www.itcosmetics.com Open in urlscan Pro
104.16.109.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.shoprunner.com/u/click?_t=fe8bab90f295425a8310ce262461b20e&_m=b4bd8129a2d84fedafeba29da2cb4922&_e=LRlNoVpDxIcet...
Effective URL:
https://www.itcosmetics.com/
Submission: On April 05 via api (April 5th 2022, 12:10:09 am UTC) from SE — Scanned from DE

Summary HTTP 208 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 77 IPs in 7 countries across 63 domains to perform 208 HTTP transactions. The main IP is 104.16.109.64, located in and belongs to CLOUDFLARENET, US. The main domain is www.itcosmetics.com. The Cisco Umbrella rank of the primary domain is 435749.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 10th 2021. Valid for: a year.

This is the only time www.itcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:205... 2600:9000:2057:b800:f:8240:f400:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	34.225.4.19 34.225.4.19	14618 (AMAZON-AES) (AMAZON-AES)
1 72	104.16.109.64 104.16.109.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.128.114 151.101.128.114	54113 (FASTLY) (FASTLY)
1	65.9.67.160 65.9.67.160	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	34.234.56.81 34.234.56.81	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.66.38 65.9.66.38	16509 (AMAZON-02) (AMAZON-02)
2	23.75.227.253 23.75.227.253	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.58.82 65.9.58.82	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1 2	99.86.7.55 99.86.7.55	16509 (AMAZON-02) (AMAZON-02)
1	54.158.164.13 54.158.164.13	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
1	143.204.215.79 143.204.215.79	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:883::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.202.245 143.204.202.245	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.102.147.248 34.102.147.248	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2600:9000:206... 2600:9000:206f:bc00:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.120.51.47 3.120.51.47	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
4	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.247.75.25 34.247.75.25	16509 (AMAZON-02) (AMAZON-02)
4	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
5	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
5	34.225.5.197 34.225.5.197	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.48.97.146 52.48.97.146	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:c200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	3.124.150.38 3.124.150.38	16509 (AMAZON-02) (AMAZON-02)
1	34.247.9.63 34.247.9.63	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.157.19.73 35.157.19.73	16509 (AMAZON-02) (AMAZON-02)
1 2	34.251.6.15 34.251.6.15	16509 (AMAZON-02) (AMAZON-02)
2 2	54.225.98.71 54.225.98.71	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:53e2:11db:de26:cbeb	14618 (AMAZON-AES) (AMAZON-AES)
1	54.193.236.21 54.193.236.21	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:aad:149d:18a2:a241	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.35.229.117 23.35.229.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	3.91.119.106 3.91.119.106	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
208	77

1 2600:9000:2057:b800:f:8240:f400:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

links.shoprunner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.4.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-4-19.compute-1.amazonaws.com

pixel.shoprunner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 104.16.109.64 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.itcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-67-160.fra56.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.56.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-56-81.compute-1.amazonaws.com

7290682.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-38.fra56.r.cloudfront.net

edd8a9329ddd.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.227.253 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-227-253.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-82.fra56.r.cloudfront.net

d22xmn10vbouk4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.7.55 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-55.fra6.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.164.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-164-13.compute-1.amazonaws.com

f0a7d0d85eb04ef688c8398c668aa093-edd8a9329ddd.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.249.97.99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-79.fra53.r.cloudfront.net

static-assets.dev.fs.liveperson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

8563001.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:883::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-245.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:bc00:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.51.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-51-47.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-px9gxgqy6v.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.75.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-75-25.eu-west-1.compute.amazonaws.com

p.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.225.5.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-5-197.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.97.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-97-146.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.240 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.150.38 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-150-38.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.9.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.19.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-19-73.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.6.15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-6-15.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.225.98.71 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-98-71.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:53e2:11db:de26:cbeb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.193.236.21 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-236-21.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:aad:149d:18a2:a241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.117 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-117.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.91.119.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-119-106.compute-1.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	itcosmetics.com 1 redirects www.itcosmetics.com — Cisco Umbrella Rank: 435749	723 KB
12	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3367 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3437	64 KB
10	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 389 mug.criteo.com — Cisco Umbrella Rank: 2685 sslwidget.criteo.com — Cisco Umbrella Rank: 1711 widget.us.criteo.com — Cisco Umbrella Rank: 18842 dis.criteo.com — Cisco Umbrella Rank: 697	17 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	22 KB
9	forter.com 1 redirects edd8a9329ddd.cdn4.forter.com — Cisco Umbrella Rank: 154286 cdn9.forter.com — Cisco Umbrella Rank: 4920 f0a7d0d85eb04ef688c8398c668aa093-edd8a9329ddd.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4958	63 KB
7	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3455 va.v.liveperson.net — Cisco Umbrella Rank: 3776	113 KB
6	clarity.ms 1 redirects k.clarity.ms — Cisco Umbrella Rank: 2080 c.clarity.ms — Cisco Umbrella Rank: 644	24 KB
6	doubleclick.net 3 redirects 8563001.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	4 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 487	115 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 990	824 B
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 436	4 KB
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1030 sp.analytics.yahoo.com — Cisco Umbrella Rank: 844 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5640 adservice.google.de — Cisco Umbrella Rank: 8069	2 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 390 c.bing.com — Cisco Umbrella Rank: 230	13 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 531 i6.liadm.com — Cisco Umbrella Rank: 1596	1 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 848	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 668 cdn.stickyadstv.com — Cisco Umbrella Rank: 2209	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 654	851 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2065	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 325	737 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	596 B
2	px-cloud.net collector-px9gxgqy6v.px-cloud.net — Cisco Umbrella Rank: 702425	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	427 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	114 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 772	19 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	16 KB
2	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 23500	74 KB
2	igodigital.com 7290682.collect.igodigital.com — Cisco Umbrella Rank: 655546 nova.collect.igodigital.com — Cisco Umbrella Rank: 4872	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	154 KB
2	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 6488 p.cquotient.com — Cisco Umbrella Rank: 6952	13 KB
2	shoprunner.com 2 redirects links.shoprunner.com — Cisco Umbrella Rank: 352395 pixel.shoprunner.com — Cisco Umbrella Rank: 337949	1 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 808	418 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1813	220 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2115	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1179	427 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 588	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1267	99 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1796	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1929	336 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 728	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 511	725 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 620	673 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 348	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1446	427 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 835	476 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2293	232 B
1	linksynergy.com consent.linksynergy.com — Cisco Umbrella Rank: 25087	335 B
1	t.co t.co — Cisco Umbrella Rank: 463	336 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 518
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 546	595 B
1	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4718	374 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 622	6 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 7849	21 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1187	7 KB
1	liveperson.com static-assets.dev.fs.liveperson.com — Cisco Umbrella Rank: 33069	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 788	457 B
1	cloudfront.net d22xmn10vbouk4.cloudfront.net	23 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 5582	46 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1445	40 KB
208	63

	Domain	Requested by
72	www.itcosmetics.com	1 redirects www.itcosmetics.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
8	accdn.lpsnmedia.net	lptag.liveperson.net
6	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
5	cdn0.forter.com
5	va.v.liveperson.net	lptag.liveperson.net
5	tr.snapchat.com	sc-static.net
4	secure.adnxs.com	3 redirects
4	k.clarity.ms	bat.bing.com k.clarity.ms
4	gum.criteo.com	3 redirects static.criteo.net
4	lpcdn.lpsnmedia.net	lptag.liveperson.net
3	dis.criteo.com
3	ct.pinterest.com	s.pinimg.com
3	www.google.de
3	www.google.com	1 redirects
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	idsync.rlcdn.com
2	c.clarity.ms	1 redirects
2	collector-px9gxgqy6v.px-cloud.net	www.itcosmetics.com
2	www.facebook.com
2	connect.facebook.net	www.itcosmetics.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	8563001.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	cdn9.forter.com	1 redirects
2	lptag.liveperson.net	www.itcosmetics.com
2	static.ordergroove.com	www.itcosmetics.com static.ordergroove.com
2	www.googletagmanager.com	www.itcosmetics.com www.googletagmanager.com
1	d.turn.com	1 redirects
1	sync-criteo.ads.yieldmo.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	c.bing.com	1 redirects
1	p.cquotient.com	cdn.cquotient.com
1	mug.criteo.com
1	adservice.google.de	adservice.google.com
1	consent.linksynergy.com
1	adservice.google.com	8563001.fls.doubleclick.net
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	d.agkn.com
1	cdn.attn.tv	www.googletagmanager.com
1	static.ads-twitter.com	www.itcosmetics.com
1	tag.rmp.rakuten.com	www.itcosmetics.com
1	static.criteo.net	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	static-assets.dev.fs.liveperson.com	lptag.liveperson.net
1	nova.collect.igodigital.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	f0a7d0d85eb04ef688c8398c668aa093-edd8a9329ddd.cdn.forter.com
1	d22xmn10vbouk4.cloudfront.net	www.googletagmanager.com
1	edd8a9329ddd.cdn4.forter.com	www.itcosmetics.com
1	7290682.collect.igodigital.com	www.itcosmetics.com
1	cdn.cquotient.com	www.itcosmetics.com
1	cdn.evgnet.com	www.itcosmetics.com
1	www.googleoptimize.com	www.itcosmetics.com
1	pixel.shoprunner.com	1 redirects
1	links.shoprunner.com	1 redirects
208	85

This site contains links to these domains. Also see Links.

Domain
itcosmetics.attn.tv
careers.loreal.com
www.loreal.com
www.facebook.com
twitter.com
www.pinterest.com
instagram.com
www.youtube.com
optout.networkadvertising.org

Subject Issuer	Validity	Valid
www.itcosmetics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-10` - `2022-06-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
cdn.evergage.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-04-27`	2 years	crt.sh
*.cquotient.com Amazon	`2021-06-04` - `2022-07-03`	a year	crt.sh
*.collect.igodigital.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2021-11-16` - `2022-12-16`	a year	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2020-08-27` - `2022-09-07`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
*.cdn.forter.com GeoTrust RSA CA 2018	`2021-07-20` - `2022-08-20`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
dev.fs.liveperson.com Amazon	`2021-07-26` - `2022-08-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-12` - `2022-04-12`	3 months	crt.sh
*.rmp.rakuten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-28` - `2023-02-17`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.attn.tv Amazon	`2022-04-04` - `2023-05-02`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
consent.linksynergy.com GTS CA 1D4	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-09-30`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
cdn0.forter.com GeoTrust RSA CA 2018	`2021-07-20` - `2022-07-07`	a year	crt.sh
*.mediawallahscript.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-21` - `2022-05-11`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.itcosmetics.com/
Frame ID: CDE1B915EB7C6B506C29505837B0C9ED
Requests: 188 HTTP requests in this frame

Frame: https://8563001.fls.doubleclick.net/activityi;dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F
Frame ID: A6E5322A99EA42D2C5CD6490C543E291
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.itcosmetics.com&site=73595848&env=prod
Frame ID: 4E45CE698C1CC8894D23206C261A9F9D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf
Frame ID: D933223FE786EEAB1DA7928E37EDEAA6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F
Frame ID: 1790325DBE5D4B722449852E3FEEA7AE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.itcosmetics.com&origin=onetag
Frame ID: 46F1153467C78F5881B25E07D9178ECB
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F
Frame ID: 7D6138375B37DF4E4B7D02405A3E626F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2F6F53C3C8C7DE14052C3FCD29CB223D
Requests: 1 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=tZrHHsUb-x8k2lhJM9iYoW9xHNs6PiGh
Frame ID: B297449D54541C248721B5358C266964
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

It Cosmetics | Makeup, Skincare & Brushes for the Most Beautiful You!

Page URL History Show full URLs

https://links.shoprunner.com/u/click?_t=fe8bab90f295425a8310ce262461b20e&_m=b4bd8129a2d84fedafeba29da2cb4... HTTP 303
https://pixel.shoprunner.com/ad/?mid=&em=jennifer.estes%40ericsson.com&p=Iterable&sl=true&sl=true&m=EMAIL... HTTP 302
https://www.itcosmetics.com/ Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Page Statistics

208
Requests

90 %
HTTPS

29 %
IPv6

63
Domains

85
Subdomains

77
IPs

7
Countries

1725 kB
Transfer

5547 kB
Size

95
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://itcosmetics.attn.tv/p/Hkq/landing-page
Title: Sign Up For SMS Sign Up To Be The First to Know About Exclusive Offers!

Search URL Search Domain Scan URL

URL: https://careers.loreal.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.loreal.com/en/usa/articles/contact-us/consumer-inquiries-usa/
Title: other L'Oreal brands

Search URL Search Domain Scan URL

URL: https://www.facebook.com/itcosmetics

Search URL Search Domain Scan URL

URL: https://twitter.com/itcosmetics

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/itcosmetics/

Search URL Search Domain Scan URL

URL: https://instagram.com/itcosmetics

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/itcosmetics

Search URL Search Domain Scan URL

URL: http://optout.networkadvertising.org/?c=1
Title: AdChoices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.shoprunner.com/u/click?_t=fe8bab90f295425a8310ce262461b20e&_m=b4bd8129a2d84fedafeba29da2cb4922&_e=LRlNoVpDxIcet-2WcBbTAtO8mWDctNPhijOEzEkvL9hKZ69N11j-U_fd6VlGrjgQHA5oN-RrfabkZgDC_IAL7Z-rnfoLg8rz97ESS8vOxmMlE1k8b1HFnQ5_j5zJPehA8yd1DURkE6Vkw_jE0I7mRpaMzhLAv3_VI984C4bXqguKlkm4KZL_YgIqguyveUv1tCKgaXrWla6ImzwiaXfM5xKdzImuoMz99zY6icZJLYmHIydkLP2zmGOBhA6XxeEMhV3DDZzQAjemYTULSOPv6dGpMVlo_ZCGtCmDpRtVS1MtF9xFtoMIv2mrTG4eR_K3uvqFNuVOkuw39AYREvsYmXuUsMRDqvVaVkrhw5K44FtyZn50zbl0zusddzU3i6NKk9LWtEcEs5lntpLY70lBXNVF66ObpL3qIi4PggBa8lObeGG2biNCegu3cL5ERayT HTTP 303
https://pixel.shoprunner.com/ad/?mid=&em=jennifer.estes%40ericsson.com&p=Iterable&sl=true&sl=true&m=EMAIL&u=https://www.itcosmetics.com/&rid=ITCOSMETICS HTTP 302
https://www.itcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js HTTP 301
https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client

Request Chain 96

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/28bf0b9c684a78733871e01a18fb50b9f8bbcd032d814e36bee0690eeec4cb17ac7f4bca6a1656e0ddf048dca279

Request Chain 109

https://8563001.fls.doubleclick.net/activityi;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F HTTP 302
https://8563001.fls.doubleclick.net/activityi;dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Request Chain 147

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1055205405.1649117402&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2ohLYvPuDJKC-gaauqPQCA&sscte=1&crd=&eitems=ChEI8K6qkgYQooSrlonZqpWzARIdAIzd8Ong8A19vK7qgs-4AKt_4hB1mQplS1H9LjY HTTP 302
https://www.google.com/pagead/1p-conversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1055205405.1649117402&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=2ohLYvPuDJKC-gaauqPQCA&cid=CAQSKQCNIrLMT2k5fNz2b77UxENQXGDHTHH_ZifVy4gZpFJLG6BKtmsItURU&eitems=ChEI8K6qkgYQooSrlonZqpWzARIdAIzd8OmoQQmXyfSnWx0-SEo5HSwZ6NNbF8vacIU&random=2517790807&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1055205405.1649117402&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=2ohLYvPuDJKC-gaauqPQCA&cid=CAQSKQCNIrLMT2k5fNz2b77UxENQXGDHTHH_ZifVy4gZpFJLG6BKtmsItURU&eitems=ChEI8K6qkgYQooSrlonZqpWzARIdAIzd8OmoQQmXyfSnWx0-SEo5HSwZ6NNbF8vacIU&random=2517790807&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 163

https://gum.criteo.com/sid/json?origin=onetag&domain=itcosmetics.com&sn=ChromeSyncframe&so=0&topUrl=www.itcosmetics.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=nBcQLHx4TXFZZXFDTnllRXZXa2VJTEJ3R3lpckpSamV3K1lhUjZlTGpqRlE4RzJSYklwOEE2ZDRKdCtYNklseWRGbFVHZ1o3TFpJUnRCN2FXem81eFhnRUFmand5aXNhdjhGcjJxMTdHMThFeFhXdVVLTkhVV2ZpRmhDZjdDdUQvdWVhdm5NVlZmU2NndXdINGwzTHU0SmFRUWlPOE8ybjZuMDBMY25mZXVTOEJxN2I4Zk9uVmRmODdGeS9tcStGUW1jdzNwSEZ5Kzd3VVY4M3kwT0hhWjN4MXJMbXUxM1dDTWhFeXpjYlBTTEVaMmVCTjd6bkNqdCtTN2lRaDZ3MTNsZUdtQm4xQytKUzQ0OEs3K3NYR1dNRkVzQT09fA&cppv=2

