd419b83916fb3958c62ca0fc2c647f885dd407e7cb14295e3
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
685 B 123ms
123ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3078318d.4d80057
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 102,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=14, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022111801173853B865FA648B871200C3
x-cache-remote: TCP_MISS from a23-32-16-68.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.32.16.68
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15520a5cc1f029e70380059238a3fd5cda06e40c803c6e4dc14e88d40df519f99df94f68c68301068145231aa7e0df4ea8f11c155464d6c9be17a749a75b5cceea
expires: Fri, 18 Nov 2022 01:17:39 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 257ms
142ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5690665060007936&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:39 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 260ms
146ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=VJ170TrcTz&w=5688915330596864&o=5690665060007936&cv=2.1.0&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5690665060007936&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Nov 2022 01:17:39 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D964 13 KB
5 KB 136ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 21:37:38 GMT
expires: Fri, 17 Nov 2023 21:37:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7236 783 B
1 KB 143ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b80a96b59939de4940daf684e485acda16979205d25f6d3aeeef3d181c4a581

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q3icgtaXe9ggvk9sBLT4Jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Q3icgtaXe9ggvk9sBLT4Jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 01:17:39 GMT
expires: Fri, 18 Nov 2022 01:17:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 i
pixel.keywee.co/ 43 B
295 B 375ms
105ms Image
image/gif 52.72.158.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.keywee.co/i?stm=1668734259006&e=pv&url=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&page=The%20Go-To%20Glossier%20Guide&tv=js-2.9.1&tna=cf&aid=149&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=517cba3e-fa35-4ebe-8159-fc378a7b4fc8&dtm=1668734259003&vp=1600x1200&ds=1600x3835&vid=1&sid=1b396a11-8cb7-4a88-afe2-7c8ca871b7c9&duid=ff3c5824-f19d-4f84-9899-d86fa511ffe8&fp=2157192617

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.72.158.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-158-232.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

status: 200 OK
date: Fri, 18 Nov 2022 01:17:39 GMT
x-content-type-options: nosniff
content-type: image/gif
server: nginx/1.21.3
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
863 B 110ms
38ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612660060313&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1668734259008&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.976656b8.1668734259.1e2f85e8
x-envoy-upstream-service-time: 1
content-length: 377
x-pinterest-rid: 3835524746981417
pin-unauth: dWlkPVpqWTJZVEUzTlRjdE1ETTJZeTAwT0RZeExUa3pPRGN0WXpCalpEazROVFEyTXpJdw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hercampus.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
860 B 102ms
34ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612660060313&cb=1668734259010&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.976656b8.1668734259.1e2f85e9
x-envoy-upstream-service-time: 1
content-length: 377
x-pinterest-rid: 1576014265155136
pin-unauth: dWlkPU0yUTFOR00zWm1NdFpEbGhNaTAwT0RKa0xUaGlORGd0WWpjd05qWmpNbUU0WldOag
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hercampus.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 90ms
37ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612660060313&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668734259019

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:39 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.976656b8.1668734259.1e2f85ea
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1843744026013491
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 45ms
19ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=456091197919002&ev=KWCEPV&dl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&rl=&if=false&ts=1668734259030&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668734258757.1215412531&it=1668734258578&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 18 Nov 2022 01:17:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 41ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=456091197919002&ev=PageView&dl=https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F&rl=&if=false&ts=1668734259032&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668734258757.1215412531&it=1668734258578&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 18 Nov 2022 01:17:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
686 B 205ms
179ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 30783bfb.4d800a0
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 168,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=134, origin; dur=40, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202211180117396E1ABBC0578285290C93
x-cache-remote: TCP_MISS from a23-32-16-68.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 40,23.32.16.68
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15520a5cc1f029e70380059238a3fd5cdac209718a3be451d19783d22609becb68308a71ca9db0e964d99e884efda3f823a50b421b5ee05399d920ed7a60daaa56
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
681 B 110ms
109ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 30783aa3.4d800b4
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221118011739577E8F4182103E20CD02
x-cache-remote: TCP_MISS from a23-32-16-68.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.32.16.68
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15520a5cc1f029e70380059238a3fd5cda1f2814b70ab546115a5895b5f21d5111e8a72a55e040a72413f3157fbec583d27d0bce0493ea1aadaf1312eb5580a863
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
686 B 111ms
111ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2d0ae295.4d800b5
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 99,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202211180117390A7F4A70EC9171213C5D
x-cache-remote: TCP_MISS from a23-220-104-26.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.26
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa1528fc7f4336a4e2d31f1c9b63c9de3fc06ceb168eb4d6f075db5b93089a34159e9ac1a8d029246e62b0346302b9a3592e9b4c197926fc5d9a559adddf55359b15
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
687 B 138ms
135ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7ca9ed6f.4d800c2
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 110,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=18, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221118011739928EC7FCEC229919E713
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.220.104.7
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15634c7aef1cae1ea5b878c97491531a7a938a5320811e5d613ccd516cdd614d0503144607a963a99d44b00f22bf9ff45b474767c3aea2e3e6d98ac4d58224291d
expires: Fri, 18 Nov 2022 01:17:39 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
687 B 148ms
145ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BU889AFKFOS2799BO3JG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hercampus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 83d1fe2f.4d800c3
date: Fri, 18 Nov 2022 01:17:39 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 127,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=36, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221118011739D19B4E3C7F280816030B
x-cache-remote: TCP_MISS from a23-220-104-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.220.104.6
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3c58b7ea61b1322d7210451372bf0aa15c2117a900e1bca4c8536a48409e57719df01bcca626d8a6c3aafb37dfc8896d59f9d4e4202924723a264be3ddd16faec19c9b749b601e6beb799933c4b66cd79
expires: Fri, 18 Nov 2022 01:17:39 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame CCDF 565 B
591 B 35ms
33ms Document
text/html 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.976656b8.1668734259.1e2f85ff
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 01:17:39 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1665027226595233

