www.buxomcosmetics.com Open in urlscan Pro
104.18.98.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mail.buxomcosmetics.com/?qs=0a10281c017d399e6107cdf9e17fb3a7c658a5a4902a4e39f4620e4ce787d7e1d580b9b7f278c95e87da060d9788...
Effective URL:
https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_...
Submission: On May 05 via api (May 5th 2022, 4:19:32 pm UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 31 domains to perform 144 HTTP transactions. The main IP is 104.18.98.106, located in and belongs to CLOUDFLARENET, US. The main domain is www.buxomcosmetics.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 26th 2022. Valid for: a year.

This is the only time www.buxomcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.240.96 13.111.240.96	22606 (EXACT-7) (EXACT-7)
1 40	104.18.98.106 104.18.98.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:215... 2600:9000:2156:9c00:d:274d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	65.9.67.160 65.9.67.160	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:a400:1c:58a3:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
8	18.66.248.58 18.66.248.58	16509 (AMAZON-02) (AMAZON-02)
12	13.110.88.196 13.110.88.196	14340 (SALESFORCE) (SALESFORCE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
4	2600:9000:224... 2600:9000:224a:7e00:18:4532:5280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.249.235.28 34.249.235.28	16509 (AMAZON-02) (AMAZON-02)
7	34.111.8.32 34.111.8.32	15169 (GOOGLE) (GOOGLE)
1	52.30.10.34 52.30.10.34	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:f8a... 2600:1f18:f8a:b700:8a9:2580:cf1a:56c4	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:88e::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:205... 2600:9000:2057:9c00:9:440c:e740:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	99.86.4.122 99.86.4.122	16509 (AMAZON-02) (AMAZON-02)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	104.104.52.49 104.104.52.49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	18.66.248.126 18.66.248.126	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:8200:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.242.54 18.66.242.54	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
5	18.233.149.191 18.233.149.191	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.110.37.84 13.110.37.84	14340 (SALESFORCE) (SALESFORCE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
3	3.211.42.17 3.211.42.17	14618 (AMAZON-AES) (AMAZON-AES)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:f8a... 2600:1f18:f8a:b701:3891:1a3:ba9d:7ea4	14618 (AMAZON-AES) (AMAZON-AES)
144	43

1 13.111.240.96 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.mail.buxomcosmetics.com

click.mail.buxomcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 104.18.98.106 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.buxomcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:9c00:d:274d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

apps.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-67-160.fra56.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:a400:1c:58a3:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics-static.ugc.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.248.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-58.dus51.r.cloudfront.net

network.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.110.88.196 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

shiseido.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:224a:7e00:18:4532:5280:93a1 (United States)

ASN16509 (AMAZON-02, US)

display.ugc.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.235.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-235-28.eu-west-1.compute.amazonaws.com

www.tryzens-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.10.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-10-34.eu-west-1.compute.amazonaws.com

p.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b700:8a9:2580:cf1a:56c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:88e::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9c00:9:440c:e740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-live.conductor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

6479448.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11741950.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net

t.a3cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

intljs.rmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.104.52.49 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-49.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-126.dus51.r.cloudfront.net

1xc5gazd.micpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8200:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-54.dus51.r.cloudfront.net

d2oh4tlt9mrke9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.233.149.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-149-191.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.37.84 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-phx3.la4-c2-ph2.salesforceliveagent.com

d.la4-c2-ph2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.211.42.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-42-17.compute-1.amazonaws.com

ws.sessioncam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:f8a:b701:3891:1a3:ba9d:7ea4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	buxomcosmetics.com 2 redirects click.mail.buxomcosmetics.com www.buxomcosmetics.com	823 KB
16	bazaarvoice.com apps.bazaarvoice.com — Cisco Umbrella Rank: 4022 analytics-static.ugc.bazaarvoice.com — Cisco Umbrella Rank: 4653 network.bazaarvoice.com — Cisco Umbrella Rank: 3926 display.ugc.bazaarvoice.com — Cisco Umbrella Rank: 5410	407 KB
12	salesforce.com shiseido.my.salesforce.com — Cisco Umbrella Rank: 658875	44 KB
8	doubleclick.net 3 redirects 6479448.fls.doubleclick.net 11741950.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	6 KB
8	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 8355 img.riskified.com — Cisco Umbrella Rank: 8395 c.riskified.com — Cisco Umbrella Rank: 4424	15 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 20 adservice.google.com — Cisco Umbrella Rank: 128	3 KB
5	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 3632 adservice.google.de — Cisco Umbrella Rank: 5351	2 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1219	70 KB
5	bouncex.net events.bouncex.net — Cisco Umbrella Rank: 3130	548 B
5	bounceexchange.com tag.bounceexchange.com — Cisco Umbrella Rank: 3811 assets.bounceexchange.com — Cisco Umbrella Rank: 3415 api.bounceexchange.com — Cisco Umbrella Rank: 3483	110 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 491	571 B
3	sessioncam.com ws.sessioncam.com — Cisco Umbrella Rank: 13239	7 KB
3	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 6420 consent.linksynergy.com — Cisco Umbrella Rank: 23317 tags.rd.linksynergy.com — Cisco Umbrella Rank: 5276	1 KB
3	micpn.com 1xc5gazd.micpn.com	17 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	33 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 999	1 KB
2	salesforceliveagent.com d.la4-c2-ph2.salesforceliveagent.com — Cisco Umbrella Rank: 28383	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	113 KB
2	conductor.com cdn-live.conductor.com — Cisco Umbrella Rank: 59825	5 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 987	19 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	155 KB
2	tryzens-analytics.com www.tryzens-analytics.com — Cisco Umbrella Rank: 215796	456 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	52 KB
2	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 6230 p.cquotient.com — Cisco Umbrella Rank: 6627	13 KB
1	cloudfront.net d2oh4tlt9mrke9.cloudfront.net	60 KB
1	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4544	375 B
1	rmtag.com intljs.rmtag.com — Cisco Umbrella Rank: 9413	13 KB
1	a3cloud.net t.a3cloud.net — Cisco Umbrella Rank: 5698
1	gstatic.com www.gstatic.com	144 KB
144	31

	Domain	Requested by
40	www.buxomcosmetics.com	1 redirects www.buxomcosmetics.com d2oh4tlt9mrke9.cloudfront.net
12	shiseido.my.salesforce.com	www.buxomcosmetics.com shiseido.my.salesforce.com
8	network.bazaarvoice.com	www.buxomcosmetics.com analytics-static.ugc.bazaarvoice.com
5	img.riskified.com
5	analytics.tiktok.com	www.buxomcosmetics.com analytics.tiktok.com
5	events.bouncex.net	www.buxomcosmetics.com
4	display.ugc.bazaarvoice.com	apps.bazaarvoice.com display.ugc.bazaarvoice.com
4	www.google.com	1 redirects www.buxomcosmetics.com
3	idsync.rlcdn.com	2 redirects d2oh4tlt9mrke9.cloudfront.net
3	ws.sessioncam.com	d2oh4tlt9mrke9.cloudfront.net
3	www.google.de	6479448.fls.doubleclick.net
3	1xc5gazd.micpn.com	www.buxomcosmetics.com
3	www.googleadservices.com	www.googletagmanager.com 6479448.fls.doubleclick.net www.googleadservices.com
3	6479448.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	apps.bazaarvoice.com	www.buxomcosmetics.com apps.bazaarvoice.com
2	c.riskified.com	beacon.riskified.com
2	adservice.google.de	1 redirects adservice.google.com
2	adservice.google.com	11741950.fls.doubleclick.net 6479448.fls.doubleclick.net
2	ct.pinterest.com	s.pinimg.com
2	d.la4-c2-ph2.salesforceliveagent.com	shiseido.my.salesforce.com
2	www.facebook.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	connect.facebook.net	www.buxomcosmetics.com connect.facebook.net
2	11741950.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cdn-live.conductor.com	www.buxomcosmetics.com cdn-live.conductor.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.buxomcosmetics.com
2	api.bounceexchange.com	assets.bounceexchange.com
2	www.tryzens-analytics.com	www.buxomcosmetics.com
2	assets.bounceexchange.com	tag.bounceexchange.com assets.bounceexchange.com
2	www.youtube.com	www.youtube.com
1	tags.rd.linksynergy.com
1	consent.linksynergy.com
1	ut.rd.linksynergy.com	intljs.rmtag.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d2oh4tlt9mrke9.cloudfront.net	www.buxomcosmetics.com
1	cdn.attn.tv	www.googletagmanager.com
1	intljs.rmtag.com	www.buxomcosmetics.com
1	t.a3cloud.net	www.buxomcosmetics.com
1	beacon.riskified.com	www.buxomcosmetics.com
1	p.cquotient.com	cdn.cquotient.com
1	www.gstatic.com	www.google.com
1	analytics-static.ugc.bazaarvoice.com	apps.bazaarvoice.com
1	cdn.cquotient.com	www.buxomcosmetics.com
1	tag.bounceexchange.com	www.buxomcosmetics.com
1	click.mail.buxomcosmetics.com	1 redirects
144	47

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
youtube.com
www.pinterest.com
www.tiktok.com
orveon.applytojob.com