Request Chain 166

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=49D3E0CF7F694DB5A8F0455B8FD087F9&RedC=c.clarity.ms&MXFR=3704D7777ADB61C510FFC60A7EDB6F03 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=49D3E0CF7F694DB5A8F0455B8FD087F9&MUID=1B6EB073461A6F8C2FC3A10E47C86EC6

Request Chain 168

https://sslwidget.criteo.com/event?a=53594&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=bsKs9F9PdEp1Q3JsT0IyTXdzdklwZTlxYWtTdFNBYUYxRlg5bjh5cjd1ZmhIblFkd0dVJTJGSGRBVEpjZU05QkQ0Tmc2cUVQRnF5R3JEdmZTYnl2VGZEeHBaVkRmV1FTejJ1WlpKNFhwUzBkeG1MZllPZEs5NEQwc3lzbkpId0JIMFFSWW1iTXRRRGtzMzQ5JTJGeHIzdyUyQjJTRHFvM2clM0QlM0Q&tld=itcosmetics.com&dtycbr=47127 HTTP 302
https://widget.us.criteo.com/event?a=53594&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=bsKs9F9PdEp1Q3JsT0IyTXdzdklwZTlxYWtTdFNBYUYxRlg5bjh5cjd1ZmhIblFkd0dVJTJGSGRBVEpjZU05QkQ0Tmc2cUVQRnF5R3JEdmZTYnl2VGZEeHBaVkRmV1FTejJ1WlpKNFhwUzBkeG1MZllPZEs5NEQwc3lzbkpId0JIMFFSWW1iTXRRRGtzMzQ5JTJGeHIzdyUyQjJTRHFvM2clM0QlM0Q&tld=itcosmetics.com&dtycbr=47127

Request Chain 177

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=tZrHHsUb-x8k2lhJM9iYoW9xHNs6PiGh

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1TUHVZZkNvMW1uZ2o0Uk1ONnhtSlRqb29oM0tra2dzTlJad19pdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 183

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OWmpQCo1mngj4RMN6xmJTjooh3J8AN3XqQsbZQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OWmpQCo1mngj4RMN6xmJTjooh3J8AN3XqQsbZQ&verify=true

Request Chain 187

https://secure.adnxs.com/setuid?entity=52&code=k-buDiuSo1mngj4RMN6xmJTjooh3IoywUOrytZUg&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-buDiuSo1mngj4RMN6xmJTjooh3IoywUOrytZUg%26seg%3D95287

Request Chain 189

https://eb2.3lift.com/xuid?mid=2711&xuid=k-KoShayo1mngj4RMN6xmJTjooh3JgmEV5OenPQA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-KoShayo1mngj4RMN6xmJTjooh3JgmEV5OenPQA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 191

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7C9Y5io1mngj4RMN6xmJTjooh3Lmil3eQRP5bQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7C9Y5io1mngj4RMN6xmJTjooh3Lmil3eQRP5bQ&C=1

Request Chain 193

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pMCzWyo1mngj4RMN6xmJTjooh3KzXTj_borrhQ&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pMCzWyo1mngj4RMN6xmJTjooh3KzXTj_borrhQ&expires=30&user_group=5

Request Chain 199

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jfN7Eyo1mngj4RMN6xmJTjooh3KvCUE9z6AcRw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jfN7Eyo1mngj4RMN6xmJTjooh3KvCUE9z6AcRw

Request Chain 200

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA&_li_chk=true&previous_uuid=06cda599562945389bac7ac67a01053c HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA

Request Chain 203

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-WG1jLyo1mngj4RMN6xmJTjooh3J1zIiJ7LeyQA&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 206

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/cvPUR413dBQWxouxjHxeSZ8n-lpZJO4j/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4266910273157909321

Request Chain 207

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8076963689378304479

208 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.itcosmetics.com/
Redirect Chain

https://links.shoprunner.com/u/click?_t=fe8bab90f295425a8310ce262461b20e&_m=b4bd8129a2d84fedafeba29da2cb4922&_e=LRlNoVpDxIcet-2WcBbTAtO8mWDctNPhijOEzEkvL9hKZ69N11j-U_fd6VlGrjgQHA5oN-RrfabkZgDC_IAL7...
https://pixel.shoprunner.com/ad/?mid=&em=jennifer.estes%40ericsson.com&p=Iterable&sl=true&sl=true&m=EMAIL&u=https://www.itcosmetics.com/&rid=ITCOSMETICS
https://www.itcosmetics.com/

597 KB
71 KB

606ms
566ms

Document
text/html

104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80d1c133638386dac87137e7f51a8379c40e35ec9c391cb47df1868d82ae91f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f6e0ee9c9cc918f-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Tue, 05 Apr 2022 00:10:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: accept-encoding
x-content-type-options: nosniff
x-dw-request-base-id: HvpAluTySmIBAAB_
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 05 Apr 2022 00:10:00 GMT
Location: https://www.itcosmetics.com/
browser_hash: 4b185691b6c14bc5bedb0ad84ee6a9aa

GET
H2 200 abe3d3a9-c990-459f-9407-54ac96cd2f00.woff2
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/fonts/ 22 KB
22 KB 21ms
20ms Font
font/woff2 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/fonts/abe3d3a9-c990-459f-9407-54ac96cd2f00.woff2
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0db3afa73d9589b36ee4238e285ef43dea306eeb2636bcaac21c0d865705180

Request headers

Referer: https://www.itcosmetics.com/
Origin: https://www.itcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:10 GMT
server: cloudflare
age: 38234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 6f6e0eed8ed5918f-FRA
x-dw-request-base-id: HvqtqcfxSmIBAAB_
content-length: 22364
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 b2eb2ad6-3170-4f0b-a83a-e30e6d288041.woff2
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/fonts/ 21 KB
21 KB 20ms
18ms Font
font/woff2 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/fonts/b2eb2ad6-3170-4f0b-a83a-e30e6d288041.woff2
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e1ff92bdeb6550c662a97be78315216c99f3aab07d89a068d678f38761ccfa

Request headers

Referer: https://www.itcosmetics.com/
Origin: https://www.itcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:10 GMT
server: cloudflare
age: 38234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 6f6e0eed8ed6918f-FRA
x-dw-request-base-id: eqfBmMfxSmIBAAB_
content-length: 21576
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 ca8dded6-b7b2-4d3c-b45e-a32de5023d4d.woff2
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/fonts/ 21 KB
21 KB 21ms
20ms Font
font/woff2 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/fonts/ca8dded6-b7b2-4d3c-b45e-a32de5023d4d.woff2
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 251418d4290ae75b77edbbca52c861ca8c7dea4e531db638d187665af234cd81

Request headers

Referer: https://www.itcosmetics.com/
Origin: https://www.itcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:10 GMT
server: cloudflare
age: 38234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 6f6e0eed8ed7918f-FRA
x-dw-request-base-id: HvqxqcfxSmIBAAB_
content-length: 21784
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 commons.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/ 492 KB
72 KB 27ms
26ms Stylesheet
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/commons.css
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384d76d1970a08cd21b520c4c25fd72527af3719956e3a404008a9a1897e577d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:14 GMT
server: cloudflare
age: 38234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0eed8ed8918f-FRA
x-dw-request-base-id: eqfGmMfxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 404 home.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/ 0
0 131ms
130ms Stylesheet
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/home.css
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
cache-control: no-cache, no-store, must-revalidate
x-error: 1
cf-ray: 6f6e0eed8ed9918f-FRA
x-dw-request-base-id: eqd3LtmIS2IBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 103 KB
40 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PQ2M7FW

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91c36bf98d339d57cf5023bee61f0603a27e31a5ca66360838fc5921987649a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40186
x-xss-protection: 0
expires: Tue, 05 Apr 2022 00:10:01 GMT

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/loreal/itcosmetics/scripts/ 170 KB
46 KB 117ms
94ms Script
application/javascript 151.101.128.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/loreal/itcosmetics/scripts/evergage.min.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d9311a43ba92d1df8766db6cc31380e8d179236ed147cdcdd7da60d68d8f519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: dgtjUmfeObohpyz91qFPym5.KsfEb9fe
content-encoding: gzip
etag: "a7eb728994e4709f4bec6f1e32c48cfa"
fastly-original-body-size: 0
age: 47
x-cache: HIT, MISS
x-amz-replication-status: PENDING
x-amz-request-id: Y9NT2S289AH6VN5K
x-amz-id-2: I4udMp8r2nqyaZVWOQSN2GeCpGnheHoV8Ob4OtHeK3GN6eOywLZd93XQ1f79FPOX0ceFqcBFAs8=
x-served-by: cache-iad-kjyo7100024-IAD, cache-hhn4080-HHN
x-amz-meta-evergage-sum: 36fe415c157ef0d7c1e6c966832d663b7f8b8bdc
accept-ranges: bytes
last-modified: Thu, 31 Mar 2022 20:33:55 GMT
server: AmazonS3
x-timer: S1649117401.226601,VS0,VE88
date: Tue, 05 Apr 2022 00:10:01 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=120
content-length: 46333
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 1, 0

GET
H2 200 pagedesigner.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/ 61 KB
10 KB 19ms
18ms Stylesheet
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/pagedesigner.css
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8962b602b72508aae115275ae66bb27386de82938797390ffc4c3d871bcd5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:14 GMT
server: cloudflare
age: 36410
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0eed8edb918f-FRA
x-dw-request-base-id: eqcCn87xSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 category.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/ 0
11 KB 19ms
18ms Other
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/category.css
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:14 GMT
server: cloudflare
age: 36533
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0eee882b918f-FRA
x-dw-request-base-id: HvqvqcfxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 product.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/ 0
30 KB 19ms
18ms Other
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/product.css
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:14 GMT
server: cloudflare
age: 36668
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0eee882c918f-FRA
x-dw-request-base-id: eqcHmcfxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 01-hero-d-040422.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw32373db7/_NGL/2022/Homepage/04-April/ 30 KB
30 KB 19ms
19ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw32373db7/_NGL/2022/Homepage/04-April/01-hero-d-040422.jpg?sw=1698&sh=707&sm=cut&q=10
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853fd46f752a4088b36ba57d311b5d342eb3dd58c9f5b2e9c85b5ccf5cd5b4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 246
cf-polished: origSize=33017, status=webp_bigger
x-cache: Hit from cloudfront
cf-bgj: imgq:85,h2pri
content-length: 30472
x-amz-expiration: expiry-date="Fri, 05 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Mon, 04 Apr 2022 04:03:18 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=707&sm=cut&q=10
etag: "6457a6b0595d2da80e166efa9495ae42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0eee680f918f-FRA
x-amz-cf-id: 3-KjzaSwCgo_os2JT9fn9WOMccUNir9SZ2y58zti9fQYynapzvB2LA==
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 02-loyalty-d-040422.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwbd3d4d44/_NGL/2022/Homepage/04-April/ 11 KB
12 KB 19ms
17ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwbd3d4d44/_NGL/2022/Homepage/04-April/02-loyalty-d-040422.jpg?sw=1698&sh=350&sm=cut&q=10
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d14d7e712e92e614471a8f018a30018e58b6d74312aa63793718379fda8a75ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 246
cf-polished: origSize=13041, status=webp_bigger
x-cache: Hit from cloudfront
cf-bgj: imgq:85,h2pri
content-length: 11745
x-amz-expiration: expiry-date="Fri, 05 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Mon, 04 Apr 2022 04:03:18 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=350&sm=cut&q=10
etag: "def69f8829734892ce6d1d55d31cf635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0eee7824918f-FRA
x-amz-cf-id: WkTUuI4tM1vxIhU0NJtZqDB_pDsVPyYY6m0tt8YG_PGoLR7fqOpuDA==
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 03-gwp-d-040422.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw6b7324b3/_NGL/2022/Homepage/04-April/ 15 KB
15 KB 19ms
18ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw6b7324b3/_NGL/2022/Homepage/04-April/03-gwp-d-040422.jpg?sw=1698&sh=668&sm=cut&q=10
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 724b3c596edc76bd98356280a5fc2d5c24f2acc021460a6996364fc7825b8b43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 246
cf-polished: origSize=18136, status=webp_bigger
x-cache: Hit from cloudfront
cf-bgj: imgq:85,h2pri
content-length: 15185
x-amz-expiration: expiry-date="Fri, 05 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Mon, 04 Apr 2022 04:03:18 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=668&sm=cut&q=10
etag: "77a28e91958b0ae3aeae3d647582565c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0eee8825918f-FRA
x-amz-cf-id: qQvFfG5dQfL-7vBX3HIIQ_5_H7MgpGqR7kmXhZbVjYO5ihE1-FUbQQ==
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 07-live-selling-logo-d.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw19a5688c/_NGL/2022/Homepage/04-April/ 9 KB
9 KB 18ms
17ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw19a5688c/_NGL/2022/Homepage/04-April/07-live-selling-logo-d.jpg?sw=1698&sh=343&sm=cut&q=10
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25aace6be3ef9155a63f5a9af4d6aa86ade16708b9ee4539af5e390e59c120b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 246
cf-polished: origSize=10260, status=webp_bigger
x-cache: Hit from cloudfront
cf-bgj: imgq:85,h2pri
content-length: 8883
x-amz-expiration: expiry-date="Tue, 02 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Fri, 01 Apr 2022 04:01:17 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=343&sm=cut&q=10
etag: "8dbc1fb9abafc78c2a60e81e34578822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0eee8827918f-FRA
x-amz-cf-id: BTFUf42rTKQh7sEk9HD8sVXoNhaEZ9yFQBralwzCzOVOPOmO308naA==
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 08-live-selling-social-icons-d.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwe7cb7b3f/_NGL/2022/Homepage/04-April/ 1 KB
2 KB 22ms
22ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwe7cb7b3f/_NGL/2022/Homepage/04-April/08-live-selling-social-icons-d.jpg?sw=1698&sh=71&sm=cut&q=10
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b0ecdbd18e19fc74111f6d572eb7a9404d81bbdeb54fa987e0736d4deefd49e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 246
cf-polished: origSize=1633, status=webp_bigger
x-cache: Hit from cloudfront
cf-bgj: imgq:85,h2pri
content-length: 1306
x-amz-expiration: expiry-date="Tue, 02 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Fri, 01 Apr 2022 04:01:17 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=71&sm=cut&q=10
etag: "3fb8c86dd3641ee238742b436ad70f1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0eee8829918f-FRA
x-amz-cf-id: Mt3XUSK5luG4cC_m1FK4c4lUEOnjRb7s4hXS3VKumMJXu_ixrnA19A==
expires: Thu, 05 May 2022 00:10:01 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcea81d3e67e2fdc5254f53683cfddbf565986e1532e98660794f6858f7d3bb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 322 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 625b09fb66338f120e423ce8c17ef8572e1c8655567b0c200295d714bfb9a275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 862 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629baa0fc58ae514f04a691ac1659cebc319097d6f150578ad86f632450f1f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 521 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 946eb51a4db615c248ff091064b7bd86cae9d3de2d63a215f6e497eee4c46409

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c420b139a1281cdb3054c54273f4c50997f2b6339af9abc1f0f797e6eda8be7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 system.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/ 61 KB
19 KB 19ms
19ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2364a95d77ab31c40fe7a2757c41b16f6c9d3337f1132aabe89b41f045d4d453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38234
cf-polished: origSize=62042
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:28:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eeed8ca918f-FRA
x-dw-request-base-id: HvrSqcfxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 system.config.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/ 6 KB
1 KB 22ms
21ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/system.config.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0875f10a74ba180b53c913193ed6c693615165d075cff1d0ac34f6fd8d996afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:28:14 GMT
server: cloudflare
age: 38234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
expires: Thu, 05 May 2022 00:10:01 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0eeed8dc918f-FRA
x-dw-request-base-id: HvrnqcfxSmIBAAB_
cf-bgj: minify

GET
H2 200 main.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/ 106 KB
30 KB 21ms
20ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e5860b510e19d68bfc3a00c0f27e1a5f7a0d010945a446ec49e4f5d122b27f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
age: 38234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
expires: Thu, 05 May 2022 00:10:01 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0eeed8df918f-FRA
x-dw-request-base-id: eqcEmcfxSmIBAAB_
cf-bgj: minify

GET
H2 200 dwanalytics-22.2.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/internal/jscript/ 6 KB
3 KB 19ms
18ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/internal/jscript/dwanalytics-22.2.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4511892ecdaa2a08bfc5933e7d31f3bdeee5f706c462cb717c802718908a670c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38234
cf-polished: origSize=6582
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Mon, 04 Apr 2022 13:25:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eeed8e0918f-FRA
x-dw-request-base-id: HvrvqcfxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 dwac-21.7.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/internal/jscript/ 5 KB
2 KB 23ms
22ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/internal/jscript/dwac-21.7.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38234
cf-polished: origSize=5013
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Mon, 04 Apr 2022 13:25:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eeed8e3918f-FRA
x-dw-request-base-id: HvrtqcfxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 36 KB
12 KB 35ms
7ms Script
application/javascript 65.9.67.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-67-160.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:09:36 GMT
content-encoding: gzip
etag: W/"4fdd1834cd022d3113e766921bac1ba4"
last-modified: Wed, 27 Oct 2021 16:27:15 GMT
server: AmazonS3
age: 26
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JjZcSSf-2qt98jQkJXmyU_fPTzW-co2-ttSu99iZBm8yxTP2vvjx2Q==