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 41ms
40ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612660060313&cb=1668734259142&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVpqWTJZVEUzTlRjdE1ETTJZeTAwT0RZeExUa3pPRGN0WXpCalpEazROVFEyTXpJdw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.hercampus.com%2Fschool%2Fnorthwestern%2Fthe-go-to-glossier-guide%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 01:17:39 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.976656b8.1668734259.1e2f8601
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 8406109184790609
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7236 0
0 158ms
74ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111401&jk=2830000988119911&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame D964 36 KB
16 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 18:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 18:17:59 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 56DC 0
15 B 12ms
11ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.hercampus.com
Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.hercampus.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 01:17:39 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D964 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CTQ_nw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:17:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BF4B 0
15 B 11ms
10ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.hercampus.com
Referer: https://www.hercampus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.hercampus.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 01:17:39 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111401&jk=2830000988119911&bg=!VFelVxPNAAbvMpMzzzI7ACkAdvg8Wkua_A_lf8ATDwUO_3Czvw9H_OVzBh7lSp3v8DvBu_tCvfllQAIAAACgUgAAAARoAQcKABWwi5LQ-fCLc2zduYqULJXkZmMHmKSZApwSwEFiUZd1jYlauI3kAEcAZnraZ8a5vHbJnWjJPj2zQpB2l1TP1JdyMewloe0f2-ovmsTHMCxwmX9tKA8PmkkrU8NBQr_W7HS0kgFlV7Z0fW_bgY7enU0naNf9DDrqmvLXvO942jGHi3TdQov-xQeiQHM6MCvbnxwRdYCW60EjAWQSUxUT-OPW4xN9Xl_ilf2EQoIIInqb7myB1np522a3b7FZYQKX5Q3dHbPYrA9QomnhDNTTtZgpubnsFmK2qagt5Z9lHWI-i0XtGDNkKSg6fZSgdtJvQjgs5XtSzWteQaKckT5E1WZdMVes4_tYvFJGkgSiMenw7JztpDnsfSyA5ebFmyPsNiBd7W5-Wsk06f2VXvU3MlVZv1UcMW1ezdaeKwQuS3Fr6g56ibH03HzGUf7aAeAL_qgL5uXWcwTLxhUR8Vnqr1lllXDbOJoNb6pEBUI54Ib3WWXKItIh45YjDgDGWKIGgMTxosXSr_aJTIGcSD7__w1ZyreDeuxxvy7VTMvP8nZCLCD4y0r6vChLFgefHCfStr2jqkRtMKITo3OF0Oo1z2O3hNnZs44hOn9b8Pj4sliXjyn8iKcMfABXgzgESRuNAfyNDPwqmjjY9aRA0e1R_WDYu3x-3pEuTIgeyWm9o3L2EuI1FbwVDQgTeWIpo-QZpWNgZZPqyw8XCgLdszOHbxBdkcnwoHj_ol-wmCGPu-hGxekumQxBX1y37m_hFQ6v7FCIvz4W9zpc6iVhNIwk8mgsaYQJzO0AURs6KE8npJfWOxO-wus2GJZabUkx0IGvjU3wYSF4ZjsWXV-X4fyh4MvyzeNnZUirJdMAc8FlyOIVcOI_PxBby9mdeARnad5JxRzZ1ASOwpuOQBTPvmYp7fb8ShVICg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hercampus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hercampus.com/school/northwestern/the-go-to-glossier-guide	1969-12-31 23:59:59	Name: Value: test