Subject Issuer	Validity	Valid
*.buxomcosmetics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-27`	a year	crt.sh
*.bazaarvoice.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-19` - `2023-05-20`	a year	crt.sh
tag.bounceexchange.com R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.cquotient.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
analytics-static.ugc.bazaarvoice.com Amazon	`2021-11-22` - `2022-12-21`	a year	crt.sh
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2022-04-14` - `2022-07-13`	3 months	crt.sh
display-stg.bazaarvoice.com Amazon	`2022-03-15` - `2023-04-12`	a year	crt.sh
*.tryzens-analytics.com Go Daddy Secure Certificate Authority - G2	`2022-01-31` - `2023-03-04`	a year	crt.sh
*.wunderkind.co R3	`2022-04-15` - `2022-07-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.riskified.com Amazon	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
conductor.com Amazon	`2022-03-03` - `2023-04-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.a3cloud.net Amazon	`2022-04-19` - `2023-05-17`	a year	crt.sh
*.rmtag.com ZeroSSL RSA Domain Secure Site CA	`2022-02-14` - `2023-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-11` - `2022-05-12`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.micpn.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.attn.tv Amazon	`2022-04-04` - `2023-05-02`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
la4-c2-ph2.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-09` - `2022-08-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2022-03-11` - `2023-03-11`	a year	crt.sh
consent.linksynergy.com GTS CA 1D4	`2022-03-15` - `2022-06-13`	3 months	crt.sh
ws.sessioncam.com Amazon	`2022-03-04` - `2023-04-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Frame ID: FB69E62FC12C4F1685E0B58C687A99CB
Requests: 129 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 4AFB9BCD96C15D559B430AE80184D39E
Requests: 1 HTTP requests in this frame

Frame: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Frame ID: 1741DD25ECCA7B3272ADD59F25AB4DC8
Requests: 6 HTTP requests in this frame

Frame: https://6479448.fls.doubleclick.net/activityi;dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger
Frame ID: 8903DD308DD1740B638E85FA3ACB2959
Requests: 1 HTTP requests in this frame

Frame: https://11741950.fls.doubleclick.net/activityi;dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger
Frame ID: ED48C31556591367F7248E0EBB44E470
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger
Frame ID: FF936B99B31EE00BA1B91D4C17AEE23E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger
Frame ID: 2AAB25D41D3F75E70A58F00AA5C545CB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger
Frame ID: D927F0D898E3863497D5CD1108E2CE32
Requests: 1 HTTP requests in this frame

Frame: https://6479448.fls.doubleclick.net/ddm/fls/r/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger
Frame ID: 2800661D251BB4BFCC42355162B5E2C7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Account | Login | Create an Account | BUXOM Cosmetics Buxom LogoBuxom Logo

Page URL History Show full URLs

https://click.mail.buxomcosmetics.com/?qs=0a10281c017d399e6107cdf9e17fb3a7c658a5a4902a4e39f4620e4ce787d7e1d580b9b7... HTTP 302
https://www.buxomcosmetics.com/account?utm_source=Trigger&utm_medium=Email&utm_campaign=US_BXM_Trigger_Trig... HTTP 301
https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_1... Page URL

Detected technologies

Riskified (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<[^>]*beacon\.riskified\.com

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

144
Requests

99 %
HTTPS

47 %
IPv6

31
Domains

47
Subdomains

43
IPs

6
Countries

2140 kB
Transfer

8324 kB
Size

45
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/buxomcosmetics
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/buxomcosmetics
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/buxomcosmetics
Title: Twitter

Search URL Search Domain Scan URL

URL: https://youtube.com/buxomcosmetics
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/buxomcosmetics
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@buxomcosmetics
Title: TikTok

Search URL Search Domain Scan URL

URL: https://orveon.applytojob.com/apply/
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mail.buxomcosmetics.com/?qs=0a10281c017d399e6107cdf9e17fb3a7c658a5a4902a4e39f4620e4ce787d7e1d580b9b7f278c95e87da060d9788e1ea198c275064c44f1384acaf320ff908d4 HTTP 302
https://www.buxomcosmetics.com/account?utm_source=Trigger&utm_medium=Email&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&et_rid=T6bt3Ph HTTP 301
https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://6479448.fls.doubleclick.net/activityi;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger HTTP 302
https://6479448.fls.doubleclick.net/activityi;dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Request Chain 82

https://11741950.fls.doubleclick.net/activityi;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger HTTP 302
https://11741950.fls.doubleclick.net/activityi;dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Request Chain 119

https://idsync.rlcdn.com/458359.gif?partner_uid=6e2f2630-681f-440f-b662-c7a1d4fc9cae HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDZlMmYyNjMwLTY4MWYtNDQwZi1iNjYyLWM3YTFkNGZjOWNhZRAAGg0Ik_LPkwYSBQjoBxAAQgBKAA HTTP 307
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=b443e519e97562d0bb7818c0cd587f56943f2e2d3670bfb771ef73b552416ce46ac34734d8e453ee

Request Chain 128

https://adservice.google.de/ddm/fls/i/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger HTTP 302
https://6479448.fls.doubleclick.net/ddm/fls/r/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Request Chain 138

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6479448.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOn4zdrhyPcCFVLF1QodWXwJZw%3Bsrc%3D6479448%3Btype%3Dbuxom001%3Bcat%3Dbuxom101%3Bord%3D9002041840808%3Bgtm%3D2wg540%3Bauiddc%3D55126458.1651767570%3Bu1%3DMy%2520Account%2520%257C%2520Login%2520%257C%2520Create%2520an%2520Account%2520%257C%2520BUXOM%2520Cosmetics%3Bu2%3Dhttps%253A%252F%252Fwww.buxomcosmetics.com%252Fmy-account%252F%253Fet_rid%253DT6bt3Ph%2526mi_ecmp%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526mi_u%253DT6bt3Ph%2526utm_campaign%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526utm_content%25&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=FPlzYrXvA4uH1ga7jarADw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6479448.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOn4zdrhyPcCFVLF1QodWXwJZw%3Bsrc%3D6479448%3Btype%3Dbuxom001%3Bcat%3Dbuxom101%3Bord%3D9002041840808%3Bgtm%3D2wg540%3Bauiddc%3D55126458.1651767570%3Bu1%3DMy%2520Account%2520%257C%2520Login%2520%257C%2520Create%2520an%2520Account%2520%257C%2520BUXOM%2520Cosmetics%3Bu2%3Dhttps%253A%252F%252Fwww.buxomcosmetics.com%252Fmy-account%252F%253Fet_rid%253DT6bt3Ph%2526mi_ecmp%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526mi_u%253DT6bt3Ph%2526utm_campaign%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526utm_content%25&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=FPlzYrXvA4uH1ga7jarADw&cid=CAQSKQCNIrLMbQgaCddtH97swHisqpJfWtGFntMElXuNMBpRDfn4rNTsvm8R&random=447342917&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6479448.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOn4zdrhyPcCFVLF1QodWXwJZw%3Bsrc%3D6479448%3Btype%3Dbuxom001%3Bcat%3Dbuxom101%3Bord%3D9002041840808%3Bgtm%3D2wg540%3Bauiddc%3D55126458.1651767570%3Bu1%3DMy%2520Account%2520%257C%2520Login%2520%257C%2520Create%2520an%2520Account%2520%257C%2520BUXOM%2520Cosmetics%3Bu2%3Dhttps%253A%252F%252Fwww.buxomcosmetics.com%252Fmy-account%252F%253Fet_rid%253DT6bt3Ph%2526mi_ecmp%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526mi_u%253DT6bt3Ph%2526utm_campaign%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526utm_content%25&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=FPlzYrXvA4uH1ga7jarADw&cid=CAQSKQCNIrLMbQgaCddtH97swHisqpJfWtGFntMElXuNMBpRDfn4rNTsvm8R&random=447342917&resp=GooglemKTybQhCsO&ipr=y&prhg=0

144 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.buxomcosmetics.com/my-account/
Redirect Chain

https://click.mail.buxomcosmetics.com/?qs=0a10281c017d399e6107cdf9e17fb3a7c658a5a4902a4e39f4620e4ce787d7e1d580b9b7f278c95e87da060d9788e1ea198c275064c44f1384acaf320ff908d4
https://www.buxomcosmetics.com/account?utm_source=Trigger&utm_medium=Email&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthday...
https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_...

148 KB
32 KB

271ms
270ms

Document
text/html

104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00f9246541dda744494153ec3efdda9058121023aa9e1483e6fefca8ac13296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 706acc402ffb9bd7-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 05 May 2022 16:19:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
server: cloudflare
vary: accept-encoding
x-content-type-options: nosniff
x-dw-request-base-id: 6poWZw_5c2IBAAB_
x-frame-options: SAMEORIGIN

Redirect headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 706acc3c8ef89bd7-FRA
content-length: 0
date: Thu, 05 May 2022 16:19:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Dec 1994 16:00:00 GMT
location: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
pragma: no-cache
server: cloudflare
x-content-type-options: nosniff
x-dwsid-samesite: None

GET
H2 200 jquery-2.1.1.min.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/ 82 KB
29 KB 66ms
65ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/jquery-2.1.1.min.js

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591381
cross-origin-resource-policy: cross-origin
cf-ray: 706acc422d339bd7-FRA
x-dw-request-base-id: cmZaSaJ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:08 GMT

GET
H2 200 app.gtm.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/ 52 KB
10 KB 39ms
36ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/app.gtm.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa62956c63609f523c9298f0371d90ba1a1b1a5a1fd23a6338a99e49b74f77ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:59 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591399
cross-origin-resource-policy: cross-origin
cf-ray: 706acc422d359bd7-FRA
x-dw-request-base-id: 6prDtbZ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:26 GMT

GET
H2 200 Avenir-Black-optimized.woff2
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dw819eb2c1/fonts/ 8 KB
9 KB 66ms
63ms Font
font/woff2 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dw819eb2c1/fonts/Avenir-Black-optimized.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ef253d8e1c888d71e7139ed5958fa414886493f4528fda29fff41065717892

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93802
cross-origin-resource-policy: cross-origin
content-length: 8668
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591749
accept-ranges: bytes
cf-ray: 706acc422d3d9bd7-FRA
x-dw-request-base-id: FXMvxKqJcmIBAAB_
expires: Sat, 04 Jun 2022 16:15:16 GMT

GET
H2 200 Avenir-Book-optimized.woff2
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dw1da64f93/fonts/ 8 KB
8 KB 43ms
40ms Font
font/woff2 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dw1da64f93/fonts/Avenir-Book-optimized.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