GET
H2 200 applepay.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/internal/jscript/ 9 KB
3 KB 16ms
16ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/internal/jscript/applepay.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad8df0436390cc4a60f3d7cffb9022a4f7689478cac55850b003cb54090ed6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38234
cf-polished: origSize=14299
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Mon, 04 Apr 2022 13:25:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eeed8e4918f-FRA
x-dw-request-base-id: HvruqcfxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
DATA 200
OK truncated
/ 722 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c60ac099f500861265db26bff225f0ec3a922632477e757f874d0f473dc5c59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 560bdae66c629f209e1755492369ac978b64353017c09b7599d8ed3e05ac1be5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 642f20c90a991bb4c30728a63ddffc58369677075e2b9a29e34610730241af19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdd52fb1ded9675b946c8df5d399302e9d1412874e7460c937b76af094a5bb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 135 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2c02feef733ff76d50b3d4e6944bc5abaf7505dddcfa6aa587415a84987a435

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1004 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd9968b9b02a071109956be7f86ebcc3b4a4bed51a29607d994669194475e2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5353e423e58b50962094e71cfb5803495fa553fb96698ba59da3e5a204ae3688

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 805 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aade51ce3310e6aa1794edbf6a2959858bb2d50aaa9b3c2f1f157a18ecfe71ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 718 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14f28f098b13d5c561ff37cd01a2231a36a3bfd5660920bfd09af979b7642e37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab7c20c44d76075631ecfbabe7e87d69f6c4fa8d6979f119873199eb9ead8b2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 657 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2134a524ecf79823a078a106a9a6ff708b36de3992d506f75e2a2bdc7696e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 413 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 603d86c3026caf81ac8e159b855009beac8b36fbb27c9b6f0583ae26ae6ca406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 storeon@0.9.8.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/npm/ 50 B
179 B 18ms
18ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/npm/storeon@0.9.8.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dacc32c27b2d2a3aab7da2a72c8ea6133d5afa1d4dbcafec50406151fb09d0

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38234
cf-polished: origSize=52
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:26:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eef596f918f-FRA
x-dw-request-base-id: Hvo1qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET worker.js
www.itcosmetics.com/ Frame 0
0

GET
H2 200 index.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/npm/storeon@0.9.8/ 760 B
440 B 18ms
18ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/npm/storeon@0.9.8/index.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c94d790fe90cfdf7477fb45dcc6bd5de696e05f6082350be1ffc5e7a585ed4

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=2735
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:26:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eef798f918f-FRA
x-dw-request-base-id: HvpSqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 01-hero-d-040422.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw32373db7/_NGL/2022/Homepage/04-April/ 95 KB
96 KB 22ms
21ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw32373db7/_NGL/2022/Homepage/04-April/01-hero-d-040422.jpg?sw=1698&sh=707&sm=cut&q=70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee1af6e43cbc6c4d7b9af6ab9845d4566ed874b1c8334e22ff67fce09c17c363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 245
cf-polished: qual=85, origFmt=jpeg, origSize=107664
x-cache: Hit from cloudfront
content-disposition: inline; filename="01-hero-d-040422.webp"
content-length: 97712
x-amz-expiration: expiry-date="Fri, 05 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Mon, 04 Apr 2022 04:03:20 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=707&sm=cut&q=70
etag: "3fd0c0940976a52e05c561ab177d2833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 05 May 2022 00:10:01 GMT
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0eefc9e2918f-FRA
x-amz-cf-id: JeRePUpt5C2wa3Jpmld-FZSxTmrnZ0L9_JmOd4VQ7udh7vex9Nwxqw==
cf-bgj: imgq:85,h2pri

GET
H2 200 02-loyalty-d-040422.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwbd3d4d44/_NGL/2022/Homepage/04-April/ 36 KB
37 KB 19ms
19ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwbd3d4d44/_NGL/2022/Homepage/04-April/02-loyalty-d-040422.jpg?sw=1698&sh=350&sm=cut&q=70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b31b9b4ba8e9b537b17a5fcb748eb3f4bf2959aabeccc28d7ced275eb39a33a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 245
cf-polished: qual=85, origFmt=jpeg, origSize=41074
x-cache: Hit from cloudfront
content-disposition: inline; filename="02-loyalty-d-040422.webp"
content-length: 37156
x-amz-expiration: expiry-date="Fri, 05 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Mon, 04 Apr 2022 04:03:20 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=350&sm=cut&q=70
etag: "3f4f1dedd8b811771de2230f03937dff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 05 May 2022 00:10:01 GMT
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0eefc9e3918f-FRA
x-amz-cf-id: FNX_JpeM7MNdjHyvi-Bkui-6FDOQdr9plI_OQN0WW0N8aU0qMplwVg==
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 320 KB
95 KB 57ms
31ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54f9320ae52581c40073cbe287644facd336195fc80494eef6faeddd1a82358c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96992
x-xss-protection: 0
expires: Tue, 05 Apr 2022 00:10:01 GMT

GET
H2 200 PerimeterXLoader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/integration/ 3 KB
1 KB 20ms
16ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/integration/PerimeterXLoader.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6bb2036a25ad97d8966fdafe1c64a856f1bad51308db2c28649b965b36fdc57

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=3117
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:26:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefd9f5918f-FRA
x-dw-request-base-id: Hvp4qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 ActiveData.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/analytics/ 5 KB
2 KB 48ms
43ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/analytics/ActiveData.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59cbd3091ab320d2910a214612699b1dbcbcad38f401e226059615f47c792914

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5084
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefd9f7918f-FRA
x-dw-request-base-id: Hvp5qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 SfmcDataLayer.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/analytics/ 6 KB
2 KB 20ms
16ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/analytics/SfmcDataLayer.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a3d184f388b5e038a9db8d6914baa99f8e470f48642de8cd717d5f1c2f1f3b9

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5919
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:26:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefd9f9918f-FRA
x-dw-request-base-id: Hvp3qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Overlay.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 4 KB
2 KB 23ms
17ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/Overlay.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95ecad92f931a0bd0d6e0bc8a20bea34f0a720240b4de09dcd8c05d985cc3c1e

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=4376
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda01918f-FRA
x-dw-request-base-id: eqeKmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Snackbar.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 5 KB
2 KB 23ms
18ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/Snackbar.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23fdf36b4c6bde7e289968a1fb016dc992e3f8081e7f8413cdacaa63545cf329

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5265
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda02918f-FRA
x-dw-request-base-id: eqeImcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 SkipLink.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 3 KB
1 KB 23ms
18ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/SkipLink.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7a85e0022e00c6b10053d22ac2c9f08fc6c8791c95db90a04be0480a443c2f7

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=3583
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda03918f-FRA
x-dw-request-base-id: eqeTmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Header.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 11 KB
3 KB 24ms
19ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/Header.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d9441544442b30f30b3f557b3700eeb64fa1e901c18ee4db73652e96d05dae

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=11354
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda04918f-FRA
x-dw-request-base-id: Hvp9qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 ComponentPlaceholder.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 3 KB
1 KB 28ms
23ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ComponentPlaceholder.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df3958623f4c91afcfb62487eb3526b84dc975fc240799d2aca4319ba3884b9

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=2924
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda07918f-FRA
x-dw-request-base-id: eqeUmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 ContentPanel.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 5 KB
2 KB 26ms
22ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ContentPanel.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83619d92ef63b4c0d204446b68e9818571ef144223b8f4f12da2aec096f52b29

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5366
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda09918f-FRA
x-dw-request-base-id: Hvp_qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 EventTrigger.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 5 KB
2 KB 36ms
32ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/EventTrigger.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3586aa005f54087f3afbca669de5f31cbc25cda604edac5f8352ba9b4a992f23

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5115
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda0a918f-FRA
x-dw-request-base-id: HvqZqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 PopOver.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 8 KB
2 KB 24ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/PopOver.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c4a8282f6863687db2a01887d4260ebe75c8783e8567519e32f5ffab9d9123

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 36532
cf-polished: origSize=7997
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda0c918f-FRA
x-dw-request-base-id: eqe6m8rxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 CustomerInfo.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/header/ 3 KB
1 KB 30ms
26ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/header/CustomerInfo.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4eba6a90c31fa301fe16b9a439c0e1ac8766933184c4c6e64b3478bcdb28665

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 36532
cf-polished: origSize=3070
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefda0d918f-FRA
x-dw-request-base-id: HvqQrMrxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 MiniCart.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/cart/ 6 KB
2 KB 24ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/cart/MiniCart.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d3307674934db2f5e3e9d404d8b32e50ac5c99b19a6c35c9dbe5d90e1fcd52a

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5879
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea11918f-FRA
x-dw-request-base-id: eqelmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 SimpleSearch.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 11 KB
3 KB 30ms
26ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/SimpleSearch.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6853b37e867ad14af63fc94bca0f6f4d3fc345a2548bc818e69514e42a2df5d

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=11815
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea12918f-FRA
x-dw-request-base-id: eqeimcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Navigation.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 7 KB
2 KB 22ms
19ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/Navigation.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bba99db794ae2e4b6991bc14e7817911442ca2b704094b9628f42b04fe3821d

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 36532
cf-polished: origSize=7110
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea13918f-FRA
x-dw-request-base-id: eqfEm8rxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 PromotionTile.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 3 KB
1 KB 25ms
22ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/PromotionTile.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d92c9165bae86e37ae809ddd76585ae6141e996b058961d633a73a32f45003

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 36406
cf-polished: origSize=3495
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea14918f-FRA
x-dw-request-base-id: eqeqmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 StickyBar.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 5 KB
2 KB 28ms
24ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/StickyBar.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec7090bba22eaf005e25da30d9218daeda66f43c6d2ae7cc153b0414e088e71

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5156
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea15918f-FRA
x-dw-request-base-id: HvqdqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 BackTop.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 3 KB
1 KB 23ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/BackTop.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f756fd1a46b2ce5a2894377bc59b21831059950f3e15ad4a973e0ddf62b086b3

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=3543
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea17918f-FRA
x-dw-request-base-id: HvqeqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 OrientationMessage.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 3 KB
1 KB 26ms
23ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/OrientationMessage.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0ca03f2bfcf39573dc36952509b449ecaedf8a0289db456ac706bbb2bd42526

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=2828
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea18918f-FRA
x-dw-request-base-id: HvqfqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 OrderGrooveLoader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/product/ 6 KB
2 KB 23ms
21ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/product/OrderGrooveLoader.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36ddfc7c163109e5e5c84661f91197aa05cca07b518f7db85ee4a5001f2c934e

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5739
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:26:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea19918f-FRA
x-dw-request-base-id: eqesmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 BazaarVoiceHosted.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 5 KB
2 KB 30ms
28ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/BazaarVoiceHosted.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d7de3638dbd90289ecb117b6a55bd6cf357ccb31d65ee1ab368b606ed579427

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5064
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea1b918f-FRA
x-dw-request-base-id: HvqcqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Forter.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/integration/ 6 KB
3 KB 27ms
25ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/integration/Forter.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c10304d48a443b0b7641470ce372acdac098e31da070f916203aa34fe53e83a5

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=6571
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:26:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea1c918f-FRA
x-dw-request-base-id: HvqkqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 LiveEngage.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/integration/ 3 KB
1 KB 26ms
24ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/integration/LiveEngage.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1869ba3287e71476150b6459c763ce1c0fd5133d280675a4f9bbe4e3b3a6e9

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=2771
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:26:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea1d918f-FRA
x-dw-request-base-id: eqevmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Swatches.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/product/ 12 KB
3 KB 22ms
22ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/product/Swatches.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6877a849088f58489ff0aff569e070401e3caad3e531c7172a042e39be0bf29

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 36666
cf-polished: origSize=11948
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eefea1e918f-FRA
x-dw-request-base-id: HvqYqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 ThirdPartyLoader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 4 KB
2 KB 21ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ThirdPartyLoader.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95cebd767475084ae5280370bb860cf090bb45338eaccaa016c4fb2caef8887b

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=4276
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0eeffa34918f-FRA
x-dw-request-base-id: eqfEmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 collect.js Show response
7290682.collect.igodigital.com/ 8 KB
2 KB 317ms
102ms Script
application/javascript 34.234.56.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://7290682.collect.igodigital.com/collect.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.56.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-56-81.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 21:04:07 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 animate.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/ 1 KB
623 B 19ms
17ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/animate.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9a247531345eb9a909dcaa297dfabce1c186aeced4aaf5d1f1e2ec3b024b45

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=1121
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef00a4f918f-FRA
x-dw-request-base-id: HvqxqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 mixwith.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/core/ 2 KB
920 B 19ms
18ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/core/mixwith.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa2b8ff00527037e9cfee77b53ded3bed1b94309d8730faf1af88ce705158a1

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=1939
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef00a50918f-FRA
x-dw-request-base-id: eqfTmcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Accessibility.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/mixins/ 11 KB
3 KB 18ms
16ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/mixins/Accessibility.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcddf190dd329bad7a6e15d3d37e4f330b43afd98252ab521d38c0f78cfe5ae0

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=11064
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef00a51918f-FRA
x-dw-request-base-id: Hvq3qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 ToolTip.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 14 KB
4 KB 17ms
17ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ToolTip.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db55f9394f5a4e121f9b7274a79284d766c6cd7616271a3a7b8e7eec9c29ebe8

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 36662
cf-polished: origSize=14297
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef01a57918f-FRA
x-dw-request-base-id: eqfom8rxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 SlidingPanel.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 7 KB
3 KB 16ms
16ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/SlidingPanel.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee8ae2a7eab617e111e52950595c11bcfad86a47872bd404b56eae6db4065104

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=7689
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef01a58918f-FRA
x-dw-request-base-id: HvraqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 cookie.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/ 617 B
526 B 40ms
40ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/cookie.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421a9c1c8873c5818cd4544ba5aa86405025c78dca4c098de0f3ec353fc1797d

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=653
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef01a5b918f-FRA
x-dw-request-base-id: Hvq6qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Analytics.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/mixins/ 11 KB
4 KB 37ms
37ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/mixins/Analytics.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebbee47148f4942aa1078266ae37a3aae111cfd48f84fdbe1d3f6d5069a2669a

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=11369
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef01a62918f-FRA
x-dw-request-base-id: HvrcqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 Page-Resources Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 691 B
434 B 124ms
123ms Fetch
application/json 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/Page-Resources?ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a0791ba7e34ad50b490ffed3ab02f570f31921e682e8f2366b8b109a38191d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 6f6e0ef01a64918f-FRA
x-dw-request-base-id: Hvq6KmXySmIBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 Loader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/mixins/ 5 KB
2 KB 28ms
25ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/mixins/Loader.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f055ae1ec6b439e3d9b0c8c6c6e15879cd2a3df0f0fd7345ec52f0043716e9

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=5054
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef03a7b918f-FRA
x-dw-request-base-id: HvrgqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 location.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/ 2 KB
1 KB 17ms
17ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/location.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 584cf95ccb185ab6af0c33dc9e48fc76162c9083f2281fd88fcd8fac23e20c38

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=1754
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef03a7e918f-FRA
x-dw-request-base-id: eqfumcjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2

200

IZ-Client Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/
Redirect Chain

https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client

150 KB
50 KB

455ms
454ms

Script
application/javascript

104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client

Protocol

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67b76d35723470b8f405bf2d38196c769c6a0b8bfc667377897e4153204520d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6f6e0ef16c2a918f-FRA
x-dw-request-base-id: eqdQL9qIS2IBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date: Tue, 05 Apr 2022 00:10:01 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html;charset=UTF-8
location: /on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 6f6e0ef03a88918f-FRA
x-dw-request-base-id: eqdzB4fzSmIBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 le-mtagconfig.min.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/js/vendors/ 2 KB
883 B 31ms
31ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/js/vendors/le-mtagconfig.min.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7f52eafdb5cb908afba33c7575c82636a048027e08d5ddb571c876847117a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:26:29 GMT
server: cloudflare
age: 1644
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0ef03a89918f-FRA
x-dw-request-base-id: HvqSqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 html.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/ 2 KB
1 KB 21ms
21ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/html.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34c526093687739082ac852391cd2328af8eececefb2caf0c5c262e57157da2

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=2055
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef03a90918f-FRA
x-dw-request-base-id: Hvr0qsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 device.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/ 245 B
265 B 25ms
25ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/toolbox/device.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44d5085a4f56f01ef006708c2aae5c9b240ba6901f9067e81123af519fbb5b8