.hercampus.com/school/northwestern/the-go-to-glossier-guide	1969-12-31 23:59:59	Name: _schn Value: _sixl32
.hercampus.com/school/northwestern/the-go-to-glossier-guide	1970-01-20 17:02:00	Name: _scid Value: c5d2bec0-c928-44ae-902e-379914ed6e70
sc-static.net/scevent.min.js	1970-01-20 07:33:40	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
mailview.bulletinintelligence.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: r31krbohelbiawohyizxzmw0
.hercampus.com/	1970-01-20 07:32:16	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/%22%2C%22sref%22:%22%22%2C%22sts%22:1668734256390%2C%22slts%22:0}
.hercampus.com/	1970-01-20 17:01:38	Name: _parsely_visitor Value: {%22id%22:%22pid=aeb981c0e0868c87618c6368d80fc5da%22%2C%22session_count%22:1%2C%22last_session_ts%22:1668734256390}
www.hercampus.com/	1970-01-20 07:32:16	Name: lux_uid Value: 166873425661870307
.hercampus.com/	1970-01-20 07:33:40	Name: _gid Value: GA1.2.373470171.1668734257
.hercampus.com/	1970-01-20 07:32:14	Name: _gat_UA-10885536-1 Value: 1
.hercampus.com/	1970-01-20 17:08:14	Name: _ga_CNKBKYQZYE Value: GS1.1.1668734256.1.0.1668734256.60.0.0
.hercampus.com/	1970-01-20 17:08:14	Name: _ga Value: GA1.1.1704411393.1668734257
.bing.com/	1970-01-20 16:53:50	Name: MUID Value: 37F6AC232D9A64152B07BE432CEB653B
.hercampus.com/	1970-01-20 07:33:40	Name: _uetsid Value: caa7383066de11ed8ba037747dfd6fb7
.hercampus.com/	1970-01-20 16:53:50	Name: _uetvid Value: caa7c0f066de11eda8b90bf84c5ec23d
.snapchat.com/	1970-01-20 16:53:50	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItI1G0I76B+wfG2CFKFtDNZRiYtpTLXu+kKEOye7rHBpejxAUexOGgyAAAA
.hercampus.com/	1970-01-20 09:41:50	Name: _fbp Value: fb.1.1668734258757.1215412531
.doubleclick.net/	1970-01-20 07:32:15	Name: test_cookie Value: CheckForPermission
.hercampus.com/	1970-01-20 16:53:50	Name: __gads Value: ID=2eafd62785e8e66b-2226d82940cf0056:T=1668734258:S=ALNI_MaMIU-LKuH7qq0_rRLGVrkma58XvA
.t.co/	1970-01-20 17:08:14	Name: muc_ads Value: 989ba9c0-e5a9-415e-b410-2404c80b5216
.twitter.com/	1970-01-20 17:08:14	Name: personalization_id Value: "v1_BlzG1/YG2zFoxyReOlq3vw=="
.tiktok.com/	1970-01-20 16:53:50	Name: _ttp Value: 2HhPI4naSABmf40nBzNBULJGm2T
.hercampus.com/	1970-01-20 16:53:50	Name: _tt_enable_cookie Value: 1
.hercampus.com/	1970-01-20 16:53:50	Name: _ttp Value: ccbd3aaa-8fe2-4819-865c-6618fd75a42f
.hercampus.com/	1970-01-20 16:17:50	Name: _pin_unauth Value: dWlkPVpqWTJZVEUzTlRjdE1ETTJZeTAwT0RZeExUa3pPRGN0WXpCalpEazROVFEyTXpJdw
www.hercampus.com/	1970-01-20 07:32:14	Name: outbrain_cid_fetch Value: true
.ct.pinterest.com/	1970-01-20 16:17:50	Name: _pinterest_ct_ua Value: "TWc9PSZHdXErMDJSUFZsQTh4RHI4K3ArUDRIdXFoK3k0TUo2OWdvNGJGOXRSK1dhK0lscEJyK0UzZUZtSHFlbXdzSTdpMUpsY0diUURPWFhtaEpUUDFudnZ3K3Y1L0tucUN5azJOVmRjZmxZczNSaz0mOWZWREJwK005QWMyY0pXUmhGVEhQOWE5UU9RPQ=="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.hercampus.com/school/northwestern/the-go-to-glossier-guide/(Line 6) Message: <link rel=preload> must have a valid `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