596df2e9e2c81658a577260ad9658abab0fac53d07b445dbb090a79ba9ccb0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93802
cross-origin-resource-policy: cross-origin
content-length: 8604
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591504
accept-ranges: bytes
cf-ray: 706acc422d3f9bd7-FRA
x-dw-request-base-id: FXPYsbWIcmIBAAB_
expires: Sat, 04 Jun 2022 16:11:11 GMT

GET
H2 200 Avenir-Medium-optimized.woff2
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwcaea1cec/fonts/ 8 KB
9 KB 37ms
34ms Font
font/woff2 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwcaea1cec/fonts/Avenir-Medium-optimized.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962fa7587158284e616a6d8b823eccdcdf9348c5076f04335e1f7bc4d666a386

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93802
cross-origin-resource-policy: cross-origin
content-length: 8572
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591504
accept-ranges: bytes
cf-ray: 706acc422d419bd7-FRA
x-dw-request-base-id: LaBGJrWIcmIBAAB_
expires: Sat, 04 Jun 2022 16:11:11 GMT

GET
H2 200 jquery-ui.min.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/ui/ 6 KB
2 KB 40ms
37ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/ui/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648ed54f0830bb18e8f86d27b6f2c84f30fcf041889c9aad6bd606ce6f20d894

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591400
cross-origin-resource-policy: cross-origin
cf-ray: 706acc422d409bd7-FRA
x-dw-request-base-id: cmZISrZ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:27 GMT

GET
H2 200 app.min.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/ 2 MB
310 KB 65ms
63ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/app.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da83d1176c1cc931c1232a7fbf9729a466bcddd042673b6d8a80a754f74b74f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591504
cross-origin-resource-policy: cross-origin
cf-ray: 706acc422d429bd7-FRA
x-dw-request-base-id: 6pqRuR18c2IBAAB_
expires: Sat, 04 Jun 2022 16:11:11 GMT

GET
H2 200 style.min.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/ 501 KB
70 KB 45ms
43ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1871d05a2a44ccbb46379dc63ea091a86a342e8fd2ded760c7e5a689bfe85c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 31489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591470
cross-origin-resource-policy: cross-origin
cf-ray: 706acc422d439bd7-FRA
x-dw-request-base-id: 6po1uPx7c2IBAAB_
expires: Sat, 04 Jun 2022 16:10:37 GMT

GET
H2 200 style_desktop.min.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/ 76 KB
11 KB 42ms
40ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style_desktop.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f507d010d60238c9b6e254f16e62957fcfb970a677bbf3a5ce79326c960e95ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591408
cross-origin-resource-policy: cross-origin
cf-ray: 706acc422d449bd7-FRA
x-dw-request-base-id: cma2Sr57c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:35 GMT

GET
H2 200 bv.js Show response
apps.bazaarvoice.com/deployments/buxom/main_site/production/en_US/ 65 KB
21 KB 140ms
30ms Script
text/javascript 2600:9000:2156:9c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/deployments/buxom/main_site/production/en_US/bv.js
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50fb3608259f5e6dbf852d5aff0dcfca55a8504cfe22d4be86b207381143a4e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: rqi0XX1twHZ9QJ0piI90qx4eDhpT2e7y
content-encoding: gzip
etag: "6f4dad91c57af44227725e2d7c459e64"
age: 22
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 20711
last-modified: Fri, 11 Mar 2022 19:04:46 GMT
server: AmazonS3
date: Thu, 05 May 2022 16:19:27 GMT
content-type: text/javascript;charset=UTF-8
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Y7I4pdwKem40wpGq62uRS_7ruE_6TsHwZaAX38fpiZ2tDafoyDcYEw==

GET
H2 200 frontanalytics.min.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/ 10 KB
4 KB 40ms
39ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/frontanalytics.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ad1f32b67f73feec07d99767db03d5f5ec78548ddc67b34a39b56abc0d2519

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591380
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eebc9bd7-FRA
x-dw-request-base-id: 6pohtaJ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:07 GMT

GET
H2 200 owl.carousel.min.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/ 3 KB
1 KB 37ms
36ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/owl.carousel.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591337
cross-origin-resource-policy: cross-origin
cf-ray: 706acc422d459bd7-FRA
x-dw-request-base-id: cmZ_RXd7c2IBAAB_
expires: Sat, 04 Jun 2022 16:08:24 GMT

GET
H2 200 owl.carousel.min.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/ 43 KB
11 KB 49ms
49ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/owl.carousel.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591336
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eec19bd7-FRA
x-dw-request-base-id: cmaARXd7c2IBAAB_
expires: Sat, 04 Jun 2022 16:08:23 GMT

GET
H2 200 qas.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/ 3 KB
1 KB 600ms
599ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/qas.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79bd919cdda4ed82c4c4e28cf2f3f79a05aab9381a2d334800489127e2f6805e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2562287
cross-origin-resource-policy: cross-origin
cf-ray: 706acc424d8b9bd7-FRA
x-dw-request-base-id: 6prz7v-Ec2IBAAB_
expires: Sat, 04 Jun 2022 08:04:15 GMT

GET
H2 200 qas_manage_account.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/ 37 KB
6 KB 655ms
654ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/qas_manage_account.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6decdf0216b96841bc0690075dd3d2156509245682e367ae96b9bc69886b715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2562287
cross-origin-resource-policy: cross-origin
cf-ray: 706acc424d8d9bd7-FRA
x-dw-request-base-id: cmZOhP-Ec2IBAAB_
expires: Sat, 04 Jun 2022 08:04:15 GMT

GET
H2 200 style_tablet.min.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/ 55 KB
7 KB 35ms
35ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style_tablet.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e355d8e163aceefd69394f222e2834bba0145f8a8fc6a2f57f084a7a39958e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 31489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591409
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eec39bd7-FRA
x-dw-request-base-id: 6pootr57c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:36 GMT

GET
H2 200 style_mobile.min.css
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/ 57 KB
9 KB 46ms
45ms Stylesheet
text/css 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style_mobile.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20ba678a2579288643f5582a52919a34cbb77a30370dfd7f440eff4d24fb163

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591380
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eec59bd7-FRA
x-dw-request-base-id: cmZdSaJ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:07 GMT

GET
H2 200 i.js Show response
tag.bounceexchange.com/2880/ 16 KB
5 KB 93ms
23ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/2880/i.js
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 987638d637b95ed9aed0b695825b67045806aa0421e89a93cf6ed2c8bac862e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:17:38 GMT
content-encoding: gzip
server: istio-envoy
age: 109
etag: bed74e5c378607
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public,max-age=60
x-envoy-upstream-service-time: 0
x-region: us-central1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4448
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect

GET
H2 200 facebook.png
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwdfb846f4/images/ 6 KB
6 KB 584ms
583ms Image
image/png 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwdfb846f4/images/facebook.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe233dfb4729cbe81c58a356dbb2c9907ede5c968125b4aad283da5eac373405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2566118
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 706acc42eec89bd7-FRA
x-dw-request-base-id: cmbd0_aTc2IBAAB_
content-length: 6293
expires: Sat, 04 Jun 2022 09:08:06 GMT

GET
H2 200 google.png
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwc9b64eb2/images/ 6 KB
6 KB 622ms
621ms Image
image/png 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwc9b64eb2/images/google.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b219e21322eeb8f440cafa1b9dddbf907fd55c2281e3d25b5bd50dcb4f0883e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2566119
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 706acc42eeca9bd7-FRA
x-dw-request-base-id: cmbe0_aTc2IBAAB_
content-length: 6477
expires: Sat, 04 Jun 2022 09:08:07 GMT

GET
H2 200 vendor.min.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/ 501 KB
139 KB 34ms
32ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/vendor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

184a37c9cd8ba6830b37b9360b945bb207cb5e9b8b6b7fcd3979ff718f5bb7cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591400
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eece9bd7-FRA
x-dw-request-base-id: cmZMSrZ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:27 GMT

GET
H2 200 app-resources-windowurls.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/ 132 B
243 B 39ms
37ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/js/app-resources-windowurls.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343b1cb5920f37339190b22fa737f6c7a25e09b9d2d6b4db715724bad664848b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2591400
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eed09bd7-FRA
x-dw-request-base-id: 6prLtbd7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:27 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 85ms
32ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 05 May 2022 16:19:27 GMT

GET
H2 200 jquery.date-dropdowns.min.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/ 21 KB
5 KB 632ms
631ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery.date-dropdowns.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

149866a3d44cbf6a35f73010dd6490d2e620e30feec2457fe596612cf1057542

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2563187
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eed39bd7-FRA
x-dw-request-base-id: 6poKAYOIc2IBAAB_
expires: Sat, 04 Jun 2022 08:19:15 GMT

GET
H2 200 jquery.hammer.min.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/ 19 KB
7 KB 643ms
642ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/jquery.hammer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55ffe374e0804596013419ce6ffc150b104072d7d82e153bb31c1d3c17ce97d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 29 Apr 2022 15:45:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2562287
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eed89bd7-FRA
x-dw-request-base-id: 6pry7v-Ec2IBAAB_
expires: Sat, 04 Jun 2022 08:04:15 GMT

GET
H2 200 dwanalytics-22.2.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/internal/jscript/ 6 KB
3 KB 43ms
42ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/internal/jscript/dwanalytics-22.2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa85b802ec0dc2fbf7655b1b6a4e41f47dbc5d4774653a00ba258bf24954481e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 07:24:18 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591380
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eed99bd7-FRA
x-dw-request-base-id: 6poetaJ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:07 GMT