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 36666
cf-polished: origSize=281
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef04a96918f-FRA
x-dw-request-base-id: eqf3m8rxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H2 200 script.js Show response
edd8a9329ddd.cdn4.forter.com/sn/edd8a9329ddd/ 162 KB
61 KB 36ms
7ms Script
application/javascript 65.9.66.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edd8a9329ddd.cdn4.forter.com/sn/edd8a9329ddd/script.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/integration/Forter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-38.fra56.r.cloudfront.net

Software

Resource Hash

1fbf664048773d5aded07048cfed357a36d7a85062d9d9dd876796260c84d49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 10:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 4973641
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 06 Feb 2022 10:36:00 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/edd8a9329ddd/18035020698
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript; charset=utf-8
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cache-control: private, max-age=300
x-amz-cf-pop: FRA56-C1
timing-allow-origin: *
x-amz-cf-id: uKQMYE5WkigS-vfsb32W6yYoCw4P4VybNdRU87XTFMRIQO14xtoS9Q==
expires: Sun, 06 Feb 2022 10:41:00 GMT

GET
H2 200 ModifaceVTO.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/stores/ 2 KB
714 B 24ms
23ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/stores/ModifaceVTO.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01302898265a3f25095fb18861716135ba275f6e74d5d097895dc8d042c10373

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=2034
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef05abb918f-FRA
x-dw-request-base-id: HvoZq8jxSmIBAAB_
expires: Thu, 05 May 2022 00:10:01 GMT

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/ 411 KB
67 KB 71ms
15ms Script
text/javascript 23.75.227.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/main.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.75.227.253 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-227-253.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b242bbc29252245094ea92ba6a38a8a6e7104ea44ddcd3bc4c11e42a156770ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 23 Nov 2021 22:29:55 GMT
Server: Apache
ETag: "20018a-66bc4-5d17c47dbd5fa"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Date: Tue, 05 Apr 2022 00:10:01 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68236
Expires: Tue, 05 Apr 2022 00:25:01 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 52ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dVKVlVU+J+RB4CMcqf9NTw==
age: 2174
vary: Accept-Encoding
content-length: 6678
x-ms-lease-status: unlocked
last-modified: Thu, 31 Mar 2022 19:30:48 GMT
server: cloudflare
etag: 0x8DA134CF5B38867
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a8caa002-201e-016c-2d36-453560000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f6e0ef0d9eccc56-ZRH

GET
H2 200 62d9970637a811ea848a1299dd64c8fb.js Show response
d22xmn10vbouk4.cloudfront.net/ 95 KB
23 KB 38ms
12ms Script
text/javascript 65.9.58.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22xmn10vbouk4.cloudfront.net/62d9970637a811ea848a1299dd64c8fb.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-82.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1c3e7231e7580c5b172ec674379ff4c5a5596dff5b6d99dd40a3014e717eb59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 23:23:40 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 23:20:29 GMT
server: AmazonS3
age: 2782
etag: W/"ca2762277c97482dfe7f863cd9a37104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: public, max-age=601
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6jt3-ojuXsDf1f1mJzVGqhHc2Mlm74Pjqj8Igouut0ljybBLBhNSMw==

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 157ms
40ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=73595848

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/js/vendors/le-mtagconfig.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
BLOB 200
OK dcab0976-e274-4286-ac74-a3a30705fb65
https://www.itcosmetics.com/ 3 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.itcosmetics.com/dcab0976-e274-4286-ac74-a3a30705fb65
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e059cdfd60a772af4e607cc8d8a88321227f9eb8a6945d73a273a6bfbe29d77e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 2584
Content-Type: application/javascript

GET
H2 200 CDSLazyload-header_headerbanner Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 4 KB
1 KB 454ms
453ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-header_headerbanner?configid=&data=&id=headerbanner&section=header&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a2184e8ce661103c1ea81ae177f31a15cd1eae072220fca8dc97b1cceb655a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
vary: accept-encoding
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 6f6e0ef10bc1918f-FRA
x-dw-request-base-id: HvqpENqIS2IBAAB_
x-dw-trace-id: HvqpENqIS2IBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-header_minicarticon Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 487 B
373 B 415ms
415ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-header_minicarticon?configid=&data=&id=minicarticon&section=header&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d4130b592def85d7a3db4285b77356f68b6a583c7209102218272dbaa60c8ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 6f6e0ef10bc3918f-FRA
x-dw-request-base-id: HvqiENqIS2IBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK en-us.js Show response
static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/vendors~offers/locale/ 109 KB
7 KB 14ms
14ms Script
text/javascript 23.75.227.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/vendors~offers/locale/en-us.js

Requested by

Host: static.ordergroove.com
URL: https://static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.75.227.253 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-227-253.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e5c975c7a466a3ee429a15eeeb434835d744a1c04ff1807b561c825474340248

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 23 Nov 2021 22:29:55 GMT
Server: Apache
ETag: "220098-1b231-5d17c47dc08c2"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Date: Tue, 05 Apr 2022 00:10:01 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6446
Expires: Tue, 05 Apr 2022 00:25:01 GMT

GET
H2

200

28bf0b9c684a78733871e01a18fb50b9f8bbcd032d814e36bee0690eeec4cb17ac7f4bca6a1656e0ddf048dca279 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/28bf0b9c684a78733871e01a18fb50b9f8bbcd032d814e36bee0690eeec4cb17ac7f4bca6a1656e0ddf048dca279

0
322 B

102ms
102ms

XHR
text/plain

99.86.7.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/28bf0b9c684a78733871e01a18fb50b9f8bbcd032d814e36bee0690eeec4cb17ac7f4bca6a1656e0ddf048dca279

Protocol

Server

99.86.7.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-55.fra6.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: F8QlmJFwtphNQxsy-gX9TMAxQ-2VU9ooNGhua8Fbvj56lx6vxabgkg==

Redirect headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
location: https://cdn9.forter.com/vchk2/v1/28bf0b9c684a78733871e01a18fb50b9f8bbcd032d814e36bee0690eeec4cb17ac7f4bca6a1656e0ddf048dca279
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: ex-GsAQvXhl7AeaMwttDBIdssy7gHswdeICLTsyodlw7zSLcRQAOwg==

GET
BLOB 200
OK 49b2ee34-a49e-428d-9f62-b9a47cc5354e
https://www.itcosmetics.com/ 12 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.itcosmetics.com/49b2ee34-a49e-428d-9f62-b9a47cc5354e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa1e1359996788167a308a929f89dd71d0b721e0289fcaec203ce8fef5442e26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 11959
Content-Type: application/javascript

GET
H2 200 e3936571-a8bf-46e6-98c3-e922c8d3939d.json Show response
cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/ 4 KB
2 KB 51ms
23ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/e3936571-a8bf-46e6-98c3-e922c8d3939d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33bd76abc984c67d4af1dd349ec65e1add051fc9d09ec49f95d52c9ca0d0cd36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fIDtx25uKAT4wLfHqmETbQ==
age: 9067
vary: Accept-Encoding
content-length: 1465
x-ms-lease-status: unlocked
last-modified: Thu, 03 Mar 2022 19:58:58 GMT
server: cloudflare
etag: 0x8D9FD50410DBCE7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9ab0c633-a01e-0139-2b56-2fde17000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f6e0ef1ab6b0219-ZRH
expires: Tue, 05 Apr 2022 04:10:01 GMT

POST
H/1.1 200
OK prop.json
f0a7d0d85eb04ef688c8398c668aa093-edd8a9329ddd.cdn.forter.com/ 2 B
627 B 306ms
97ms Ping
application/json 54.158.164.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://f0a7d0d85eb04ef688c8398c668aa093-edd8a9329ddd.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.158.164.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-164-13.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 05 Apr 2022 00:10:02 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Fri, 04 Feb 2022 12:05:24 GMT
Server: Apache
ETag: "2-5d73010d59f37"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 90ms
42ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6f6e0ef25eb7233d-ZRH
access-control-allow-headers: Content-Type

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/ 275 KB
100 KB 25ms
24ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/js/vendors/le-mtagconfig.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

999b1d4b787c1c5de2f125bbb30150cfb2f43af0f5b54bb280e280130f39cd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 202 track_page_view
nova.collect.igodigital.com/c2/7290682/ 43 B
680 B 109ms
106ms Image
image/gif 34.234.56.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/7290682/track_page_view?payload=%7B%22title%22%3A%22It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!%22%2C%22url%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.56.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-56-81.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-runtime: 0.006238
date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 07331f52-ee5d-41b2-bff3-73a6f4bbd529

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 18ms
18ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 14515350
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:37 GMT
server: cloudflare
etag: 0x8D983BB67EEBDFE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5e61dc7b-401e-0111-7e6c-c4a9a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f6e0ef28a6fcc56-ZRH

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/9e2d6bf5-5cea-43a8-92fd-93c8276d304f/ 118 KB
23 KB 20ms
20ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/9e2d6bf5-5cea-43a8-92fd-93c8276d304f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc116f07dbddd9e2e6ad729f63035910362a473cde793142160650d55859bb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: tluz0+vCLTiOuGUNnzvAwg==
age: 9068
vary: Accept-Encoding
content-length: 23342
x-ms-lease-status: unlocked
last-modified: Thu, 03 Mar 2022 19:59:07 GMT
server: cloudflare
etag: 0x8D9FD50469520B3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f50e9d80-a01e-0110-0456-2fa855000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f6e0ef2dc210219-ZRH
expires: Tue, 05 Apr 2022 04:10:02 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/ 6 KB
2 KB 100ms
20ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/?cb=lpCb45961x71103

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

efa9739739f902a3f8aa0a5edff6d4a3096169a8b5b8eefb96971064d5eaeb34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Tue, 05 Apr 2022 00:10:57 GMT

GET
H/1.1 200
OK loadscript2.js Show response
static-assets.dev.fs.liveperson.com/ABC/ 908 B
1 KB 64ms
19ms Script
application/javascript 143.204.215.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.dev.fs.liveperson.com/ABC/loadscript2.js
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-79.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b20cb94d01d0f40a92dcef9f248535fa9a883868ca63a2c202bf0153e302f50a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: sHU92bLEhQGhIr83Sx3LoXyLnVMcXZZw
Via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Apr 2022 17:41:22 GMT
Server: AmazonS3
Age: 154
ETag: "0453bc344b0188432cfe659ffe6cea39"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Tue, 05 Apr 2022 00:10:02 GMT
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 908
X-Amz-Cf-Id: ncs7Ee1cNyQlOM7z55qTC6OK4uxvDLSqjiYqGRYUThRq5H9sT1toIg==

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/ 45 KB
6 KB 112ms
38ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

81905ab5d4b62b8b5ac0ff3a2affe61d3ad2cdec6b8c22a98979174e6281f728

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Tue, 05 Apr 2022 00:10:57 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 47ms
26ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14881
x-xss-protection: 0
server: cafe
etag: 17469320936275902838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Apr 2022 00:10:02 GMT

GET
H3

200

activityi;dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F Show response
8563001.fls.doubleclick.net/ Frame A6E5
Redirect Chain

https://8563001.fls.doubleclick.net/activityi;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?
https://8563001.fls.doubleclick.net/activityi;dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fww...

486 B
407 B

32ms
18ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8563001.fls.doubleclick.net/activityi;dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

7aca4c0994e6029eeba2b7f767cb6940de72b84ad28ddd980376d5b1d2820d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 00:10:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 00:10:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8563001.fls.doubleclick.net/activityi;dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 316
date: Tue, 05 Apr 2022 00:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 05 Apr 2022 02:04:46 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 436ms
386ms Script
application/javascript 2a02:26f0:3500:883::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 scevent.min.js Show response
sc-static.net/ 17 KB
7 KB 49ms
22ms Script
application/javascript 143.204.202.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-245.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6336
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-id: UbNJK_u-sCxqd9meVYMOyVd2QVOiBnuGuqwRT3Sbs81EUMXvpLsJOQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 53ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 104BF7D135294147A48488FEDF6F4F0E Ref B: FRAEDGE1315 Ref C: 2022-04-05T00:10:02Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 05 Apr 2022 00:10:02 GMT
accept-ranges: bytes
content-length: 11333

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 160 KB
59 KB 37ms
18ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DPN15YB5DF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

218cd4d2bbb5f773e738465cb9b9ea9878ae655f436e8bc8fd20724f0a20f5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60433
x-xss-protection: 0
expires: Tue, 05 Apr 2022 00:10:02 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 66ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Apr 2022 00:10:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 25ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26313
x-xss-protection: 0
pragma: public
x-fb-debug: uUepaVYs9fMPa2ccqghPO8ggSa15Y3cHnX59I4oZEKNrRyNy+0duhdXN2oYglMSXZFS9/YfoVtCs1/0Rh/eo/g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 05 Apr 2022 00:10:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 113855.ct.js Show response
tag.rmp.rakuten.com/ 65 KB
21 KB 249ms
227ms Script
text/javascript 34.102.147.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rmp.rakuten.com/113855.ct.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: f756a8175fa7352a465802c0548025463527e6949f11c22182cf6e11c1231282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 00:10:02 GMT
x-cache: miss
x-samesite: secure
via: 1.1 google
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
content-type: text/javascript
alt-svc: clear

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 39ms
6ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:09:12 GMT
fastly-original-body-size: 14407
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100161-IAD, cache-fra19173-FRA

GET
H2 200 dtag.js Show response
cdn.attn.tv/itcosmetics/ 0
374 B 54ms
6ms Script
text/javascript 2600:9000:206f:bc00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/itcosmetics/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:bc00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
age: 20463
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/javascript
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
date: Mon, 04 Apr 2022 18:29:00 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 0Yfd6bw7i96SdhOD7gc1qP2xwBJiXu3_7r4t8W_l4yj5YmGIMb3lAg==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 13 KB
3 KB 20ms
19ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6kn6x4Mq//asafVxYG5LSA==
age: 6463
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:28 GMT
server: cloudflare
etag: 0x8D983BB627AC080
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bba5938b-301e-00d6-51df-06933c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f6e0ef37c6c0219-ZRH

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 21ms
20ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 246
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ee7331e5-201e-0063-1b80-489ec3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6f6e0ef38c6e0219-ZRH

GET
H/1.1 200
OK /
d.agkn.com/pixel/10859/ 43 B
595 B 41ms
8ms Image
image/gif 3.120.51.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10859/?che=1161504551&gaid=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.51.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-51-47.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:01 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __Analytics-Start
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 35 B
119 B 127ms
126ms Image
image/gif 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.itcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.14947774367638944&cmpn=&tz=US/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 6f6e0ef39efa918f-FRA
x-dw-request-base-id: HvrWENqIS2IBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987290011/ 2 KB
2 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987290011/?random=1649117402172&cv=9&fst=1649117402172&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4424653e82d309475c87cf68305f4804a9dd747463a032c8f601eb4d861bf58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858640376/ 2 KB
1 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858640376/?random=1649117402174&cv=9&fst=1649117402174&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

920b4e1617bd2f911018891ec268054cf1b7331a6ad7fbe7bfb867bfa4a52747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/749421453/ 2 KB
1 KB 51ms
35ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/749421453/?random=1649117402177&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1055205405.1649117402&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

41c3af1cd4d96637f3736f916aecb1af8459af576962493416a603499c4b38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 23ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 23:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Apr 2022 00:58:50 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 23:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Apr 2022 00:21:19 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 MiniCartIcon.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/cart/ 4 KB
2 KB 17ms
17ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/cart/MiniCartIcon.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 538bb93b0eb0894e32b05736f4b5eab246053c7a5d243b2ad81dd67cb7a223f9

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=3890
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef40f98918f-FRA
x-dw-request-base-id: eqeUmsnxSmIBAAB_
expires: Thu, 05 May 2022 00:10:02 GMT

GET
H3 200 600434936754718 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 66ms
56ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/600434936754718?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54890caa7a07911ad1c1beacf4c3adab0597a0f09d0d0a67e53d89e3a87e38d0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GcPQiVwHPFau5T9Q63wY+LKpnF6IAHG52n3orCYZtK5tjvgzyBLguRUcL/xy32WAB/1J6QSmCTCGsNAFdCoRQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 05 Apr 2022 00:10:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DPN15YB5DF&gtm=2oe3u0&_p=296449329&sr=1600x1200&ul=en&cid=173120542.1649117402&ir=1&_s=1&dl=%2F&dt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&uid=abx0G4Y89j6zbaB77Mqx3fjuZY&sid=1649117402&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_eu=Q&ep.page_category=homepage&up.brand=ITC&up.country=us&up.site_type_level=main
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DPN15YB5DF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
331 B 43ms
21ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=e41399ac-6328-420a-88e7-bf1ff3e72ebf

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

7fe29efd7383da42f2b9547d02bb177fb09df19f385245619ca7ff13933c4730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ Frame 4E45 39 KB
16 KB 98ms
20ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.itcosmetics.com&site=73595848&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
content-encoding: gzip
content-type: text/html
date: Tue, 05 Apr 2022 00:10:02 GMT
expires: Tue, 05 Apr 2022 00:20:02 GMT
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
server: ws
vary: Origin