85e175deb444e37f637b7274979b9b56.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
api.btloader.com
bat.bing.com
btloader.com
cdn.bfldr.com
cdn.keywee.co
cdn.parsely.com
cdn.speedcurve.com
connect.facebook.net
ct.pinterest.com
geo.moatads.com
ls.skimresources.com
lux.speedcurve.com
m.skimresources.com
mailview.bulletinintelligence.com
mb.moatads.com
p.skimresources.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.keywee.co
r.skimresources.com
region1.analytics.google.com
s.pinimg.com
s.skimresources.com
s.w.org
sb.scorecardresearch.com
sc-static.net
securepubads.g.doubleclick.net
static.addtoany.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
t.skimresources.com
tpc.googlesyndication.com
tr.outbrain.com
tr.snapchat.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hercampus.com
z.moatads.com
104.244.42.131
104.244.42.133
104.75.88.209
13.32.121.37
130.211.23.194
142.250.185.198
146.75.116.157
151.101.2.217
151.139.128.10
18.66.100.58
18.66.120.247
18.66.147.43
192.0.77.48
199.230.29.40
2.16.186.242
2001:4860:4802:32::36
2600:9000:2156:e400:e:ec66:e40:93a1
2606:4700:10::6814:34c3
2606:4700:10::ac43:2794
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700::6810:3965
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2001
2a00:1450:400c:c1b::9a
2a02:26f0:1700:78e::1931
2a02:26f0:3500:16::215:14a0
2a02:26f0:480:f::213:7ed3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.120.117.212
35.178.31.183
35.178.63.59
35.190.43.134
35.190.59.101
35.190.91.160
35.201.67.47
52.17.99.225
52.72.158.232
64.202.112.31
88.221.169.143
88.221.169.78
00267ff109767adc7ea072e0c7b35add68a3adb41a59cbb6e9a574d1b518a28e
0424e19520bce927755b6b3e6a31fd16af5d494271e3db98516e08aa180b043f
0571e0590b427f46834c61207ec0ba6928f22ad65b3252813ab545335e06d115
06fa64117c412ff72e5f208173a7b7118ce8f8513788bcd974ff1cf530cfcb9d
0856da6f076f28d706af4c73399891fa5075bfef2177ab416e05aff00da047df
088acaffd942e7ef5d55b2f4df7423fecc9c75cc559b1d25a02baae07d911fc3
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0c4b95cab266dfd6ee6a80c712fae8c3536530c9760076a11f44d37a59afc487
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1a69e25e5ec196a9ca4255113b16bdd4f68f8d48d88231d0deb67636413257b8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d19aace1436ce3502388c821d29c63ddf3a4724f101ae578fad1d47f95b9353
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ffaf9148099bea3aca42b41ef6c8abcc7acd7e3ac12a84dd85030643d8fb954
27457968216f3778f74128b983531b8f1ee1e101aed60833d1a19af41fd8d7ec
294acb8a0aa558a10a0f29962d383562edc37a64200583551f364afe18650d87
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cd7a09cd4c659a50ad89dd0420fd6544f87ebf03153ff59b88661ba8561e926
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b3a5f2e1e00992e5c6c9c448c671daf66c57dea707c6f0dd654466f4d3566b4
3e2ccf5a974d78a6fdca5b2fe544a4fdeefb3bbe668d1deb95259d421fb3e514
43cf94adadc78b282518b7beabeee72520e2bae9c2328c5474388ad77b41e9de
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44889b2803f42b5cf263956a60de0189aa191aaf2ae4224dde7ec4ebf7467d73
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4c53036e28c9ae76f6bb6653c8dfd6d019a56b7c6c07aba09120f88a58e2b9f1
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50f6ecfbc5ebf3299691a51f4429c3779b6f839cb3c26c45e4460a507a9eaf1d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56aa6add9cee28f897d896cf29800e20f8b12a4acdada88c58adeb08ee0c251d
5700fb24eb3b3c111a304420a84f46bcfc424f33443671ab4d135687b1df54cd
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330fefb8b254919b68a210d6f0f09936d43a2fd555621ec34f77cdcaddd1beb
67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e596ad970b96e188d7a544c450822272be400d13f18c144b0e39118bd78ed07