GET
H2 200 dwac-21.7.js Show response
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/internal/jscript/ 5 KB
2 KB 44ms
43ms Script
application/javascript 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/internal/jscript/dwac-21.7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36c44bc84b94a5ae0dd5fe6fc014df9fa5ad4c0e4ce2ef8d818f18853ab9b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 07:24:18 GMT
server: cloudflare
age: 31488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591380
cross-origin-resource-policy: cross-origin
cf-ray: 706acc42eeda9bd7-FRA
x-dw-request-base-id: 6poftaJ7c2IBAAB_
expires: Sat, 04 Jun 2022 16:09:07 GMT

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 36 KB
12 KB 90ms
24ms Script
application/javascript 65.9.67.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-67-160.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:30:46 GMT
content-encoding: gzip
etag: W/"4fdd1834cd022d3113e766921bac1ba4"
last-modified: Wed, 27 Oct 2021 16:27:15 GMT
server: AmazonS3
age: 2922
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: o1wdtqOLCPUFWUJQQJ4RYfUmMeCl4s-uoI01hVIyqJ9tQ3Mb1XOHTg==

GET
H2 200 api-0.8.0.js Show response
apps.bazaarvoice.com/apps/api/ 32 KB
10 KB 26ms
25ms Script
text/javascript 2600:9000:2156:9c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/apps/api/api-0.8.0.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c3669397a0d6ab57176fa267184cf71c62cac31cd57d6d26aa0f5cdd1797d19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:23:45 GMT
content-encoding: br
age: 6620143
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 9446
last-modified: Mon, 28 Jun 2021 05:46:14 GMT
server: AmazonS3
etag: "2a3c8257e39e8d832f9d916dfab964bf"
x-amz-version-id: Mjyam6ROxf61rZzf3IoVa2q9qmgyZxNz
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: qeJHvlO5jbNWsEch1u_zoNbFbOwLttkakn3c0CN1XeexWN93VkzjRg==

GET
H2 200 api-config.js Show response
apps.bazaarvoice.com/deployments/buxom/main_site/production/en_US/ 390 B
715 B 36ms
35ms Script
text/javascript 2600:9000:2156:9c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.bazaarvoice.com/deployments/buxom/main_site/production/en_US/api-config.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8800b7ce18efd7e2ba14cb23d93b7c5e4ff5c1afc35d8c15d5807896457315b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: E2BX.6tofq2gyP9V21nqy1j5SoBlPo6S
content-encoding: gzip
etag: "f682f41fccf692838cfb55ddd8e3d40b"
age: 51
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 273
last-modified: Fri, 11 Mar 2022 19:04:41 GMT
server: AmazonS3
date: Thu, 05 May 2022 16:19:28 GMT
content-type: text/javascript;charset=UTF-8
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: vGS2ewnWbbkFwj5U7hDpdDDtvEHJ9R0lek0UQruujWh517Clc607dA==

GET
H2 200 bv-analytics.js Show response
analytics-static.ugc.bazaarvoice.com/prod/static/latest/ 40 KB
13 KB 108ms
27ms Script
application/javascript 2600:9000:224a:a400:1c:58a3:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/latest/bv-analytics.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:a400:1c:58a3:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3536ab5389295054a599eb7f8a48e8dc85553bbb6d6a6cd1349cbb4220e28fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: M8HmklkjetXqJAmLm4NaJK_eM5JZ5dw_
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 05:57:23 GMT
server: AmazonS3
age: 82846
etag: "064a953e51437dd446d47d0d5f706523"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Wed, 04 May 2022 17:18:43 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 12869
x-amz-cf-id: LxymcYDColKpoU-_TSzXfRpo42hkNUohvl44gru2qYSefOzOqeukOw==

GET
H2 200 sid.gif
network.bazaarvoice.com/ 43 B
631 B 187ms
121ms Image
image/gif 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network.bazaarvoice.com/sid.gif?_=24kc4d
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
x-amz-cf-id: URicFxZb1NqsRVUhIjZeB9Ei1YDi1kdWpPypZzboB-r0RUwEe55N_w==
expires: -1

GET
H2 200 id.json Show response
network.bazaarvoice.com/ 55 B
341 B 303ms
303ms Script
application/javascript 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://network.bazaarvoice.com/id.json?_=vz6ac9&callback=_bvajsonp1
Requested by: Host: analytics-static.ugc.bazaarvoice.com
URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/latest/bv-analytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c3412bd2ed5730cc10799097f7bbfb2cdecab14d8f831fe6597185628e6fb645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache, no-transform
content-length: 55
x-amz-cf-id: j7HhLa_Mcpoup7hxEH41qiPEHuoun7s0KZR_AUUz6kbt7x4h2vT_5A==

GET
DATA 200
OK truncated
/ 308 B
308 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccba3b196f5164dcc304ab53879a6589888241ee6eab98dfcda103e351c72028

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 Avenir-Book-all.woff2
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwb33a6f85/fonts/ 41 KB
42 KB 84ms
84ms Font
font/woff2 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwb33a6f85/fonts/Avenir-Book-all.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ded8f427c8d4eaaf3d7ad53f6e0218e407cf5ac5ef6282a45fe2781b6ff231b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93802
cross-origin-resource-policy: cross-origin
content-length: 42344
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591389
accept-ranges: bytes
cf-ray: 706acc465f149bd7-FRA
x-dw-request-base-id: LaC4HEOIcmIBAAB_
expires: Sat, 04 Jun 2022 16:09:17 GMT

GET
H2 200 cart.svg
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/ 626 B
652 B 60ms
60ms Image
image/svg+xml 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/cart.svg

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11975cb0f653254a69cccd295f68946ea6b6567dd96da9795e002bb324ff9977

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 23410
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2583301
cross-origin-resource-policy: cross-origin
cf-ray: 706acc466f429bd7-FRA
x-dw-request-base-id: cmZtSaN7c2IBAAB_
expires: Sat, 04 Jun 2022 13:54:29 GMT

GET
H2 200 Avenir-Black-all.woff2
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwadfcf34a/fonts/ 25 KB
25 KB 46ms
46ms Font
font/woff2 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwadfcf34a/fonts/Avenir-Black-all.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963fb677d2c39f39135acd5a996e631a9faaf9383a1eed54ee85c2f48151213c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93802
cross-origin-resource-policy: cross-origin
content-length: 25400
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591505
accept-ranges: bytes
cf-ray: 706acc467f4a9bd7-FRA
x-dw-request-base-id: FXMesreIcmIBAAB_
expires: Sat, 04 Jun 2022 16:11:13 GMT

GET
H2 200 Avenir-Medium-all.woff2
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwb92c51f4/fonts/ 39 KB
39 KB 48ms
48ms Font
font/woff2 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwb92c51f4/fonts/Avenir-Medium-all.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0946d732e34a1aef3f5d1b8eefa1df1996fc755850625618116765beb89a6829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 93800
cross-origin-resource-policy: cross-origin
content-length: 39744
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2591408
accept-ranges: bytes
cf-ray: 706acc467f4b9bd7-FRA
x-dw-request-base-id: FXMpqleIcmIBAAB_
expires: Sat, 04 Jun 2022 16:09:36 GMT

GET
H/1.1 200
OK esw.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/ 30 KB
9 KB 1423ms
159ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

bd770dbc583abfb9295abbdefbab9a3819d6e6a080acc585b1178fd38efee213

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:29 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 00:02:58 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:29 GMT

GET
H2 200 insta-icon.svg
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/ 3 KB
1 KB 41ms
40ms Image
image/svg+xml 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/insta-icon.svg

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a973ec89e1f6cbe237244f764643d3672d74c885ece3abb275a93db0a7c4098

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 23397
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2583309
cross-origin-resource-policy: cross-origin
cf-ray: 706acc46afcc9bd7-FRA
x-dw-request-base-id: cmZhSrh7c2IBAAB_
expires: Sat, 04 Jun 2022 13:54:37 GMT

GET
H2 200 facebook-icon.svg
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/ 809 B
687 B 40ms
39ms Image
image/svg+xml 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/facebook-icon.svg

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a279ccabda2ea4715897639c3ed84f1dd8692bd9539f4b69dcf7611e45de8a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 23399
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2583311
cross-origin-resource-policy: cross-origin
cf-ray: 706acc46afd29bd7-FRA
x-dw-request-base-id: cmZsSrh7c2IBAAB_
expires: Sat, 04 Jun 2022 13:54:39 GMT

GET
H2 200 twitter-icon.svg
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/ 1 KB
950 B 48ms
47ms Image
image/svg+xml 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/twitter-icon.svg

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

500735e619a532911632379133951138a839d0b90fe5bad336730ffb9e168462

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:59 GMT
server: cloudflare
age: 23398
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2583310
cross-origin-resource-policy: cross-origin
cf-ray: 706acc46afd69bd7-FRA
x-dw-request-base-id: 6prftbh7c2IBAAB_
expires: Sat, 04 Jun 2022 13:54:38 GMT

GET
H2 200 youtube-icon.svg
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/ 4 KB
2 KB 56ms
55ms Image
image/svg+xml 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/youtube-icon.svg

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83658093e2e0c893b2eb966dbf4e0299043616c00eac3b4a032722212439a484

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:59 GMT
server: cloudflare
age: 23397
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2583310
cross-origin-resource-policy: cross-origin
cf-ray: 706acc46afdc9bd7-FRA
x-dw-request-base-id: cmZ5Srh7c2IBAAB_
expires: Sat, 04 Jun 2022 13:54:38 GMT

GET
H2 200 pinterest-icon.svg
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/ 2 KB
1012 B 47ms
46ms Image
image/svg+xml 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/pinterest-icon.svg

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d35748680b9ec1bd882109f5f6cce84912bf3344288e5a33ac8cbabadb52d9ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
age: 23395
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2583344
cross-origin-resource-policy: cross-origin
cf-ray: 706acc46afe19bd7-FRA
x-dw-request-base-id: cmYGTNx7c2IBAAB_
expires: Sat, 04 Jun 2022 13:55:12 GMT