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame D933 0
241 B 34ms
21ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 05 Apr 2022 00:10:02 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 130ms
114ms Script
text/plain 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o17qu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=5a5db612-ceca-4dc1-a210-9ddfb837fe07&tw_document_href=https%3A%2F%2Fwww.itcosmetics.com%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 05 Apr 2022 00:10:02 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: 0b162aa27efa16ef636ece9c4ea6b8be02772b335239c20cb0be9e051d23fd7f
content-length: 0
strict-transport-security: max-age=631138519

GET
H2 200 adsct
t.co/i/ 43 B
336 B 147ms
124ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o17qu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=5a5db612-ceca-4dc1-a210-9ddfb837fe07&tw_document_href=https%3A%2F%2Fwww.itcosmetics.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 117
date: Tue, 05 Apr 2022 00:10:01 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c4fb73603c01c8a9026e9037cca460f258de7394e3f01c088429557283eb8d56
content-length: 43

GET
H2 200 4039867.js Show response
bat.bing.com/p/action/ 891 B
854 B 182ms
182ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4039867.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

47b47ca60ddbc5abdf09c1d1da41a8f7ac9d28cc817f9fe6b04ed0e2cfbdcd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D9A2E1FAAD5428C8193457BB1B3412E Ref B: FRAEDGE1315 Ref C: 2022-04-05T00:10:02Z
date: Tue, 05 Apr 2022 00:10:02 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 679

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4039867&tm=gtm002&Ver=2&mid=2ca4ee86-20ea-4948-b994-fa4b6f2807d3&sid=bd16a090b47411ecb38de3b5c8a31225&vid=bd16cc10b47411ec997b672a78fd90a9&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=It%20Cosmetics%20%7C%20Makeup,%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&kw=IT%20Cosmetics&p=https%3A%2F%2Fwww.itcosmetics.com%2F&r=&lt=1632&evt=pageLoad&msclkid=N&sv=1&rn=360852

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E4BEA39FD78496DA75F07264785F090 Ref B: FRAEDGE1315 Ref C: 2022-04-05T00:10:02Z
date: Tue, 05 Apr 2022 00:10:02 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:06:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47025
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/987290011/ 42 B
108 B 44ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987290011/?random=1649117402172&cv=9&fst=1649116800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=1149493271&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/987290011/ 42 B
548 B 42ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987290011/?random=1649117402172&cv=9&fst=1649116800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=1149493271&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858640376/ 42 B
548 B 40ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858640376/?random=1649117402174&cv=9&fst=1649116800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=3178679323&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858640376/ 42 B
108 B 42ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858640376/?random=1649117402174&cv=9&fst=1649116800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=3178679323&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=296449329&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.itcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUAr~&cid=173120542.1649117402&uid=abx0G4Y89j6zbaB77Mqx3fjuZY&tid=UA-74428248-1&_gid=55128713.1649117402&gtm=2wg3u0MTP53K8&cg1=homepage&cd1=ITC&cd2=en&cd3=us&cd4=main&cd5=homepage&cd9=not%20logged&cd11=abx0G4Y89j6zbaB77Mqx3fjuZY&cd15=unknown&cd34=0&cd176=DE&cd179=Analytics%7CMarketing&cd181=https%3A%2F%2Fwww.itcosmetics.com%2F&promo1id=promotion&promo1nm=48%20hours%20only!%20extra%2010%25%20off%20makeup%20%2B%2030%25%20off%20for%20members%20and%2025%25%20off%20non%20members%20sitewide&promo1cr=banner&promo1ps=slot1&promo2id=promotion&promo2nm=not%20a%20loyalty%20member%3F%20sign%20up%20now%20and%20enjoy%20the%20perks!&promo2cr=banner&promo2ps=slot2&z=1630864728

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:06:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47025
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Carousel.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/ 25 KB
6 KB 20ms
19ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/components/global/Carousel.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8464cb371f14f03619849e83e121ff86ea909fa3d70d7b3d504103de9fd26d7e

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38233
cf-polished: origSize=25438
cross-origin-resource-policy: cross-origin
cf-bgj: minify
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6f6e0ef4b874918f-FRA
x-dw-request-base-id: HvqrqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:02 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/749421453/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp...
https://www.google.com/pagead/1p-conversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h...
https://www.google.de/pagead/1p-conversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=...

42 B
64 B

39ms
22ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1055205405.1649117402&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=2ohLYvPuDJKC-gaauqPQCA&cid=CAQSKQCNIrLMT2k5fNz2b77UxENQXGDHTHH_ZifVy4gZpFJLG6BKtmsItURU&eitems=ChEI8K6qkgYQooSrlonZqpWzARIdAIzd8OmoQQmXyfSnWx0-SEo5HSwZ6NNbF8vacIU&random=2517790807&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/749421453/?random=642514018&cv=9&fst=1649117402177&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1055205405.1649117402&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=2ohLYvPuDJKC-gaauqPQCA&cid=CAQSKQCNIrLMT2k5fNz2b77UxENQXGDHTHH_ZifVy4gZpFJLG6BKtmsItURU&eitems=ChEI8K6qkgYQooSrlonZqpWzARIdAIzd8OmoQQmXyfSnWx0-SEo5HSwZ6NNbF8vacIU&random=2517790807&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 p
tr.snapchat.com/ 68 B
86 B 32ms
24ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=6aedc8bd-31c1-4b96-9457-8cc63ac613ee&pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.itcosmetics.com%2F&ts=1649117402350&rf=&v=1.6.0&if=false&bt=__LIVE__&intg=gtm&m_sl=2414&m_rd=2472&m_pi=1631&m_pl=1632&m_ic=0&u_c1=a645aaef-d038-4e42-8c8e-5cb2cce7d625

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 1790 485 B
851 B 70ms
43ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Requested by

Host: 8563001.fls.doubleclick.net
URL: https://8563001.fls.doubleclick.net/activityi;dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5a021485be97fccf6138ff45fbc2bf87f899d80a6a07f4c91c280962fdf0043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8563001.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 00:10:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f3cba294fade1e60aeab8e68ff44256bde9e9e083659aa12c198504fb2dbd87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
80 B 31ms
21ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=e41399ac-6328-420a-88e7-bf1ff3e72ebf

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

7fe29efd7383da42f2b9547d02bb177fb09df19f385245619ca7ff13933c4730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64

GET
H3 200 p
tr.snapchat.com/ 68 B
86 B 28ms
28ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=52a9f32e-f5ac-4f40-95cd-1a9d2703887e&pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.itcosmetics.com%2F&ts=1649117402365&rf=&v=1.6.0&if=false&bt=__LIVE__&intg=gtm&m_sl=2414&m_rd=2488&m_pi=1631&m_pl=1632&m_ic=0&u_c1=a645aaef-d038-4e42-8c8e-5cb2cce7d625

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 46F1 13 KB
5 KB 68ms
22ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.itcosmetics.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5134
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 00:10:01 GMT
server-processing-duration-in-ticks: 1827
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=296449329&t=timing&cu=USD&_s=2&dl=https%3A%2F%2Fwww.itcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1632&pdt=187&dns=21&rrt=688&srt=566&tcp=19&dit=1631&clt=1631&_gst=2253&_gbt=2312&_cst=1691&_cbt=1787&_u=aGDAgUAr~&cid=173120542.1649117402&uid=abx0G4Y89j6zbaB77Mqx3fjuZY&tid=UA-100779674-1&_gid=55128713.1649117402&gtm=2wg3u0MTP53K8&cg1=homepage&cd1=ITC&cd2=en&cd3=us&cd4=main&cd5=homepage&cd9=not%20logged&cd11=abx0G4Y89j6zbaB77Mqx3fjuZY&cd15=unknown&cd34=0&cd176=DE&cd179=Analytics%7CMarketing&cd181=https%3A%2F%2Fwww.itcosmetics.com%2F&z=2015191659

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:06:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47025
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=296449329&t=timing&cu=USD&_s=2&dl=https%3A%2F%2Fwww.itcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1632&pdt=187&dns=21&rrt=688&srt=566&tcp=19&dit=1631&clt=1631&_gst=2253&_gbt=2312&_cst=1691&_cbt=1787&_u=aGDAgUAr~&cid=173120542.1649117402&uid=abx0G4Y89j6zbaB77Mqx3fjuZY&tid=UA-74428248-1&_gid=55128713.1649117402&gtm=2wg3u0MTP53K8&cg1=homepage&cd1=ITC&cd2=en&cd3=us&cd4=main&cd5=homepage&cd9=not%20logged&cd11=abx0G4Y89j6zbaB77Mqx3fjuZY&cd15=unknown&cd34=0&cd176=DE&cd179=Analytics%7CMarketing&cd181=https%3A%2F%2Fwww.itcosmetics.com%2F&z=55793720

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:06:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47025
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swiper.min.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/npm/swiper@4.5.1/dist/js/ 126 KB
33 KB 20ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/npm/swiper@4.5.1/dist/js/swiper.min.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/javascripts/vendors/system.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b21b672f6980e454c4628745e5f7f05c487b2426af17900bd4860ef7c920b3a1

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 17:25:41 GMT
server: cloudflare
age: 38233
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 6f6e0ef4f8b1918f-FRA
x-dw-request-base-id: HvrxqsjxSmIBAAB_
expires: Thu, 05 May 2022 00:10:02 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=296449329&t=event&ni=1&cu=USD&_s=1&dl=https%3A%2F%2Fwww.itcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ClientID&ea=Send%20Event&el=Set%20ClientID%20in%20Google%20Analytics%20with%20an%20non-interactif%20Event&_u=aGDAgUAr~&cid=173120542.1649117402&uid=abx0G4Y89j6zbaB77Mqx3fjuZY&tid=UA-100779674-1&_gid=55128713.1649117402&gtm=2wg3u0MTP53K8&cg1=homepage&cd1=ITC&cd2=en&cd3=us&cd4=main&cd5=homepage&cd9=not%20logged&cd11=abx0G4Y89j6zbaB77Mqx3fjuZY&cd15=unknown&cd34=0&cd41=173120542.1649117402&cd176=DE&cd179=Analytics%7CMarketing&cd181=https%3A%2F%2Fwww.itcosmetics.com%2F&z=202343290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:06:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47025
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=296449329&t=event&ni=1&cu=USD&_s=1&dl=https%3A%2F%2Fwww.itcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ClientID&ea=Send%20Event&el=Set%20ClientID%20in%20Google%20Analytics%20with%20an%20non-interactif%20Event&_u=aGDAgUAr~&cid=173120542.1649117402&uid=abx0G4Y89j6zbaB77Mqx3fjuZY&tid=UA-74428248-1&_gid=55128713.1649117402&gtm=2wg3u0MTP53K8&cg1=homepage&cd1=ITC&cd2=en&cd3=us&cd4=main&cd5=homepage&cd9=not%20logged&cd11=abx0G4Y89j6zbaB77Mqx3fjuZY&cd15=unknown&cd34=0&cd41=173120542.1649117402&cd176=DE&cd179=Analytics%7CMarketing&cd181=https%3A%2F%2Fwww.itcosmetics.com%2F&z=1311576763

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 11:06:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47025
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=600434936754718&ev=PageView&dl=https%3A%2F%2Fwww.itcosmetics.com%2F&rl=&if=false&ts=1649117402440&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649117402439.1734140418&it=1649117402252&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 05 Apr 2022 00:10:02 GMT

GET
H2 200 p
consent.linksynergy.com/consent/v3/ 37 B
335 B 44ms
21ms Image
image/gif 34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.itcosmetics.com&sought=false&tp=gdpr&aff_mid=42479&attr_sid=113855&purposes=&vendors=&ext_id=373198c4-994c-4cb5-b405-d44ab7f53ce6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
via: 1.1 google
content-type: image/gif
alt-svc: clear
content-length: 37
x-samesite: secure

GET
H2 200 dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 7D61 194 B
870 B 67ms
45ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKHXzYfR-_YCFQhGHQkdDd0O4g;src=8563001;type=itcos00;cat=itcos00;ord=2275167653103;gtm=2wg3u0;auiddc=1055205405.1649117402;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 00:10:02 GMT
expires: Tue, 05 Apr 2022 00:10:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 755 B
1010 B 56ms
31ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 5671d0e64610d5000ebab457fe11658f386f7f02f8e86633034f13a8a7c8445f

Request headers

Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 755

GET
H2

200

sid Show response
mug.criteo.com/ Frame 46F1
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=itcosmetics.com&sn=ChromeSyncframe&so=0&topUrl=www.itcosmetics.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=nBcQLHx4TXFZZXFDTnllRXZXa2VJTEJ3R3lpckpSamV3K1lhUjZlTGpqRlE4RzJSYklwOEE2ZDRKdCtYNklseWRGbFVHZ1o3TFpJUnRCN2FXem81eFhnRUFmand5aXNhdjhGcjJxMTdHMThFeFhXdVVLTkhVV2ZpRmhDZj...

425 B
628 B

56ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nBcQLHx4TXFZZXFDTnllRXZXa2VJTEJ3R3lpckpSamV3K1lhUjZlTGpqRlE4RzJSYklwOEE2ZDRKdCtYNklseWRGbFVHZ1o3TFpJUnRCN2FXem81eFhnRUFmand5aXNhdjhGcjJxMTdHMThFeFhXdVVLTkhVV2ZpRmhDZjdDdUQvdWVhdm5NVlZmU2NndXdINGwzTHU0SmFRUWlPOE8ybjZuMDBMY25mZXVTOEJxN2I4Zk9uVmRmODdGeS9tcStGUW1jdzNwSEZ5Kzd3VVY4M3kwT0hhWjN4MXJMbXUxM1dDTWhFeXpjYlBTTEVaMmVCTjd6bkNqdCtTN2lRaDZ3MTNsZUdtQm4xQytKUzQ0OEs3K3NYR1dNRkVzQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e91f824107145826f59123a09a650a7974d274b31e7ba86027650ca7bb88c958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4848
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=nBcQLHx4TXFZZXFDTnllRXZXa2VJTEJ3R3lpckpSamV3K1lhUjZlTGpqRlE4RzJSYklwOEE2ZDRKdCtYNklseWRGbFVHZ1o3TFpJUnRCN2FXem81eFhnRUFmand5aXNhdjhGcjJxMTdHMThFeFhXdVVLTkhVV2ZpRmhDZjdDdUQvdWVhdm5NVlZmU2NndXdINGwzTHU0SmFRUWlPOE8ybjZuMDBMY25mZXVTOEJxN2I4Zk9uVmRmODdGeS9tcStGUW1jdzNwSEZ5Kzd3VVY4M3kwT0hhWjN4MXJMbXUxM1dDTWhFeXpjYlBTTEVaMmVCTjd6bkNqdCtTN2lRaDZ3MTNsZUdtQm4xQytKUzQ0OEs3K3NYR1dNRkVzQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2293
content-length: 541
expires: 0

GET
H2 200 pebble Show response
p.cquotient.com/ 252 B
556 B 101ms
35ms Script
text/javascript 34.247.75.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.cquotient.com/pebble?tla=aang-itcosmetics-us&activityType=viewPage&callback=CQuotient._act_callback0&cookieId=abx0G4Y89j6zbaB77Mqx3fjuZY&realm=AANG&siteId=itcosmetics-us&instanceType=prd&marketingCloudStoreID=7290682&referrer=&currentLocation=https%3A%2F%2Fwww.itcosmetics.com%2F&ls=true&_=1649117402537&v=v2.34.2&fbPixelId=__UNKNOWN__&json=%7B%22cookieId%22%3A%22abx0G4Y89j6zbaB77Mqx3fjuZY%22%2C%22realm%22%3A%22AANG%22%2C%22siteId%22%3A%22itcosmetics-us%22%2C%22instanceType%22%3A%22prd%22%2C%22marketingCloudStoreID%22%3A%5B%227290682%22%5D%2C%22referrer%22%3A%22%22%2C%22currentLocation%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22ls%22%3Atrue%2C%22_%22%3A1649117402537%2C%22v%22%3A%22v2.34.2%22%2C%22fbPixelId%22%3A%22__UNKNOWN__%22%7D

Requested by

Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.75.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-75-25.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b5bce23dc5b59ae4f633c363ec506f1b65e28f24d93cab86fa15e71c3ab512b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
x-content-type-options: nosniff
etag: W/"fc-yHIqJjogccg+mSF+ipqjfDo4g+g"
content-length: 252
strict-transport-security: max-age=15552000; includeSubdomains
content-type: text/javascript; charset=utf-8

GET
H2 200 clarity.js Show response
k.clarity.ms/s/0.6.34/ 53 KB
23 KB 298ms
97ms Script
application/javascript 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4039867.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:01 GMT
content-encoding: br
etag: "1d83fcbec22f254"
last-modified: Thu, 24 Mar 2022 22:10:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=49D3E0CF7F694DB5A8F0455B8FD087F9&RedC=c.clarity.ms&MXFR=3704D7777ADB61C510FFC60A7EDB6F03
https://c.clarity.ms/c.gif?CtsSyncId=49D3E0CF7F694DB5A8F0455B8FD087F9&MUID=1B6EB073461A6F8C2FC3A10E47C86EC6

42 B
368 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=49D3E0CF7F694DB5A8F0455B8FD087F9&MUID=1B6EB073461A6F8C2FC3A10E47C86EC6
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F18D231354D84264B8FC5C10C1F7EFB5 Ref B: FRAEDGE1315 Ref C: 2022-04-05T00:10:02Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=49D3E0CF7F694DB5A8F0455B8FD087F9&MUID=1B6EB073461A6F8C2FC3A10E47C86EC6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 116ms
116ms Script
application/javascript 2a02:26f0:3500:883::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=53594&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=bsKs9F9PdEp1Q3JsT0IyTXdzdklwZTlxYWtTdFNBYUYxRlg5bjh5cjd1Z...
https://widget.us.criteo.com/event?a=53594&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=bsKs9F9PdEp1Q3JsT0IyTXdzdklwZTlxYWtTdFNBYUYxRlg5bjh5cjd1Z...