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7107260d5630055d703f6103e6cf9749dcf40a04775acf24afa05933c54b9e04
72583f735d7faac75072fd856bf0319fa498ca0d1c26308019872ca811d4cafc
72c530773071f1aa1e6f7a3b0d20810449c8b6eb39d6e109fcd7082868888f68
7661153520eb46bf33539924d81f71277e416a88f960e3be396c721aabc3d2ca
77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683
7c844c5fca09ea9bf12cbdeb50afe5602d96851613188c641e9c4742656bf6c0
7f8b747b1b577b52ca0f8778de80a4dd998abcc1e3fbe68b3715515eae6f68f7
8090cccf12cb6b11828eb10390b4e97f4dfd7192f8043a1f8a2b0a1d416e45c0
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
8a26f948122b1fe863bae3e65f7a64893e6e29e8e760ac075654174f96171cdd
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
8b80a96b59939de4940daf684e485acda16979205d25f6d3aeeef3d181c4a581
8c6d48303a9f8ef88ae8895533c6ef87e4ea6776c37dbf3a20519a956a3e98c6
94f721cea60b90692738a2e4ab2997bbf8228d7554a4d5c13a909f1d5af03cf2
95dfd85f564b7803f552f9cc2c4d0fde120d17dc3c23e8cf19879c6725e381c8
9699cefdd3faa64c45f5920be5dc4ad1210af739b4e251c3af3eaeafd8ef86e0
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a27206d292ba914a7be4fa2466c4be72c1791fdb552f3fc53a1c2f4d6f96cb5a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a90d2b9a8ef6ca85a8d21190509cb54bade6eff7f48379eaa77980b9428fd5bb
a92744adb2f79769e5506908c778b1cda7b1321ad65d1d5dad5150223fd5e083
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae4b3e1f5db954b2d7a9198df5512175b69ede8e2b3ac8200cabc4475032b4e3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd08ba2df1ee6e0e9b399e1c6e126d754ffaddeaabafb23b8f4cff06110959b2
c1ba8fae1bed57e1de8cabdb27f73747d529ba1f1e0e8308c693a9c8871dcc65
c22c5f95b6382f348fd4487180648e7045c01ed1cc5898aa760499830df23c45
c5c8f753ef44ddfa1ff871fb3096d12c215e5f82c57306f7c21a42e6e2fa0b56
c7b46022c4ae5a1798ed9e45a83ed40aead7f761070cb9af515bff95855db307
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cda44bd873cb05cb2a8b78f8a870bb021439208eaa2ce2ad88dcd21bc925c066
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d02aac8e3e7a20b2529c39c29b7adb085f508674d7e308fcbcbca78bdde23eb1
d102c69c2e02cfd878d735d72dced6641b41c8a80f8570e9ceae04e556dfa56d
d29be0c704e48bdaeb78576e3cb8f3ccd3ce623e4cce04d13c54aaa0f567ff5f
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d4f1660ba50018b232687f1bf2ea51de3a5ad43ca4b5afb5f9f007a0a2bd2a14
d54e9bc9bba49d0fbeeb0a47349c430e3e66b0731bc642cce0e1e5691d185d02
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d8699f049c6b6da5ca7683aebfa89947f1bbac8f8d037fe5e6158ffb07ccb70e
d95d4da7a478336980404c419335bed805699753f053e84226540add0f41edef
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb5ede1d5431c8de3e5e8d1a319321ddcc31f9f518b91e2bb923b74ab063028
e168a1e62d599a527a2176badae2bf3a55b8bc7d1baa7b45ca4d46710ebff4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89d3292942d6be13eeb02d58bd139cc5f46b1ea0b00a46612696c8db4ddf689
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ab96978d8f6c32e6e171324ea26ec9bdee003c2c3c115de92956639d837b2
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f5ebbe5f5fb39e5a0c3dc73461cd18bb44db217b97986e9a4383d797d6eb1f9e
f73b286de67c4d1b452d1e95b2070c8d987d910332b1d830439b6952a781e70d
f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

www.hercampus.com Open in urlscan Pro 2606:4700:10::6814:34c3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

99 %HTTPS

46 %IPv6

33 Domains

53 Subdomains

49 IPs

5 Countries

1924 kBTransfer

4676 kBSize

27 Cookies

40 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hercampus.com Open in urlscan Pro
2606:4700:10::6814:34c3 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

99 %
HTTPS

46 %
IPv6

33
Domains

53
Subdomains

49
IPs

5
Countries

1924 kB
Transfer

4676 kB
Size

27
Cookies

144 HTTP transactions
0 data transactions