GET
H2 200 tiktok-round.svg
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/ 516 B
418 B 54ms
54ms Image
image/svg+xml 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/images/svg/tiktok-round.svg

Requested by

Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb8aa933c13c594a0753ffd5a948224cc4da9c30a6d7f79900529a7dbe65b76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 15:44:59 GMT
server: cloudflare
age: 23396
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2583309
cross-origin-resource-policy: cross-origin
cf-ray: 706acc46afe49bd7-FRA
x-dw-request-base-id: cmZ_Srl7c2IBAAB_
expires: Sat, 04 Jun 2022 13:54:37 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 364 KB
144 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buxomcosmetics.com/
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147136
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 16:11:34 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 92ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api?enablejsapi=1

Requested by

Host:
URL: webpack:///../cartridges/corp_core/cartridge/js/videoplayer.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92e81b169619fdcbe081a5bed25ccc81ef5c6dfec096fa902f6327357b1fac34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 05 May 2022 16:19:28 GMT

GET
H2 200 br-ijs_all_modules_f9b88856c4b7532b211ae4b84bbb9ab9.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 540 KB
102 KB 118ms
25ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_f9b88856c4b7532b211ae4b84bbb9ab9.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/2880/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51c2a5bef605b22f6930332d4adb9ab68b0f821387e614c952e06bdf9ae9d3fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:06:13 GMT
content-encoding: br
age: 76395
x-guploader-uploadid: ADPycdt5n2FPeuWb9OSWuce6s2TkKMDewcHsSBh6Zw8S_FQAeg1CIgstmoK9Ute7kHu4Ts8wzB937DurS6GLTBYij5UBMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103842
last-modified: Wed, 04 May 2022 19:06:02 GMT
server: UploadServer
etag: "b6fc5972640de4cbc44edbbdc38dcaaa"
x-goog-hash: crc32c=dZv+fA==, md5=tvxZcmQN5MvETtu9w43Kqg==
x-goog-generation: 1651691162714178
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 103842
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 04 May 2023 19:06:13 GMT

GET
H2 200 bvapi.js Show response
display.ugc.bazaarvoice.com/static/buxom/main_site/en_US/ 32 KB
10 KB 99ms
26ms Script
application/javascript 2600:9000:224a:7e00:18:4532:5280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ugc.bazaarvoice.com/static/buxom/main_site/en_US/bvapi.js
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7e00:18:4532:5280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a893f9e21dea896b616de3d6b09835f9f93b1dbb5c41dfe98b6a02a01d6a2ade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: jtMl3gdmeJZOKbhgpjPiLWoGZS2A0CSA
content-encoding: gzip
etag: "e5baf799c04cf219d6fc0b1118479832"
age: 3146
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 9990
last-modified: Fri, 11 Mar 2022 19:05:27 GMT
server: AmazonS3
date: Thu, 05 May 2022 16:06:43 GMT
content-type: application/javascript; charset=UTF-8
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=3600
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: P4WBqE-aThBMHL7_e4WOqmJk9nE32T2m5YECjwFrnqsjU-EdXT8LUA==

POST
H/1.1 202
Accepted gelf Show response
www.tryzens-analytics.com/ 0
228 B 366ms
46ms XHR
text/plain 34.249.235.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tryzens-analytics.com:12280/gelf
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/jquery-2.1.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.235.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-235-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.buxomcosmetics.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Content-Type
Content-Length: 0

GET
H2 200 st.gif
network.bazaarvoice.com/ 43 B
384 B 120ms
120ms Image
image/gif 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network.bazaarvoice.com/st.gif?loadId=5c9efbd0a51f3b16&BVBRANDID=43703cf5-ba50-4c36-897b-258c8ef08da5&BVBRANDSID=def74cee-76e3-4a35-abd9-f7d607c3b9ac&tz=0&sourceVersion=3.15.3&magpieJsVersion=3.15.3&source=bv-loader&environment=prod&client=buxom&dc=12982&host=www.buxomcosmetics.com&r_batch=!((bvProduct:bv-loader,bvProductVersion:%2713.7.0%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:%271.9000%27,endTime:%272162.0000%27,locale:en_US,name:timeToRunScout,startTime:%272160.1000%27,type:Performance))&_=vb4vez
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:28 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
x-amz-cf-id: DDAtS87ag1f8t9B3GIplYrovFK7wvNG1k-TVu1GA0FabO5xCQ31rgw==
expires: -1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/7e5c03a3/www-widgetapi.vflset/ 154 KB
50 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7e5c03a3/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api?enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51077
x-xss-protection: 0
last-modified: Tue, 03 May 2022 17:04:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 May 2023 14:27:20 GMT

GET
H2 200 jquery-bv%403.5.1%2Blodash-bv%404.17.19.js Show response
display.ugc.bazaarvoice.com/common/static-assets/3.3.3/ 159 KB
55 KB 30ms
29ms Script
application/javascript 2600:9000:224a:7e00:18:4532:5280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ugc.bazaarvoice.com/common/static-assets/3.3.3/jquery-bv%403.5.1%2Blodash-bv%404.17.19.js
Requested by: Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/buxom/main_site/en_US/bvapi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7e00:18:4532:5280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e77c571a4a2547f6a78feaf06d969bd97b4d0f7854a5dd006a041acef608638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 10:40:26 GMT
content-encoding: gzip
age: 797943
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 56299
last-modified: Tue, 15 Sep 2020 14:01:39 GMT
server: AmazonS3
etag: "4b03d0213db62efd060fe7f5aec6b2b0"
x-amz-version-id: XtX9cqnjFwQMowZ5CGL_3XaL27v0t6Kq
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: zB6B4n9C_mRwlPsLJPJTHpl2vKvcM6zvQuZGr9yCrNPBiZOfhMpHRA==

GET
H2 200 bv-primary.js Show response
display.ugc.bazaarvoice.com/static/buxom/main_site/286/12982/en_US/scripts/ 1 MB
242 KB 58ms
57ms Script
application/javascript 2600:9000:224a:7e00:18:4532:5280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ugc.bazaarvoice.com/static/buxom/main_site/286/12982/en_US/scripts/bv-primary.js
Requested by: Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/buxom/main_site/en_US/bvapi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7e00:18:4532:5280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca9b1d807d88b7adcc80c302d617a70b7dca4c40fb8ecfedc977b3b83b28bf76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 15:40:37 GMT
content-encoding: gzip
age: 175132
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 247476
last-modified: Fri, 11 Mar 2022 19:05:24 GMT
server: AmazonS3
etag: "f076470c1ad8acd2eff895cd8d57c17d"
x-amz-version-id: tpRTd9JONAuidrSTCeoApBA_TXHMvpJf
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: KygfxpgfGdsk_W4k7eXBGpWSg_Je9tF6gzORLb9ruMXYRmHwjm-piQ==

GET
H2 200 screen.css
display.ugc.bazaarvoice.com/static/buxom/main_site/286/12982/en_US/stylesheets/ 531 KB
51 KB 79ms
78ms Stylesheet
text/css 2600:9000:224a:7e00:18:4532:5280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ugc.bazaarvoice.com/static/buxom/main_site/286/12982/en_US/stylesheets/screen.css
Requested by: Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/buxom/main_site/en_US/bvapi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7e00:18:4532:5280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3601bad1b9510844dc381f61dee97f68fcf0b81829455bcab4f6f61a7920629b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 15:40:38 GMT
content-encoding: gzip
age: 175131
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 52198
last-modified: Fri, 11 Mar 2022 19:05:24 GMT
server: AmazonS3
etag: "c8daf9d7a7383c3d8c2190fcf8a091a2"
x-amz-version-id: zNCyBzKqtzukghxwA9bzLw5czZKUS1_H
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: text/css; charset=UTF-8
x-amz-cf-id: EDl-oBz0qH3kuoQF1kTaInJAfpVnsHiyty7bEgxW203s-Bk6IkbkOQ==

GET
H3 200 local_storage_frame16.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 4AFB 2 KB
1 KB 72ms
24ms Document
text/html 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_f9b88856c4b7532b211ae4b84bbb9ab9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer: https://www.buxomcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 1736388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1055
content-type: text/html; charset=UTF-8
date: Fri, 15 Apr 2022 13:59:40 GMT
etag: "5c6ea5db6511827306b7e758dba3d46d"
expires: Sat, 15 Apr 2023 13:59:40 GMT
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1649689737231429
x-goog-hash: crc32c=GR95uQ== md5=XG6l22URgnMGt+dY26PUbQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1055
x-guploader-uploadid: ADPycdvJ28lyCc0LxaeRd5AAv-ziZPCPi6VVUGplieUelX8ZxzlOiq8uC7TQCE9iceE5Web0A3ykwe7U_Q1eoEXWNGd0TaIkiIho

GET
H2 200 sid.gif
network.bazaarvoice.com/ 43 B
630 B 119ms
119ms Image
image/gif 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network.bazaarvoice.com/sid.gif?_=lcj462
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
x-amz-cf-id: yf0obShPjCeXt3gTcnRK0JU6nK-KOrHCDAm3fG09G_KETRWIi-hYkQ==
expires: -1