7 KB
8 KB

280ms
99ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=53594&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=bsKs9F9PdEp1Q3JsT0IyTXdzdklwZTlxYWtTdFNBYUYxRlg5bjh5cjd1ZmhIblFkd0dVJTJGSGRBVEpjZU05QkQ0Tmc2cUVQRnF5R3JEdmZTYnl2VGZEeHBaVkRmV1FTejJ1WlpKNFhwUzBkeG1MZllPZEs5NEQwc3lzbkpId0JIMFFSWW1iTXRRRGtzMzQ5JTJGeHIzdyUyQjJTRHFvM2clM0QlM0Q&tld=itcosmetics.com&dtycbr=47127

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b2a2ad0a15b6f420954051bb7652461d8e01318331d6c0e8da2fdca0cc2c999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9838492
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://widget.us.criteo.com/event?a=53594&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=bsKs9F9PdEp1Q3JsT0IyTXdzdklwZTlxYWtTdFNBYUYxRlg5bjh5cjd1ZmhIblFkd0dVJTJGSGRBVEpjZU05QkQ0Tmc2cUVQRnF5R3JEdmZTYnl2VGZEeHBaVkRmV1FTejJ1WlpKNFhwUzBkeG1MZllPZEs5NEQwc3lzbkpId0JIMFFSWW1iTXRRRGtzMzQ5JTJGeHIzdyUyQjJTRHFvM2clM0QlM0Q&tld=itcosmetics.com&dtycbr=47127
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4311551
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ 38 KB
15 KB 38ms
37ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fwww.itcosmetics.com&site=73595848&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 05 Apr 2022 00:20:02 GMT

GET
H2 200 03-gwp-d-040422.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw6b7324b3/_NGL/2022/Homepage/04-April/ 43 KB
44 KB 17ms
16ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw6b7324b3/_NGL/2022/Homepage/04-April/03-gwp-d-040422.jpg?sw=1698&sh=668&sm=cut&q=70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e662ab847606fb0f885ede4eb80356ca25b4a30d4c56bffa828208ed70e313

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 245
cf-polished: qual=85, origFmt=jpeg, origSize=52215
x-cache: Hit from cloudfront
content-disposition: inline; filename="03-gwp-d-040422.webp"
content-length: 44006
x-amz-expiration: expiry-date="Fri, 05 May 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Mon, 04 Apr 2022 04:03:25 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1698&sh=668&sm=cut&q=70
etag: "cd9f30ba5ec97536db140568ab457683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 05 May 2022 00:10:02 GMT
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 6f6e0ef6dad3918f-FRA
x-amz-cf-id: QekeR-yFCtP1F0ZfrT4oUQk8oeXhgtatNJUg7EDAgGeShZiJ082bJw==
cf-bgj: imgq:85,h2pri

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 242 B
1 KB 513ms
183ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?&cb=lpCb15808x58493&t=sp&ts=1649117402068&pid=2408053379&tid=5586407877&pt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&u=https%3A%2F%2Fwww.itcosmetics.com%2F&sec=%5B%22Home%22%5D&df=0&os=0&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22ctype%22%3Anull%2C%22accountName%22%3A%22aBi16000000XbjZCAS%22%7D%7D%2C%7B%22type%22%3A%22personal%22%2C%22personal%22%3A%7B%22company%22%3A%22aBT160000004D1TGAU%22%7D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 5c1dcafd8c90a4b155aaf52fea71061fc3ee3b2a6241bedde8b12058c8de2e84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
ct.pinterest.com/user/ 482 B
730 B 50ms
35ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2616019776711&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1649117402726
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8aa04a1f343a39a2cb3f748899533584c50d6401cb32316d237e15adc3f26623

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVlUSTNaRFJoTXpndFpUUmpaUzAwT0RjMUxUazVaak10TWpKaE9HSmlNR1psT0RGbQ
x-pinterest-rid: 1220109844422730
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
86 B 46ms
37ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2616019776711&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1649117402732
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 8683436775583859
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
339 B 44ms
36ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2616019776711&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1649117402733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 9742397209068401
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/ 20 B
363 B 397ms
193ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/prop.json?_=1649117402787
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2F6F 0
18 B 15ms
6ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://www.itcosmetics.com
Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.itcosmetics.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 00:10:02 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame B297
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=tZrHHsUb-x8k2lhJM9iYoW9xHNs6PiGh

42 B
178 B

22ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=tZrHHsUb-x8k2lhJM9iYoW9xHNs6PiGh
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 00:10:03 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=tZrHHsUb-x8k2lhJM9iYoW9xHNs6PiGh
date: Tue, 05 Apr 2022 00:10:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2880
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B297
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1TUHVZZkNvMW1uZ2o0Uk1ONnhtSlRqb29oM0tra2dzTlJad19pdw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
370 B

46ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 258757
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame B297 0
232 B 143ms
30ms Image
text/html 52.48.97.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-SPuYfCo1mngj4RMN6xmJTjooh3KkkgsNRZw_iw&custom=&tag_format=img&tag_action=sync&custom=&cb=8b55986f-1a78-4070-a089-34bd1fdbd6b9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.97.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-97-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame B297 42 B
418 B 46ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-SPuYfCo1mngj4RMN6xmJTjooh3KkkgsNRZw_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 00:10:03 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 204 v1
ads.yahoo.com/cms/ Frame B297 0
194 B 81ms
21ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame B297 43 B
713 B 128ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Tue, 05 Apr 2022 00:10:03 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame B297
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OWmpQCo1mngj4RMN6xmJTjooh3J8AN3XqQsbZQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OWmpQCo1mngj4RMN6xmJTjooh3J8AN3XqQsbZQ&verify=true

0
122 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OWmpQCo1mngj4RMN6xmJTjooh3J8AN3XqQsbZQ&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OWmpQCo1mngj4RMN6xmJTjooh3J8AN3XqQsbZQ&verify=true
date: Tue, 05 Apr 2022 00:10:03 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B297 0
476 B 364ms
86ms Image
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-vpXdjSo1mngj4RMN6xmJTjooh3LCHUcuJ9cvmg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:10:03 GMT
Cache-Control: no-cache
X-TraceId: 44a55fbd0da352a2bb66de8e4a3eb2fa
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame B297 0
427 B 165ms
109ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-W0mEIio1mngj4RMN6xmJTjooh3KzMvhN8zA47Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 05 Apr 2022 00:10:03 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B297 0
239 B 38ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-W0mEIio1mngj4RMN6xmJTjooh3KzMvhN8zA47Q&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame B297
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-buDiuSo1mngj4RMN6xmJTjooh3IoywUOrytZUg&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-buDiuSo1mngj4RMN6xmJTjooh3IoywUOrytZUg%26seg%3D95287

43 B
1 KB

29ms
29ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-buDiuSo1mngj4RMN6xmJTjooh3IoywUOrytZUg%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2aa474cd-ee22-4518-a16d-c8be518ceb94
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d88897cc-21d6-4815-9d53-5f42e9da34ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-buDiuSo1mngj4RMN6xmJTjooh3IoywUOrytZUg%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B297 42 B
673 B 89ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-6YVNbyo1mngj4RMN6xmJTjooh3Ie7Oq6QF10vw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug022:0:340
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame B297
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-KoShayo1mngj4RMN6xmJTjooh3JgmEV5OenPQA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-KoShayo1mngj4RMN6xmJTjooh3JgmEV5OenPQA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

9ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-KoShayo1mngj4RMN6xmJTjooh3JgmEV5OenPQA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-KoShayo1mngj4RMN6xmJTjooh3JgmEV5OenPQA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 05 Apr 2022 00:10:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame B297 45 B
725 B 73ms
35ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Ifo2dio1mngj4RMN6xmJTjooh3Ik257n26E4bg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 05 Apr 2022 00:10:03 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 05 Apr 2022 00:10:03 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame B297
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7C9Y5io1mngj4RMN6xmJTjooh3Lmil3eQRP5bQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7C9Y5io1mngj4RMN6xmJTjooh3Lmil3eQRP5bQ&C=1

43 B
1 KB

19ms
19ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7C9Y5io1mngj4RMN6xmJTjooh3Lmil3eQRP5bQ&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 05 Apr 2022 00:10:03 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-7C9Y5io1mngj4RMN6xmJTjooh3Lmil3eQRP5bQ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Tue, 05 Apr 2022 00:10:03 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame B297 0
239 B 33ms
7ms Image
text/plain 2600:9000:2057:c200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-l1qMCCo1mngj4RMN6xmJTjooh3KkjVH42eq1tg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: PA3Fy9V9p-1SJbe6ALv1jSgt47NbS7vniTVOnGB2jHYoA1eH5GY5qQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame B297
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-pMCzWyo1mngj4RMN6xmJTjooh3KzXTj_borrhQ&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pMCzWyo1mngj4RMN6xmJTjooh3KzXTj_borrhQ&expires=30&user_group=5

43 B
495 B

8ms
8ms

Image
image/gif

3.124.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pMCzWyo1mngj4RMN6xmJTjooh3KzXTj_borrhQ&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 3.124.150.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-150-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:10:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-pMCzWyo1mngj4RMN6xmJTjooh3KzXTj_borrhQ&expires=30&user_group=5
Date: Tue, 05 Apr 2022 00:10:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame B297 35 B
336 B 105ms
35ms Image
image/gif 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-Xor4Aio1mngj4RMN6xmJTjooh3IkG_iYQj6kfg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame B297 23 B
172 B 111ms
40ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-8tTXHCo1mngj4RMN6xmJTjooh3Lue9iGrhK7Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 05 Apr 2022 00:10:03 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B297 0
99 B 48ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-EX3wpio1mngj4RMN6xmJTjooh3I2zOSo-G5Cxg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13535

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B297 43 B
163 B 65ms
20ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-aS5_fCo1mngj4RMN6xmJTjooh3Lh5ExY5vUr9Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:02 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame B297 68 B
262 B 38ms
6ms Image
image/png 35.157.19.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-6VcFySo1mngj4RMN6xmJTjooh3KyluK4q5xI3w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.19.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-19-73.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame B297
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jfN7Eyo1mngj4RMN6xmJTjooh3KvCUE9z6AcRw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jfN7Eyo1mngj4RMN6xmJTjooh3KvCUE9z6AcRw

43 B
446 B

33ms
33ms

Image
image/gif

34.251.6.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jfN7Eyo1mngj4RMN6xmJTjooh3KvCUE9z6AcRw
Protocol: H2
Server: 34.251.6.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-6-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Apr 2022 00:10:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jfN7Eyo1mngj4RMN6xmJTjooh3KvCUE9z6AcRw
date: Tue, 05 Apr 2022 00:10:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame B297
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA&_li_chk=true&previous_uuid=06cda599562945389bac7ac67a01053c
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA

43 B
419 B

291ms
95ms

Image
image/gif

2600:1f18:444a:4602:53e2:11db:de26:cbeb
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:53e2:11db:de26:cbeb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:10:03 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k--udCLyo1mngj4RMN6xmJTjooh3Jw5O8BblihTA
Date: Tue, 05 Apr 2022 00:10:03 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame B297 43 B
427 B 500ms
160ms Image
image/gif 54.193.236.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-mOrJ4So1mngj4RMN6xmJTjooh3LMNhL8BPVgkg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.236.21 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-236-21.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B297 43 B
183 B 291ms
93ms Image
image/gif 2600:1f18:612b:4232:aad:149d:18a2:a241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-T3NCSSo1mngj4RMN6xmJTjooh3IGTrCEhqbUOg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:aad:149d:18a2:a241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame B297
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-WG1jLyo1mngj4RMN6xmJTjooh3J1zIiJ7LeyQA&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

34ms
13ms

Image
image/gif

2001:4de0:ac19::1:b:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 00:10:03 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1649117403.dop101.fr8.t,1649117403.cds236.fr8.shn,1649117403.cds236.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1649117402699085-517
Expires: Tue, 05 Apr 2022 00:10:03 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B297 43 B
220 B 308ms
100ms Image
image/gif 3.91.119.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-hKbm9io1mngj4RMN6xmJTjooh3IogtXiGYPzOQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.119.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-119-106.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 collect Show response
k.clarity.ms/ 0
95 B 98ms
96ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.itcosmetics.com
date: Tue, 05 Apr 2022 00:10:02 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame B297
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/cvPUR413dBQWxouxjHxeSZ8n-lpZJO4j/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4266910273157909321

43 B
370 B

15ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4266910273157909321

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1206027
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4266910273157909321
pragma: no-cache
date: Tue, 05 Apr 2022 00:10:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B297
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8076963689378304479

43 B
370 B

16ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8076963689378304479

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 00:10:03 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2227510
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6ef23957-2972-4056-9938-1cf1170f5fe4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8076963689378304479
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/ 20 B
363 B 98ms
97ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/prop.json?_=1649117403192
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 929 B
1 KB 98ms
97ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=gDC9eVWfRBqr5VGcWsibYg&cb=lpCb18215x75905&t=uc&ts=1649117402245&pid=2408053379&tid=5586407877&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22ngl-livechat-footer%22%7D%2C%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22ngl-livechat-sticky-button%22%7D%5D&vid=liMzM1MzhlZGYyNWIwYjA1
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: e43150e0dc1d0f37150cc39694e4567bcec8c836a253bc2b3405c150da522d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H3 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 419 B
437 B 43ms
35ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ded5e6eb14d859a30a0287a6a1e59f6153db704f5e6b71dbd30e4fdf54982b10

Request headers

Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 419

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/ 9 KB
4 KB 28ms
27ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/overlay.js?_v=3.50.0.1-release_5103
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 421e940d6f97605b150e72573232b2a2a00b812de0cb880fc82d681cc0027b66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 13:17:04 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 05 Apr 2022 00:20:03 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/ 30 KB
12 KB 46ms
46ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.50.0.1-release_5103/jsv2/UISuite.js?_v=3.50.0.1-release_5103
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 13:17:04 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 05 Apr 2022 00:20:03 GMT

GET
H2 200 4742 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089330/revision/ 2 KB
1 KB 34ms
34ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089330/revision/4742?v=3.0&cb=lp3436089330&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

3d7b75f6f78156db8c265b88597ad81355fdfe70889489408629ec69fa08b8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 2
expires: Tue, 05 Apr 2022 00:11:03 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/ 6 KB
2 KB 28ms
28ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/?cb=lpCb37747x52628

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

4f1eb70411369ef7e586d07d841a48bc44a919728989995590c383b522fc337d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Tue, 05 Apr 2022 00:10:57 GMT

GET
H2 200 4742 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089830/revision/ 2 KB
1 KB 52ms
51ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089830/revision/4742?v=3.0&cb=lp3436089830&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

5ce94674e8b0715ea5e6d6acb7277f5a2bd8b5d61ac1504a5bbe940d9392118e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 14
expires: Tue, 05 Apr 2022 00:11:03 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/ 6 KB
2 KB 27ms
27ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/?cb=lpCb5848x99429

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

6fffca3a5a3c38ed21ebf708dc44394a9be6be09c405bbd15870fc9e0bc21768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Tue, 05 Apr 2022 00:10:57 GMT

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 96ms
96ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=gDC9eVWfRBqr5VGcWsibYg&cb=lpCb42269x46180&t=pl&ts=1649117402711&pid=2408053379&tid=5586407877&vid=liMzM1MzhlZGYyNWIwYjA1
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 6b84375fafdacc418d8606e175df1a182ea9b18f36c1fefedec903560e371f93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 1583210514 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/ 4 KB
2 KB 33ms
33ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/1583210514?cb=lpCb91339x55704

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

812684448b17f7d65cec3c779e7b60fca2fde7ce4e8f4e6280f65c653742b830

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Tue, 05 Apr 2022 00:11:03 GMT

GET
H2 200 1583210514 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/ 4 KB
2 KB 83ms
83ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/1583210514?cb=lpCb79060x33766

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

6f78136dadfd4df7f04c2abbd7bcfde6822ac4977d2673e411faac8bcb69cdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Tue, 05 Apr 2022 00:11:03 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/ 20 B
363 B 97ms
97ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/prop.json?_=1649117403389
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

POST
H2 204 collect Show response
k.clarity.ms/ 0
25 B 392ms
202ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.itcosmetics.com
date: Tue, 05 Apr 2022 00:10:02 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 42 B
792 B 99ms
98ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=gDC9eVWfRBqr5VGcWsibYg&cb=lpCb14580x84111&t=uc&ts=1649117403409&pid=2408053379&tid=5586407877&vid=liMzM1MzhlZGYyNWIwYjA1&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A3436089230%2C%22engId%22%3A3436089330%2C%22revision%22%3A4742%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 566d3181659f9ff6218ea23b58b641e65075f103c6d2d8518e31d13e3d220c1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 42 B
792 B 97ms
96ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=gDC9eVWfRBqr5VGcWsibYg&cb=lpCb81131x88251&t=uc&ts=1649117403472&pid=2408053379&tid=5586407877&vid=liMzM1MzhlZGYyNWIwYjA1&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A3436089230%2C%22engId%22%3A3436089830%2C%22revision%22%3A4742%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%222%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: fd27f0acb1b18256ad27fc9484a63e05874eec2c433b0b2cdc1176b758097459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 00:10:03 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/ 20 B
420 B 97ms
97ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 00:10:03 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/ Frame 0
0 97ms
97ms Preflight 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/f0a7d0d85eb04ef688c8398c668aa093/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.itcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 05 Apr 2022 00:10:03 GMT
Vary: Access-Control-Request-Headers

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 96ms
96ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.itcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: https://www.itcosmetics.com
date: Tue, 05 Apr 2022 00:10:04 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.itcosmetics.com
URL: https://www.itcosmetics.com/worker.js