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 2 KB
2 KB 183ms
70ms Script
text/javascript 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1399&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBWfAdkLOMIA4AmfAZk2AC8QoAGTAdwFMARjlTA+AfVQATKHRo1uAJz44QAGzhoMBQp04APfHV2YlMPgqUKo2AIarVqBAHMxcBaqgALYMAAOOAFJGAEEAugAxMPCeGIA6ATg9EABbJBAcZL40JBxYtOSo5IBPAFobJDTEYCig8KyxBSkggBEAFUIBYEYABU8wwmTUMT4kZN8WgFUAZTEAIQANAFkxVsanJ3MVtY2FWdQFYE9JGyKAYRtfYDdxTjF8TkMGMVOAJWXWkDgkT3x+wdcWu1Oj0+nRCBpkmIkDYxjZUE4EJMZgt3ttNqt4Ts9gcjidzpdrmJbvdHvhnm8Vp9vr8wRCoRhRAhqoxmsk4QhUGyNjTwcBIZlJKg4AUWQBRNmoVT9OkqNxIPiAtEKTAAN1QwmA9JAAGtUHwoAEyLMwnRVOM6HQgqELd4-IE6MQQmFiBFnREYjx4okUmkMllUDk8ik3eFimUKp8mSHnYw6prGpIY20Ol1em6BkMRmMk9M5kstpj0UrsYdjmcLlclES7g8LWTXu8qT90-84EmganQS7eZDobD4YiHSzcyiC+si4XdvtS3iK4TibWng3KV9mw7aXz6Uy+FGh6z2ZybNz03SBUKCnvxXCpeue2JZQp5e2lSawqcTQpX06La+6O+LXwehfsERCkBQACcjC0JwAAsZCGs02AgDqeoGkaJoqsBhrGhaqggOOkgSIOlohDAdg4Aqf4mnwKqbHhBFEcBZGqBRb4mtCBxiAAjsARTAZwbEWjgcACIMPh8IRCA2GgtFMeRlH-qa+EbIRjgSJIO5oDAeqJj+pHyYJdAcdUenBMxrFkM0CGqjYCg4AA2vRKlEQAurA8k2XZ9k0XRykSa57ksXwnkOcZ3G8W53AqrZoW2Zq0XqHwkUhfZak4KASDam55nBdFXm+AoICSTCSWBRRKUFUVYgFQGpU5SlwmiSIojFTJdUeXlDmVaphG+JIvjZR1MX2d1ULSXwTggAoRTVf1g1BRVR58G4qhuba-hWgA9JtHpekkqTpJk2S5Pkm1huUlRMptKWHhsK3zeVnWpQIejVYVxWZG5ix8UYwQRlUFXvep3FwAG2pqnwPAPblw1hWkKGlXwMDhDQKoCPMfUTOEAByXEAOqivgNjzAAEgAWtQSD404KVOf5alSJpqDaRJ0MpdJSDqWzT3Gdzw04HY4giHwyR8-l71fJoCD3sLbnAAocAw+LRWS9VS3cxpMD2Y1YktWIUltRrSOOX5qnS4zTLMzpRta7zZXBfDuriKAIBiKotkbPbmACL4XCYFkvv2QARMZQcADQh+Nk3TeHQfdZLscUbZ3xBy5mCXHgSFjA4NjIOIMDu041gqp4NhQEAA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_f9b88856c4b7532b211ae4b84bbb9ab9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 941cf990f408eaf3f0857b9f18fcff562e13e9a3c42473c879c022e0821a4347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:29 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 16:19:29 GMT
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 31
content-type: text/javascript;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: 0

GET
H2 200 id.json Show response
network.bazaarvoice.com/ 55 B
342 B 303ms
303ms Script
application/javascript 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://network.bazaarvoice.com/id.json?_=o6t1yq&callback=_bvajsonp2
Requested by: Host: analytics-static.ugc.bazaarvoice.com
URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/latest/bv-analytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6fd677e98143e04fb57c24fec79027b93984a95c25988bf677a98010a57c185c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache, no-transform
content-length: 55
x-amz-cf-id: 9RbbtYz1CvZlyCiSzEkYEn6UtjodLTVBAJ9h7G4FrN0_zPAV1vJrrQ==

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
106 B 65ms
39ms Image
image/gif 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLppSRZGdQBOegL1STYAZRQAMxQkECd6V3dVADJQCBgkBFrkXqQcTvAoaAo+HjRTdARYJFIcNMhIU2FqFuMaejptugEDxhtYXWz4gjAcyBB4sEZzrL3aLIBPAFoUePPYbCftuVoCEgAH1Grx-gARMSqGyQOQABTSe1UWRAwISWVMkIAqlVgQoABp4YFiRpoDBIElkikKEBISBpXgoF7BFCmSDzBDA5jA-LUaiSYHBABKxLEBFg8TSlQ21BRaNgkOhsIRSNlqlgkCywPiKExKBAaEwOLxhLF1OQVMNNLpDKZLLZHN63N5zEk-MFIrFEqlMp2Gq1OoI2CwkEhWQNmBAEYwfrlmu1OV4IFgjw2cghAFEI2RkQngWAJUh4rkWlCLUgRt1oL1C6RNSBg7ocJJVMxmFWxrWCPXrsGXi2dB2umN4vBINlgA0QCgbJYwDhKC5tNRSARyQheMCeDRqPItvz6qRELuQruEMBLWuN1ud-z97ujyf79RQvzdfTgQBHSAvU9yA8dFPV9dw-EEp3rXI9wA3dWBfN9qB4AsJ0Sf9AKfKCz35UxMi3TA9UwmDDxQY9MJA7DcOBHCbkI9CSOfPdyOoMBYBsVEVk3YF8OuS80MfeiyIQnCCFvLdTF4LF7yI6gMOAoTKN1SAEDQAgkBeKiJL44jSLk3cZgweZSC06hllWYQiNoJwDgEI4TjOC4rhuO4HicV4Pi+CVfl2eDd2jWZDOM2SfP5EAbF0KjKPwnJjLwP8dGMDyfjDYLqGE0Tv1gG4IlABABECgTdPfBoQXOAgIhAWjz1qWgAA5gBsAlxOxWgRC-ThM0kFACR8AAtehVHiNq0EK1d1wwW9MG3XhQxAWoKvBKS6J0lKUEgeIpvy5bGIQsDNoYrDmJIrkoAQNNoKW-amLSyU+0m7pKv5SAkFgQS9Nwm6qNmPbMJcCFOxgUryoQRdl13YA+NB36DtqYBkvO1syhcVQXH64oDtABb4dURHkdRyR1Bq1tPCYlACDQuCENISTzt3Uy1n+A8dks2VaGs2zTiyc5LiBJz7myJ43M+b4vKZ-5ARBMElRhOFEWRVF0XiTETXxIkrQ3SlSWtZBaXpRlmVZdlORdPkBSFUUSR9aU5YVKWVVl9V811fVDWNdMIVxFXzS1jWKx1u19cdI2eRNz1zfFSUrYdwNzhDEWMxzKMYwQOMA0TTcUzTMtswNIyo+1Qt5hLJUKxGlB1nOimwdMcHFplBDMYffkG6YpBjJG+JYbQhHJCRlHVDRpiIAbgC3jr3c0HiVva-bA6zv3Sum5AYfAPoFwdGoDwaq3uQSgRlw5BG0hO9r7Ge9x-uDrSdaEyTDPs9zWvL+vrVb9TU6c67pc-vgZBZmwaAbCZCEMgHA6RMg5HaD-VAGB-6XiQBAYMLY3SFBKGUIokhIGIGgaGaAFhVq1FUlkHAKh+BCCkB2KBf8YDTVACWX8phgbTTABECcph2hjjABOHISBoBpDLjHOBSleA4A7BgAg0BhZPReOcaaOAsztDERIzyUiZEIDkHIzM2IFEIHEZItSUVgZxCQBGTALxtHiN6GgRsmAcAiAAJLmJrMpaxBicABEEMgaoKBTimMcfEKAA48AIHIAgRxpgLiQBIqonAJQ5DUHUH44M1xMChmiZo9oWQRLAw7AIWw90l44GoFvYcoxrjCO7r3PGBMibtBoTRApq916b23rvbG+92j6QvBVAQBSMGIC-C9TAJYCkdniOEUM1wcicL1KYFsp9KmqBquoN07DxnYDZCAOBCCbGRLQHIWpXSSw4F4O0AuxZga5JsO0KhOAoFAA
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
104 B 64ms
38ms Image
image/gif 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdAEbIAeA9gLYDGnhbhFwxehJv271uATwC0IXv2QA7XPTI1hAfVQwAJmQAiAFQBsLXKQAK2ame4xtEXt2DGAqgGVtAIQAaALLaJnpgkKghYRG+MKi42PogMgDCIMC4aBDaAAzaAIw5+VRU+dopAErBJpzIvNj59o7ayMbmljZ2VGbIuNzavCBuIDBgKp4+AdXREJGhozFxCUmp6Zmo2XmFxaXlVSG19Y3dvf38ahBqxtwjKjA3kMc9fdpC+jDIUqRGAKI3MOh7KdtIRaqheBA2jNUAAyUCQWAIRC8ZCEXA8KAgPQgFjoCCETDEADsvmoVHQnHCEH02hg4xKZEoJQAZiB0IRIQyqCkydBZtoKVSaXSyYyyaz2ZyqNQeSVBvFtABHXAyUUUMk5UXcsny3DaTHoZBSsUlTVc2VUOkg9G8ADWaqZVAlHK1FuAqE4NJUQ2N6pZbJd5rJ7s92ndol9judxu1JUIyBYjnw1O03pEUEj4oDMbdHuFNOA+ncDL9TuzruDeYGIFwEDAnFQMjDRYdWclFZK8IgaEBJcdeAIJD9dFojHgrA4PH4gmEonEkmk8kUyiutA7loe3Ywrf97aDJRgLHYYar3qEO6ogVVVBy5CUtVX0tjVBD+aVyFEtsR8Av0fXuoGThOFtOALwgZkaAADigFh-ELDwaAAOUVAB1H58hAfwAAkAC0AFYzF4VCwHXQVIGFFRaX0S4RGZOBDD7NtAyfC0a14Kjf3LfcqF1Ti9xYslCDZbIYFrKRGN3ZiZUrT06hEThKMIUTMxKXBUCNddXzksNwBUst+OJIw4V079kSAkD8RgAAvCBMDMPCqBhbhPVsnIYXgCAWCU2sDEwKhIMgtzYG83z8ns-IiTMIkCIATnyAAWSCwrMGFqNgCFfLwokbyoUgzACyDSHiuL7KJUhjIROB4FCmEOUVI0VAy-RMHyGFeHQOA1BEIQ0SGYAWvCyLovy+KchS9rOtwdIYAzVAlIUzAprAcq0ojTB9FqsEIUwDyWBhXS1EwVFZiAA
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 user
events.bouncex.net/track.gif/ 42 B
174 B 63ms
37ms Image
image/gif 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/user?wklz=K4ZwpgTgXCD2wQMZgLxhABwLRgLYEMBLAGy0IBMAyfAczADsAXFAKxEtEinQzyOIooAKgDYARowDMABQAWlXLHKoADJQDuYMSEKMwggEwAOI2oBuhHY0EBGEQFYbAdhFP7IgJw2ALEbsjKZQtkQXsnAxUDSRETI0lvLwcnSUoMWjALMHVbSnAAR2AGEPIUA0pEAQZGa1x0RnxcDBQ7Rxc3GO87csqmfAxCM0gdWHoUepoUoMJkFCo4BBnNMSA
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 cmp
events.bouncex.net/track.gif/ 42 B
104 B 64ms
39ms Image
image/gif 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsArIQOzEWnEAcADACykBkokMCAFlhAMLhocfGBABSAEwNgeVihAATKPgasA7lABGEJLChJF+SXUasAbkl3IjJclRrEAnISZ0SxVssvADR0hTSkgDM9KbBTC5kFMGsuFgA5lCWUOqGRKzQAI4ArjC+6bHAADZIXMhoENh4RGSU1LR0TIRO7KVcWLhI5lAATrrg+NgJsd5IvviKmSA5vROaWqyJXPg50L1AA
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 __Analytics-Start
www.buxomcosmetics.com/on/demandware.store/Sites-BUXOM_US-Site/en_US/ 35 B
217 B 178ms
178ms Image
image/gif 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.store/Sites-BUXOM_US-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&res=1600x1200&cookie=1&ref=&title=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.3167887890259291&cmpn=&tz=US/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 706acc4b8b0d9bd7-FRA
x-dw-request-base-id: 6po7ZxH5c2IBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 st.gif
network.bazaarvoice.com/ 43 B
385 B 123ms
121ms Image
image/gif 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network.bazaarvoice.com/st.gif?loadId=5c9efbd0a51f3b16&BVBRANDID=43703cf5-ba50-4c36-897b-258c8ef08da5&BVBRANDSID=def74cee-76e3-4a35-abd9-f7d607c3b9ac&tz=0&sourceVersion=3.15.3&magpieJsVersion=3.15.3&source=firebird&client=buxom&dc=12982&host=www.buxomcosmetics.com&r_batch=!((bvProductVersion:%273.1.26%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:2877.300003051758,endTime:2877.300003051758,locale:en_US,name:bv-scout-start,startTime:0,type:Performance))&_=p74vu8
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
x-amz-cf-id: FuuqBBehsG_6AsIPELntF9Qvzv9mPHxupv2n5a8VwxjkaFKHVYf_gA==
expires: -1