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 02:06:43	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 02:48:29	Name: _li_ss Value: MgkI_____wcQ_RE
.shoprunner.com/	1970-01-20 10:50:53	Name: iterableEndUserId Value: jennifer.estes%40ericsson.com
.shoprunner.com/	1970-01-20 02:06:43	Name: iterableEmailCampaignId Value: 3988533
.shoprunner.com/	1970-01-20 02:06:43	Name: iterableTemplateId Value: 5431158
.shoprunner.com/	1970-01-20 02:06:43	Name: iterableMessageId Value: b4bd8129a2d84fedafeba29da2cb4922
links.shoprunner.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 0723fcd229a8dc6bd85f2cb1df845a5f4cccd297-1649117400130-8ace6eba46fe77d362051a07
www.itcosmetics.com/	1969-12-31 23:59:59	Name: dwac_2bb74a522b3dbd1580b5ef276a Value: RLxEqy9qxId0eC9sV-mvpv3dxAk0Fo4_1cM%3D\|dw-only\|\|\|USD\|false\|US%2FEastern\|true
www.itcosmetics.com/	1969-12-31 23:59:59	Name: cqcid Value: abx0G4Y89j6zbaB77Mqx3fjuZY
www.itcosmetics.com/	1969-12-31 23:59:59	Name: cquid Value: \|\|
www.itcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: RLxEqy9qxId0eC9sV-mvpv3dxAk0Fo4_1cM
www.itcosmetics.com/	1970-01-20 02:06:43	Name: skipGeoRedirect Value: true
www.itcosmetics.com/	1970-01-20 06:24:29	Name: dwanonymous_7832f8d434ad2b090c0bf461bc03f030 Value: abx0G4Y89j6zbaB77Mqx3fjuZY
www.itcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
www.itcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 0
www.itcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: 2mi1Mv0qKeeaMkzckevWZGMJNZDmVmNfO4nzOLqZtm3CyG10VqmqSoOrvLa_MIJ0HfYCXh8U7lumA2IPAUK9SA==
.itcosmetics.com/	1970-01-21 21:53:17	Name: ftr_ncd Value: 6
.itcosmetics.com/	1970-01-21 21:53:17	Name: forterToken Value: f0a7d0d85eb04ef688c8398c668aa093_1649117401620__UDF43_9ck
.itcosmetics.com/	1970-01-27 09:17:17	Name: og_session_id Value: 85cfa0c6425311e89bdabc764e1107f2.779426.1649117402
.igodigital.com/	1970-01-23 17:45:36	Name: igodigitaltc2 Value: bce21052-b474-11ec-86de-ee9ac1daf598
.igodigital.com/	1970-01-20 02:05:21	Name: igodigitalst_7290682 Value: bce2175a-b474-11ec-86de-ee9ac1daf598
.igodigital.com/	1970-01-20 02:05:21	Name: igodigitalstdomain Value: 29993
.itcosmetics.com/	1970-01-20 04:14:53	Name: _gcl_au Value: 1.1.1055205405.1649117402
.bing.com/	1970-01-20 11:26:53	Name: MUID Value: 1B6EB073461A6F8C2FC3A10E47C86EC6
.itcosmetics.com/	1970-01-20 02:06:43	Name: _gid Value: GA1.2.55128713.1649117402
.agkn.com/	1970-01-20 10:50:53	Name: ab Value: 0001%3AgjR4pCKXsxrsvUmXVCb%2Fm4zy0v28jF7B
.agkn.com/	1970-01-20 10:50:53	Name: u Value: C\|0CAAp3kVaKd5FWgAAAAAAAUBiAAAAAA
.itcosmetics.com/	1970-01-20 10:50:53	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Apr+05+2022+00%3A10%3A02+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&hosts=&consentId=c290a62c-4b34-4d97-915e-d9af4aacbaca&interactionCount=0&landingPath=https%3A%2F%2Fwww.itcosmetics.com%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.itcosmetics.com/	1970-01-20 19:36:29	Name: _ga_DPN15YB5DF Value: GS1.1.1649117402.1.0.1649117402.0
.itcosmetics.com/	1970-01-20 02:06:43	Name: _uetsid Value: bd16a090b47411ecb38de3b5c8a31225
.itcosmetics.com/	1970-01-20 11:26:53	Name: _uetvid Value: bd16cc10b47411ec997b672a78fd90a9
.itcosmetics.com/	1970-01-20 19:36:29	Name: _ga Value: GA1.2.173120542.1649117402
.itcosmetics.com/	1970-01-20 11:35:04	Name: _scid Value: a645aaef-d038-4e42-8c8e-5cb2cce7d625
.snapchat.com/	1970-01-20 11:26:53	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIhqKTc4wLV3C8raBFTZkjj0XVtHsPrPYrJZOP6PYd6c7AaHw9NTQSMgAAAA==
.itcosmetics.com/	1970-01-20 04:14:53	Name: _fbp Value: fb.1.1649117402439.1734140418
.criteo.com/	1970-01-20 11:26:53	Name: uid Value: d35338e4-2c0e-4810-bc14-36674aeb0ca3
.doubleclick.net/	1970-01-20 11:26:53	Name: IDE Value: AHWqTUnVjferC1EVKzPc9Z5iLl3r60-htlVkbEmCaD-rH9BQTNeH05ckrX2rLz50
.facebook.com/	1970-01-20 04:14:53	Name: fr Value: 044rvXfTwXP6JPGV4..BiS4ja...1.0.BiS4ja.
.t.co/	1970-01-20 19:36:29	Name: muc_ads Value: 947ab1ba-e501-44c3-aa37-bdaadd971984
.linksynergy.com/	1970-01-20 10:50:53	Name: rmuid Value: e31bd7cc-3ce3-44a1-a533-b9df8b116445
.linksynergy.com/	1970-01-20 10:50:53	Name: icts Value: 2022-04-05T00:10:02Z
.itcosmetics.com/	1969-12-31 23:59:59	Name: pxcts Value: bd3ae801-b474-11ec-944a-524a68636376
.itcosmetics.com/	1970-01-20 10:50:53	Name: _pxvid Value: bd3adc55-b474-11ec-944a-524a68636376
.itcosmetics.com/	1970-01-20 10:50:53	Name: stc113855 Value: tsa:1649117402632.1632648156.2570906.8164957182516395.:20220405004002\|env:1%7C20220506001002%7C20220405004002%7C1%7C1032577:20230405001002\|uid:1649117402631.1321041726.459797.113855.1743927972.:20230405001002\|srchist:1032577%3A1%3A20220506001002:20230405001002
.cquotient.com/	1970-01-20 11:34:05	Name: uuid Value: abx0G4Y89j6zbaB77Mqx3fjuZY
.itcosmetics.com/	1970-01-20 11:34:41	Name: cto_bundle Value: bsKs9F9PdEp1Q3JsT0IyTXdzdklwZTlxYWtTdFNBYUYxRlg5bjh5cjd1ZmhIblFkd0dVJTJGSGRBVEpjZU05QkQ0Tmc2cUVQRnF5R3JEdmZTYnl2VGZEeHBaVkRmV1FTejJ1WlpKNFhwUzBkeG1MZllPZEs5NEQwc3lzbkpId0JIMFFSWW1iTXRRRGtzMzQ5JTJGeHIzdyUyQjJTRHFvM2clM0QlM0Q
.itcosmetics.com/	1970-01-20 11:34:05	Name: __cq_uuid Value: abx0G4Y89j6zbaB77Mqx3fjuZY
.itcosmetics.com/	1970-01-20 02:48:29	Name: __cq_seg Value: 0~0.00!1~0.00!2~0.00!3~0.00!4~0.00!5~0.00!6~0.00!7~0.00!8~0.00!9~0.00
.c.bing.com/	1970-01-20 11:26:53	Name: SRM_B Value: 1B6EB073461A6F8C2FC3A10E47C86EC6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:26:53	Name: MUID Value: 1B6EB073461A6F8C2FC3A10E47C86EC6
.c.clarity.ms/	1970-01-20 02:05:18	Name: ANONCHK Value: 0
.ct.pinterest.com/	1970-01-20 10:50:53	Name: _pinterest_ct_ua Value: "TWc9PSZHVWZPRFdYenhsTGZQQ2d5ZDAxWjJnUmdTbUJSSGp1MW1yNko2Y0FiTXNOdmFtR3hYb3NOdGtENGw0RGs0ZXRYaGZ4azltQUo0TW9nZVAyUC8xV3JZaUxodXczVzNWeWp1azQzUnpDM2xsOD0mNFdlTmF2aWJ1SnZRNzZwclNvR094cFZwSHgwPQ=="
.itcosmetics.com/	1970-01-20 10:50:53	Name: _pin_unauth Value: dWlkPVlUSTNaRFJoTXpndFpUUmpaUzAwT0RjMUxUazVaak10TWpKaE9HSmlNR1psT0RGbQ
.itcosmetics.com/	1970-01-20 10:50:53	Name: _clck Value: 1vnb93q\|1\|f0d\|0
.rlcdn.com/	1970-01-20 10:50:53	Name: rlas3 Value: kjne4SQpqXuopkOmVNEH4+LvFZjIKUotby5ciREIQDE=
.rlcdn.com/	1970-01-20 03:31:41	Name: pxrc Value: CAA=
.analytics.yahoo.com/	1970-01-20 10:50:53	Name: IDSYNC Value: 18zh~245c
.3lift.com/	1970-01-20 04:14:53	Name: tluid Value: 4480338797189956393540
.adnxs.com/	1970-01-20 04:14:53	Name: uuid2 Value: 8076963689378304479
.yahoo.com/	1970-01-20 10:51:15	Name: A3 Value: d=AQABBNuIS2ICECRssgK7Ll-EejsWKDiUeYYFEgEBAQHaTGJVYgAAAAAA_eMAAA&S=AQAAAm60pQ-Gz8wyVIeordMfA1o
.itcosmetics.com/	1970-01-20 02:06:43	Name: _clsk Value: 2ovm9p\|1649117403160\|1\|1\|k.clarity.ms/collect
.pubmatic.com/	1970-01-20 02:48:29	Name: KRTBCOOKIE_97 Value: 3385-uid:k-6YVNbyo1mngj4RMN6xmJTjooh3Ie7Oq6QF10vw&KRTB&23144-uid:k-6YVNbyo1mngj4RMN6xmJTjooh3Ie7Oq6QF10vw&KRTB&23286-uid:k-6YVNbyo1mngj4RMN6xmJTjooh3Ie7Oq6QF10vw&KRTB&23287-uid:k-6YVNbyo1mngj4RMN6xmJTjooh3Ie7Oq6QF10vw
.pubmatic.com/	1970-01-20 02:48:29	Name: PugT Value: 1649117403
.pubmatic.com/	1970-01-20 04:14:53	Name: PUBMDCID Value: 3
.casalemedia.com/	1970-01-20 10:50:53	Name: CMID Value: YkuI26dnWl3ZHYhs-0YT5QAA
.casalemedia.com/	1970-01-20 04:14:53	Name: CMPS Value: 5203
.addthis.com/	1970-01-20 11:26:53	Name: ouid Value: 624b88db00011d6fbcb7ff233604f5dd683aab08dc340f3857f0
.addthis.com/	1970-01-20 11:26:53	Name: uid Value: 624b88db7893d69f
.addthis.com/	1970-01-20 11:26:53	Name: na_id Value: 2022040524100314600614082443
.turn.com/	1970-01-20 06:24:29	Name: uid Value: 4266910273157909321
.casalemedia.com/	1970-01-20 04:14:53	Name: CMPRO Value: 1219
.casalemedia.com/	1970-01-20 10:50:53	Name: CMRUM3 Value: 14624b88db2760k-7C9Y5io1mngj4RMN6xmJTjooh3Lmil3eQRP5bQ
.casalemedia.com/	1970-01-20 02:06:43	Name: CMST Value: YkuI22JLiNsA
.bidswitch.net/	1970-01-20 10:50:53	Name: tuuid Value: bd277e5d-c3b8-4c1c-855c-4121796f31a6
.bidswitch.net/	1970-01-20 10:50:53	Name: c Value: 1649117403
.bidswitch.net/	1970-01-20 10:50:53	Name: tuuid_lu Value: 1649117403
.sharethrough.com/	1970-01-20 02:48:29	Name: stx_user_id Value: fceedc04-ddb5-40e4-bb91-309b3e0dd4a0
.itcosmetics.com/	1970-01-20 10:50:53	Name: LPVID Value: liMzM1MzhlZGYyNWIwYjA1
.itcosmetics.com/	1969-12-31 23:59:59	Name: LPSID-73595848 Value: gDC9eVWfRBqr5VGcWsibYg
.adnxs.com/	1970-01-20 04:14:53	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GU's]Yxl!fss0=RroE7VW]Fp9RZU.GPq$6Uwkp.zc^#Wvsc@XNM`EIHzjopGLUEB?U@P0'/ZD54Ra<HvO#DI2Z#DIgl#Xsf]T=/<X
.revcontent.com/	1970-02-07 08:05:17	Name: __ID Value: d8273d74b19b41808dace7ae1b13220d
.revcontent.com/	1970-01-20 02:48:29	Name: v1_151 Value: 1
.360yield.com/	1970-01-20 04:14:53	Name: tuuid Value: 74490a7b-ca35-401d-85ba-3121b44b18a8
.360yield.com/	1970-01-20 04:14:53	Name: tuuid_lu Value: 1649117403
ads.stickyadstv.com/	1970-01-20 02:48:29	Name: UID Value: 3d5ba080e14a2d774a97d0c0299b4d7
ads.stickyadstv.com/	1970-01-20 02:48:29	Name: uid-bp-11554 Value: k-WG1jLyo1mngj4RMN6xmJTjooh3J1zIiJ7LeyQA
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: bd1c77f1822ea9a46c999f81fbef1fc
.360yield.com/	1970-01-20 04:14:53	Name: um Value: !38,uxXtimDShuo2wfB5tQpGtwgSd-LwXw8szwXE1XPNPlwYZWach8R1ydSq5O5coHuAd.YbxUdO,1656893403
.360yield.com/	1970-01-20 04:14:53	Name: umeh Value: !38,0,1711325403,-1
.itcosmetics.com/	1970-01-20 02:05:17	Name: _px3 Value: f00051168faf8f92748902431a8baa1b3a408ac8ef25df8e6351a3a9fb15ee31:4schuRXxG1gScCmk2JpDg8w2B8qNqxd/NUOeW+baINrqWOSXb+Kb/002xwV9V7BdKFrXeEYWirmJZWnUioep8w==:1000:KINjv7jIYKQEIvb4Sw5y7i0cXmePdlYEbgNQQse5uyZj3wAQp5VL0Co6RohZKiw/cAFEw96w63mrmOOKuv2h2DRWDp92/akALZjLzYXl3xbfL04ZhpYbMu2ZCgPcAso48xv5w7hPiPxLtmXZF3RsVFMhb9H26GB0mCRXnvK3skFjDQ3QJLfoh9ErvOXur/gqThTRreg8njIEzxk4docQhQ==
.outbrain.com/	1970-01-20 04:14:53	Name: obuid Value: 49b60430-6b2a-473f-9e04-6ae62c6135b9
.outbrain.com/	1970-01-20 02:34:05	Name: criteo Value: k-vpXdjSo1mngj4RMN6xmJTjooh3LCHUcuJ9cvmg
.liadm.com/	1970-01-20 19:36:29	Name: lidid Value: 06cda599-5629-4538-9bac-7ac67a01053c
.postrelease.com/	1970-01-20 10:50:53	Name: opt_out Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/home.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o17qu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=5a5db612-ceca-4dc1-a210-9ddfb837fe07&tw_document_href=https%3A%2F%2Fwww.itcosmetics.com%2F&tpx_cb=twttr.conversion.loadPixels Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://www.itcosmetics.com/ Message: The resource https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1649078725970/dist/css/home.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7290682.collect.igodigital.com
8563001.fls.doubleclick.net
accdn.lpsnmedia.net
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.attn.tv
cdn.cookielaw.org
cdn.cquotient.com
cdn.evgnet.com
cdn.stickyadstv.com
cdn0.forter.com
cdn9.forter.com
cm.g.doubleclick.net
collector-px9gxgqy6v.px-cloud.net
connect.facebook.net
consent.linksynergy.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
cw.addthis.com
d.agkn.com
d.turn.com
d22xmn10vbouk4.cloudfront.net
dis.criteo.com
eb2.3lift.com
edd8a9329ddd.cdn4.forter.com
f0a7d0d85eb04ef688c8398c668aa093-edd8a9329ddd.cdn.forter.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
jadserve.postrelease.com
k.clarity.ms
links.shoprunner.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
match.sharethrough.com
mug.criteo.com
nova.collect.igodigital.com
p.cquotient.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.shoprunner.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.pinimg.com
sc-static.net
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static-assets.dev.fs.liveperson.com
static.ads-twitter.com
static.criteo.net
static.ordergroove.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
tag.rmp.rakuten.com
tr.snapchat.com
trends.revcontent.com
ups.analytics.yahoo.com
va.v.liveperson.net
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.itcosmetics.com
x.bidswitch.net
www.itcosmetics.com
104.16.109.64
104.244.42.3
104.244.42.69
104.75.88.126
13.248.245.213
141.226.228.48
142.250.185.230
143.204.202.245
143.204.215.79
151.101.12.157
151.101.128.114
151.101.128.84
172.217.23.98
178.249.97.23
178.249.97.98
178.249.97.99
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
185.33.220.240
185.64.190.80
185.86.139.115
20.96.88.162
2001:4de0:ac19::1:b:2a
2001:678:cb4:bbbb::13
208.89.12.87
212.82.100.181
216.58.212.130
23.35.228.23
23.35.229.117
23.35.236.247
23.35.237.56
23.75.227.253
2600:1f18:444a:4602:53e2:11db:de26:cbeb
2600:1f18:612b:4232:aad:149d:18a2:a241
2600:9000:2057:b800:f:8240:f400:93a1
2600:9000:2057:c200:1b:5138:8a40:93a1
2600:9000:206f:bc00:1c:9484:cec0:93a1
2606:4700:10::6814:b844
2606:4700::6810:9440
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2008
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:3500:883::1931
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.120.51.47
3.124.150.38
3.91.119.106
34.102.147.248
34.225.4.19
34.225.5.197
34.234.56.81
34.247.75.25
34.247.9.63
34.251.6.15
34.98.67.3
35.157.19.73
35.186.220.184
35.186.226.184
35.244.174.68
52.142.114.2
52.48.97.146
54.158.164.13
54.193.236.21
54.225.98.71
65.9.58.82
65.9.66.38
65.9.67.160
69.173.144.138
70.42.32.255
74.119.119.150
99.86.7.55
01302898265a3f25095fb18861716135ba275f6e74d5d097895dc8d042c10373
04d92c9165bae86e37ae809ddd76585ae6141e996b058961d633a73a32f45003
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0875f10a74ba180b53c913193ed6c693615165d075cff1d0ac34f6fd8d996afe
08c94d790fe90cfdf7477fb45dcc6bd5de696e05f6082350be1ffc5e7a585ed4
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3
0bba99db794ae2e4b6991bc14e7817911442ca2b704094b9628f42b04fe3821d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e5860b510e19d68bfc3a00c0f27e1a5f7a0d010945a446ec49e4f5d122b27f5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
14f28f098b13d5c561ff37cd01a2231a36a3bfd5660920bfd09af979b7642e37
1d4130b592def85d7a3db4285b77356f68b6a583c7209102218272dbaa60c8ea
1d9311a43ba92d1df8766db6cc31380e8d179236ed147cdcdd7da60d68d8f519
1fbf664048773d5aded07048cfed357a36d7a85062d9d9dd876796260c84d49f
218cd4d2bbb5f773e738465cb9b9ea9878ae655f436e8bc8fd20724f0a20f5ac
2364a95d77ab31c40fe7a2757c41b16f6c9d3337f1132aabe89b41f045d4d453
23fdf36b4c6bde7e289968a1fb016dc992e3f8081e7f8413cdacaa63545cf329
251418d4290ae75b77edbbca52c861ca8c7dea4e531db638d187665af234cd81
25aace6be3ef9155a63f5a9af4d6aa86ade16708b9ee4539af5e390e59c120b2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad8df0436390cc4a60f3d7cffb9022a4f7689478cac55850b003cb54090ed6a
2d3307674934db2f5e3e9d404d8b32e50ac5c99b19a6c35c9dbe5d90e1fcd52a
2ec7090bba22eaf005e25da30d9218daeda66f43c6d2ae7cc153b0414e088e71
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33bd76abc984c67d4af1dd349ec65e1add051fc9d09ec49f95d52c9ca0d0cd36
34e662ab847606fb0f885ede4eb80356ca25b4a30d4c56bffa828208ed70e313
3586aa005f54087f3afbca669de5f31cbc25cda604edac5f8352ba9b4a992f23
36ddfc7c163109e5e5c84661f91197aa05cca07b518f7db85ee4a5001f2c934e
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
384d76d1970a08cd21b520c4c25fd72527af3719956e3a404008a9a1897e577d
3c7f52eafdb5cb908afba33c7575c82636a048027e08d5ddb571c876847117a9
3d7b75f6f78156db8c265b88597ad81355fdfe70889489408629ec69fa08b8f9
41c3af1cd4d96637f3736f916aecb1af8459af576962493416a603499c4b38c5
421a9c1c8873c5818cd4544ba5aa86405025c78dca4c098de0f3ec353fc1797d
421e940d6f97605b150e72573232b2a2a00b812de0cb880fc82d681cc0027b66
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43d9441544442b30f30b3f557b3700eeb64fa1e901c18ee4db73652e96d05dae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4424653e82d309475c87cf68305f4804a9dd747463a032c8f601eb4d861bf58c
44a2184e8ce661103c1ea81ae177f31a15cd1eae072220fca8dc97b1cceb655a
4511892ecdaa2a08bfc5933e7d31f3bdeee5f706c462cb717c802718908a670c
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
47b47ca60ddbc5abdf09c1d1da41a8f7ac9d28cc817f9fe6b04ed0e2cfbdcd15
4a3d184f388b5e038a9db8d6914baa99f8e470f48642de8cd717d5f1c2f1f3b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4df3958623f4c91afcfb62487eb3526b84dc975fc240799d2aca4319ba3884b9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1eb70411369ef7e586d07d841a48bc44a919728989995590c383b522fc337d
50a0791ba7e34ad50b490ffed3ab02f570f31921e682e8f2366b8b109a38191d
52e1ff92bdeb6550c662a97be78315216c99f3aab07d89a068d678f38761ccfa
5353e423e58b50962094e71cfb5803495fa553fb96698ba59da3e5a204ae3688
538bb93b0eb0894e32b05736f4b5eab246053c7a5d243b2ad81dd67cb7a223f9
54890caa7a07911ad1c1beacf4c3adab0597a0f09d0d0a67e53d89e3a87e38d0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f9320ae52581c40073cbe287644facd336195fc80494eef6faeddd1a82358c
560bdae66c629f209e1755492369ac978b64353017c09b7599d8ed3e05ac1be5
566d3181659f9ff6218ea23b58b641e65075f103c6d2d8518e31d13e3d220c1d
5671d0e64610d5000ebab457fe11658f386f7f02f8e86633034f13a8a7c8445f
584cf95ccb185ab6af0c33dc9e48fc76162c9083f2281fd88fcd8fac23e20c38
59cbd3091ab320d2910a214612699b1dbcbcad38f401e226059615f47c792914
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5c1dcafd8c90a4b155aaf52fea71061fc3ee3b2a6241bedde8b12058c8de2e84
5ce94674e8b0715ea5e6d6acb7277f5a2bd8b5d61ac1504a5bbe940d9392118e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603d86c3026caf81ac8e159b855009beac8b36fbb27c9b6f0583ae26ae6ca406
625b09fb66338f120e423ce8c17ef8572e1c8655567b0c200295d714bfb9a275
629baa0fc58ae514f04a691ac1659cebc319097d6f150578ad86f632450f1f27
642f20c90a991bb4c30728a63ddffc58369677075e2b9a29e34610730241af19
67b76d35723470b8f405bf2d38196c769c6a0b8bfc667377897e4153204520d6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784
6b84375fafdacc418d8606e175df1a182ea9b18f36c1fefedec903560e371f93
6f78136dadfd4df7f04c2abbd7bcfde6822ac4977d2673e411faac8bcb69cdf7
6fffca3a5a3c38ed21ebf708dc44394a9be6be09c405bbd15870fc9e0bc21768
724b3c596edc76bd98356280a5fc2d5c24f2acc021460a6996364fc7825b8b43
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7aca4c0994e6029eeba2b7f767cb6940de72b84ad28ddd980376d5b1d2820d34
7e8962b602b72508aae115275ae66bb27386de82938797390ffc4c3d871bcd5c
7fe29efd7383da42f2b9547d02bb177fb09df19f385245619ca7ff13933c4730
80d1c133638386dac87137e7f51a8379c40e35ec9c391cb47df1868d82ae91f0
812684448b17f7d65cec3c779e7b60fca2fde7ce4e8f4e6280f65c653742b830
81905ab5d4b62b8b5ac0ff3a2affe61d3ad2cdec6b8c22a98979174e6281f728
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83619d92ef63b4c0d204446b68e9818571ef144223b8f4f12da2aec096f52b29
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8464cb371f14f03619849e83e121ff86ea909fa3d70d7b3d504103de9fd26d7e
853fd46f752a4088b36ba57d311b5d342eb3dd58c9f5b2e9c85b5ccf5cd5b4bc
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa04a1f343a39a2cb3f748899533584c50d6401cb32316d237e15adc3f26623
8aa2b8ff00527037e9cfee77b53ded3bed1b94309d8730faf1af88ce705158a1
8b2a2ad0a15b6f420954051bb7652461d8e01318331d6c0e8da2fdca0cc2c999
8b31b9b4ba8e9b537b17a5fcb748eb3f4bf2959aabeccc28d7ced275eb39a33a
8f3cba294fade1e60aeab8e68ff44256bde9e9e083659aa12c198504fb2dbd87
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91c36bf98d339d57cf5023bee61f0603a27e31a5ca66360838fc5921987649a3
920b4e1617bd2f911018891ec268054cf1b7331a6ad7fbe7bfb867bfa4a52747
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93dacc32c27b2d2a3aab7da2a72c8ea6133d5afa1d4dbcafec50406151fb09d0
946eb51a4db615c248ff091064b7bd86cae9d3de2d63a215f6e497eee4c46409
95cebd767475084ae5280370bb860cf090bb45338eaccaa016c4fb2caef8887b
95ecad92f931a0bd0d6e0bc8a20bea34f0a720240b4de09dcd8c05d985cc3c1e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
999b1d4b787c1c5de2f125bbb30150cfb2f43af0f5b54bb280e280130f39cd9a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0ecdbd18e19fc74111f6d572eb7a9404d81bbdeb54fa987e0736d4deefd49e
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9c60ac099f500861265db26bff225f0ec3a922632477e757f874d0f473dc5c59
9cd9968b9b02a071109956be7f86ebcc3b4a4bed51a29607d994669194475e2c
9d7de3638dbd90289ecb117b6a55bd6cf357ccb31d65ee1ab368b606ed579427
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44d5085a4f56f01ef006708c2aae5c9b240ba6901f9067e81123af519fbb5b8
a5a021485be97fccf6138ff45fbc2bf87f899d80a6a07f4c91c280962fdf0043
aade51ce3310e6aa1794edbf6a2959858bb2d50aaa9b3c2f1f157a18ecfe71ac
ab7c20c44d76075631ecfbabe7e87d69f6c4fa8d6979f119873199eb9ead8b2d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af1869ba3287e71476150b6459c763ce1c0fd5133d280675a4f9bbe4e3b3a6e9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c3e7231e7580c5b172ec674379ff4c5a5596dff5b6d99dd40a3014e717eb59
b20cb94d01d0f40a92dcef9f248535fa9a883868ca63a2c202bf0153e302f50a
b21b672f6980e454c4628745e5f7f05c487b2426af17900bd4860ef7c920b3a1
b242bbc29252245094ea92ba6a38a8a6e7104ea44ddcd3bc4c11e42a156770ce
b5bce23dc5b59ae4f633c363ec506f1b65e28f24d93cab86fa15e71c3ab512b0
b6853b37e867ad14af63fc94bca0f6f4d3fc345a2548bc818e69514e42a2df5d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcddf190dd329bad7a6e15d3d37e4f330b43afd98252ab521d38c0f78cfe5ae0
bdd52fb1ded9675b946c8df5d399302e9d1412874e7460c937b76af094a5bb9e
c0db3afa73d9589b36ee4238e285ef43dea306eeb2636bcaac21c0d865705180
c10304d48a443b0b7641470ce372acdac098e31da070f916203aa34fe53e83a5
c34c526093687739082ac852391cd2328af8eececefb2caf0c5c262e57157da2
c420b139a1281cdb3054c54273f4c50997f2b6339af9abc1f0f797e6eda8be7b
c6877a849088f58489ff0aff569e070401e3caad3e531c7172a042e39be0bf29
c7a85e0022e00c6b10053d22ac2c9f08fc6c8791c95db90a04be0480a443c2f7
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc116f07dbddd9e2e6ad729f63035910362a473cde793142160650d55859bb0c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ca03f2bfcf39573dc36952509b449ecaedf8a0289db456ac706bbb2bd42526
d14d7e712e92e614471a8f018a30018e58b6d74312aa63793718379fda8a75ec
d1c4a8282f6863687db2a01887d4260ebe75c8783e8567519e32f5ffab9d9123
d2f055ae1ec6b439e3d9b0c8c6c6e15879cd2a3df0f0fd7345ec52f0043716e9
d6bb2036a25ad97d8966fdafe1c64a856f1bad51308db2c28649b965b36fdc57
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db55f9394f5a4e121f9b7274a79284d766c6cd7616271a3a7b8e7eec9c29ebe8
dcea81d3e67e2fdc5254f53683cfddbf565986e1532e98660794f6858f7d3bb6
de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6
ded5e6eb14d859a30a0287a6a1e59f6153db704f5e6b71dbd30e4fdf54982b10
e059cdfd60a772af4e607cc8d8a88321227f9eb8a6945d73a273a6bfbe29d77e
e2c02feef733ff76d50b3d4e6944bc5abaf7505dddcfa6aa587415a84987a435
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43150e0dc1d0f37150cc39694e4567bcec8c836a253bc2b3405c150da522d9e
e4eba6a90c31fa301fe16b9a439c0e1ac8766933184c4c6e64b3478bcdb28665
e5c975c7a466a3ee429a15eeeb434835d744a1c04ff1807b561c825474340248
e91f824107145826f59123a09a650a7974d274b31e7ba86027650ca7bb88c958
ebbee47148f4942aa1078266ae37a3aae111cfd48f84fdbe1d3f6d5069a2669a
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ee1af6e43cbc6c4d7b9af6ab9845d4566ed874b1c8334e22ff67fce09c17c363
ee8ae2a7eab617e111e52950595c11bcfad86a47872bd404b56eae6db4065104
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9a247531345eb9a909dcaa297dfabce1c186aeced4aaf5d1f1e2ec3b024b45
efa9739739f902a3f8aa0a5edff6d4a3096169a8b5b8eefb96971064d5eaeb34
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f2134a524ecf79823a078a106a9a6ff708b36de3992d506f75e2a2bdc7696e75
f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8
f756a8175fa7352a465802c0548025463527e6949f11c22182cf6e11c1231282
f756fd1a46b2ce5a2894377bc59b21831059950f3e15ad4a973e0ddf62b086b3
fa1e1359996788167a308a929f89dd71d0b721e0289fcaec203ce8fef5442e26
fd27f0acb1b18256ad27fc9484a63e05874eec2c433b0b2cdc1176b758097459
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

www.itcosmetics.com Open in urlscan Pro 104.16.109.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

90 %HTTPS

29 %IPv6

63 Domains

85 Subdomains

77 IPs

7 Countries

1725 kBTransfer

5547 kBSize

95 Cookies

9 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.itcosmetics.com Open in urlscan Pro
104.16.109.64 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

90 %
HTTPS

29 %
IPv6

63
Domains

85
Subdomains

77
IPs

7
Countries

1725 kB
Transfer

5547 kB
Size

95
Cookies

208 HTTP transactions
20 data transactions