GET
H2 200 st.gif
network.bazaarvoice.com/ 43 B
386 B 121ms
120ms Image
image/gif 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network.bazaarvoice.com/st.gif?loadId=5c9efbd0a51f3b16&BVBRANDID=43703cf5-ba50-4c36-897b-258c8ef08da5&BVBRANDSID=def74cee-76e3-4a35-abd9-f7d607c3b9ac&tz=0&sourceVersion=3.15.3&magpieJsVersion=3.15.3&source=firebird&client=buxom&dc=12982&host=www.buxomcosmetics.com&r_batch=!((bvProductVersion:%273.1.26%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:157.60000610351562,endTime:3034.9000091552734,locale:en_US,name:bv-primary-ready,startTime:2877.300003051758,type:Performance),(bvProductVersion:%273.1.26%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:6.399993896484375,endTime:3041.300003051758,locale:en_US,name:bv-primary-run,startTime:3034.9000091552734,type:Performance),(bvProductVersion:%273.1.26%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:108.19999694824219,endTime:3143.1000061035156,locale:en_US,name:bv-slow-path-ready,startTime:3034.9000091552734,type:Performance),(bvProductVersion:%273.1.26%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:265.8000030517578,endTime:3143.1000061035156,locale:en_US,name:bv-core-app,startTime:2877.300003051758,type:Performance))&_=j42uwz
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:29 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
x-amz-cf-id: 95SdhL73ZEHSaZ_IjxNQ2nYU2YoWWRKw310XOMS2vO1Z7fA03VYHng==
expires: -1

GET
H2 200 pebble Show response
p.cquotient.com/ 252 B
555 B 149ms
48ms Script
text/javascript 52.30.10.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.cquotient.com/pebble?tla=bbcg-BUXOM_US&activityType=viewPage&callback=CQuotient._act_callback0&cookieId=efF8vbXpdUFNqWE1aXHZ56cqWg&realm=BBCG&siteId=BUXOM_US&instanceType=prd&referrer=&currentLocation=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&ls=true&_=1651767568746&v=v2.34.2&fbPixelId=__UNKNOWN__&json=%7B%22cookieId%22%3A%22efF8vbXpdUFNqWE1aXHZ56cqWg%22%2C%22realm%22%3A%22BBCG%22%2C%22siteId%22%3A%22BUXOM_US%22%2C%22instanceType%22%3A%22prd%22%2C%22referrer%22%3A%22%22%2C%22currentLocation%22%3A%22https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger%22%2C%22ls%22%3Atrue%2C%22_%22%3A1651767568746%2C%22v%22%3A%22v2.34.2%22%2C%22fbPixelId%22%3A%22__UNKNOWN__%22%7D

Requested by

Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.10.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-10-34.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b0645cf2dc4784a2b7133df73a20c34cac6a85547babb99c99c081e1657ba14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:29 GMT
x-content-type-options: nosniff
etag: W/"fc-qTGrEJMFDboMqcn7yGUOs3T/fkY"
content-length: 252
strict-transport-security: max-age=15552000; includeSubdomains
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK common.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/utils/ 5 KB
3 KB 159ms
159ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:29 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:29 GMT

GET
H/1.1 200
OK esw.min.css
shiseido.my.salesforce.com/embeddedservice/5.0/ 9 KB
5 KB 161ms
160ms Stylesheet
text/css 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.css

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:30 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:30 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/client/ 20 KB
6 KB 321ms
159ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

978838ebb9190a3520eb9f10b8d97d50cf9bbb0a62819d5afc69180254751133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:30 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 19:09:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
81 KB 126ms
74ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5S6J97N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7f2a5bcc2f6322e9874f02dabb374e31846734ef8057a10d6115b2309e2cdac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82139
x-xss-protection: 0
expires: Thu, 05 May 2022 16:19:30 GMT

GET
H2 200 / Show response
beacon.riskified.com/ 46 KB
14 KB 768ms
207ms Script
application/javascript 2600:1f18:f8a:b700:8a9:2580:cf1a:56c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.riskified.com/?shop=buxomcosmetics.com&sid=Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws=
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:f8a:b700:8a9:2580:cf1a:56c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: ed674798917fc9b95dbdb7005f7f2acb1ed11649b76fd4e4f649db89da08c360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 16:19:30 GMT
access-control-request-method: *
server: istio-envoy
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
trace-id: eb5154493e38e4d3d16083e89f5301d2
content-encoding: gzip
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H2 200 st.gif
network.bazaarvoice.com/ 43 B
386 B 120ms
120ms Image
image/gif 18.66.248.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network.bazaarvoice.com/st.gif?loadId=5c9efbd0a51f3b16&BVBRANDID=43703cf5-ba50-4c36-897b-258c8ef08da5&BVBRANDSID=def74cee-76e3-4a35-abd9-f7d607c3b9ac&tz=0&sourceVersion=3.15.3&magpieJsVersion=3.15.3&source=firebird&client=buxom&dc=12982&host=www.buxomcosmetics.com&r_batch=!((bvProductVersion:%273.1.26%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:1661.6999969482422,endTime:4539,locale:en_US,name:bv-host-load,startTime:2877.300003051758,type:Performance))&_=5xgol0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-58.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:30 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
x-amz-cf-id: zpmpmmlIzl2_qT_Ddc0YvOPZtGZReaLGhSyTa1xkLZ8lUbY7xHZLVA==
expires: -1

GET
H/1.1 200
OK esw.html Show response
shiseido.my.salesforce.com/embeddedservice/5.0/ Frame 1741 194 B
949 B 157ms
157ms Document
text/html 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buxomcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Thu, 05 May 2022 16:19:30 GMT
Expires: Fri, 06 May 2022 16:19:30 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

POST
H/1.1 202
Accepted gelf Show response
www.tryzens-analytics.com/ 0
228 B 46ms
46ms XHR
text/plain 34.249.235.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tryzens-analytics.com:12280/gelf
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/en_US/v1651735412465/lib/jquery/jquery-2.1.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.235.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-235-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.buxomcosmetics.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Content-Type
Content-Length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 323ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S6J97N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2680
date: Thu, 05 May 2022 15:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 17:34:50 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
74 KB 88ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4Z8QHS&l=dataLayer

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49cde9cb077e5c3eb380ab964f8563375b4f2cd07f1d688fbfc12caf6872efae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75798
x-xss-protection: 0
last-modified: Thu, 05 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 May 2022 16:19:30 GMT

GET
H/1.1 200
OK eswFrame.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/ Frame 1741 5 KB
2 KB 160ms
159ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 Mar 2021 00:36:08 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:31 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 222ms
121ms Script
application/javascript 2a02:26f0:3500:88e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4Z8QHS&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 live.js Show response
cdn-live.conductor.com/v1.1/201722c0-dd97-4b90-b97e-0228c11b4621/ 10 KB
5 KB 83ms
23ms Script
text/javascript 2600:9000:2057:9c00:9:440c:e740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-live.conductor.com/v1.1/201722c0-dd97-4b90-b97e-0228c11b4621/live.js
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9c00:9:440c:e740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4998cb22d95ce00c4a214aa03b83347211c3c77bce91ebf50b9798303e637549

Request headers

Referer: https://www.buxomcosmetics.com/
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"05b53fc9fbf11dd1c7659fb6e83033db"
age: 83605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 1800
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 18:18:37 GMT
server: AmazonS3
date: Wed, 04 May 2022 17:06:07 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
cache-control: max-age=0, s-maxage=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 5muxUoL9NbHKaip7ZrdHcDaKxQuLv5T2yqSZOD1rfSIKcy8fAhgCNw==

GET
H3

200

activityi;dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Accoun... Show response
6479448.fls.doubleclick.net/ Frame 8903
Redirect Chain

https://6479448.fls.doubleclick.net/activityi;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Acco...
https://6479448.fls.doubleclick.net/activityi;dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%...

1 KB
584 B

80ms
34ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6479448.fls.doubleclick.net/activityi;dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4Z8QHS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

9bad803273c21032be4d0111294784fce79e6197d94f3b8fa32830e7429fd77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 559
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6479448.fls.doubleclick.net/activityi;dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 105ms
42ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4Z8QHS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 May 2022 16:19:31 GMT

GET
H3

200

activityi;dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3... Show response
11741950.fls.doubleclick.net/ Frame ED48
Redirect Chain

https://11741950.fls.doubleclick.net/activityi;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2...
https://11741950.fls.doubleclick.net/activityi;dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww...

752 B
535 B

79ms
35ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11741950.fls.doubleclick.net/activityi;dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4Z8QHS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

a556ca20bc5e934d95c85c4fdd4d2b783d4f5a419cf18f3e250d9ca07293b1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 510
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11741950.fls.doubleclick.net/activityi;dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden tag.js
t.a3cloud.net/AM-141452/ 0
0 111ms
23ms Script
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.a3cloud.net/AM-141452/tag.js?ns=am
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 114759.ct.js Show response
intljs.rmtag.com/ 37 KB
13 KB 308ms
249ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://intljs.rmtag.com/114759.ct.js
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: f6ef6ac3ba1337056cbce9059554e45529418bd5f4084891d99907ee7386eb5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 16:19:31 GMT
x-cache: miss
x-samesite: secure
via: 1.1 google
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 70ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: jRaWBXbCrOjLnspbKiO6Q2JwhKGjlEFu5+QZvq7/w/Awov5l0dQ2iULTyCQ7GxY1x7CZT3BNcV/69x/6l+AHXQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 05 May 2022 16:19:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 400ms
136ms Script
application/javascript 104.104.52.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C28NNQVMU8Q03RAID8GG&lib=ttq
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.49 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ec88e9506673eb2528a9f57aa4136624cc5481b2ab3db552bb8ec24120951c94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022050516193001011300703401C2EA5A
vary: Accept-Encoding
x-cache: TCP_MISS from a104-104-52-45.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,104.104.52.45
x-tt-trace-host: 01c98d95a4c89fa6573f148d054a5703b56378ab54108e4febe8e0d996413c9a449c4f86139e24116d4209594626292fb4e8683a14d75161558e046e5cb0fba3f8ec06aa36197168bfea851d135d0201ac2f1dbbb3ca1bb9df846b5a49e577f145
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=98
x-akamai-request-id: 39b777b5
expires: Thu, 05 May 2022 16:19:31 GMT

GET
H2 200 1.js Show response
1xc5gazd.micpn.com/p/js/ 45 KB
16 KB 106ms
30ms Script
text/javascript 18.66.248.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1xc5gazd.micpn.com/p/js/1.js
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-126.dus51.r.cloudfront.net
Software: /
Resource Hash: 0a8f5f2b28cfd21ddbe8c64ed73d75469a27e43e92a15704d75e2bb60ce26127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:13:38 GMT
content-encoding: gzip
age: 353
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: no-cache max-age=0
x-amz-cf-pop: DUS51-P1
timing-allow-origin: https://www.buxomcosmetics.com
x-amz-cf-id: u2Hn5ryVV6KQ_7sxxRbsbG88abYGeFRUTNktnK-JuyJzK5XYgEd7Gw==
x-uuid: 7880dbfa-99dd-45bc-9055-8115ef63ef58
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/buxom/ 0
375 B 92ms
23ms Script
text/javascript 2600:9000:206f:8200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/buxom/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4Z8QHS&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
age: 72366
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/javascript
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
date: Wed, 04 May 2022 21:58:48 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 5UOQ_urZIm2qRhgoS5fGEd7V9gRY62c6LWrKoVSQyvuHQj4PrAIfkw==

GET
H/1.1 200
OK sessioncam.recorder.js Show response
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 269 KB
60 KB 236ms
30ms Script
text/javascript 18.66.242.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by: Host: www.buxomcosmetics.com
URL: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-54.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f5a484012a39673c20adad65cb49047cda5bc883ffbaea439899707c83af3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 7DQOWH.amdxDpUWlY21SVaIgJjRzy61c
Content-Encoding: gzip
ETag: "88f25cac4c51e708e8ec7ed5d725070d"
Age: 6926
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 61240
Last-Modified: Fri, 25 Mar 2022 14:12:38 GMT
Server: AmazonS3
Date: Thu, 05 May 2022 14:24:06 GMT
Content-Type: text/javascript
Via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
Cache-Control: max-age=14400
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: vyAhm7Li59CwCFgnsgE9qw5YL6sNEsw7qr76LWbBvLbDSsgpyvij_Q==

GET
H2 200 __Analytics-Start
www.buxomcosmetics.com/on/demandware.store/Sites-BUXOM_US-Site/en_US/ 35 B
131 B 192ms
191ms Image
image/gif 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.store/Sites-BUXOM_US-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&res=1600x1200&cookie=1&ref=&title=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.2562261208459282&cmpn=&tz=US/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 706acc56cb359bd7-FRA
x-dw-request-base-id: 6ppeZxL5c2IBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 3 KB
1 KB 106ms
59ms Script
text/javascript 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1845&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBWfAdkLOLIAYAmfADk2AC8QobMB3AUwCMcqYLwD6qACZQ6jRlwBOvHCAA2cNBgKEaNAB746OzIpi95i+VGwBDFStQIA5qLjyVUABbBgABxwBSAGYAQX86ADEw8O4YgDp+OF0QAFskEBxk3jQkHFi05KjkgE8AWmskNMRgKKDwrNF5SSCAEQAVQn5gQIAFDzDCZNRRXiRknxaAVQBlUQAhAA0AWVFWxsdHMxW1jflZ1HlgDwlrIoBhax9gVzEaUXwaAwZRU4AlZdaQOCQPfH7Blxa7U6PT6dEI6mSoiQ1jG1lQjgQkxmC3e202q3hOz2ByOJ3Ol2uolu90e+GebxWn2+vzBEKhGBECGqgWayThCFQbI2NPBwEhmQkqDgBRZAFE2agVP06cpXEheIC0fJMAA3VBCYD0kAAa1QvCg-jIszCdBU4zodCCoQtXl8AToxBCYWIEWdERi3HiiRSaQyWVQOTyKTd4WKZQqnyZIedgTqmsaEhjbQ6XV6boGQxGYyT0zmSy2mPRSuxh2OZwuV0URLuDwtZNe7ypP3T-zgSaBqdBLt5kOhsPhiIdLNzKIL6yLhd2+1LeIrhOJtaeDcpX2bDtpfPpTN4UaHrPZnOs3PTdIFQoKe-FcKl657oll8nl7aVJrCpxN8lfTotr7o74tvC6F+wREKQFAAJyBIQjAACz4DBb4mjgvCOMB-jEMaxDNIazTYCAOp6gaRomiqaHERaKggOOEjiIOlohDAtjIYhAEqpslHUbRwGMSozF-ia0IHKIACOwBFMBNAsXQOBwPwgzeLwNEINYaBsWhFo8Xxlr8RRVEbDRDjiBIO5oDAeqJj+350JpCo-jpdCCdUlnWtZTG2ZaZDYfZMAqk59EgSQ5CUMQhDgVJaoWf5oFBVQoXwYwRCEFJ1ggBJUlmupdC2n4MbWi6kTrtEcQJEkqTpJk2S5PkIZhuUlS7vlMZxg0TR7h2IItpmozmo6zQjvmGLjvIY5YtOuLlgSVYLqS5KNquNLdq27Yph1t50n2PhwgiObIgNSojWYJbjfilY3DWM3Lh880npuaTbg1LIShyXK8AtG78op55Jleko3ZCD5Pm1L52f+dDWPa-mSfZKo+KRzk0qDkVWiaSP2Z+zm-tpoNIL5wHRRQsVhfZQhIyEgRSY4SDo1FOhSRekNSYKpMudQhh0FBsiMIEMHgaBZDkyDJoqLj8OBQTIVE6DHhIC4fJnsKP03lFUnS7LyTy5kEpK1avyeaq1jyDgADaHH6bRAC6sBufrhtG7wbHDabikW1bvG8DbxuOSJYmW1wKoG57Buav7ai8L7HtG4ZOCgEg2qWzZEc+PIIBKTCYeu8hifJzRScBunCf+7bMlycIIip6p+fW4XxtJynRmiD4Eg+PHVcB0btc0dCIiOCA8hFA3Tct27idHrwrgqJb2UBCEAD0M8el6pW+hVAZVSkM+1RGVQzxHh4bOPQ+Z9Xkf8LoDfZ6IymZJbiziYYwRb0yWd15IIlwAG2pqrw3CH+7x9e2kAi6deAwHCIwFU-B5iNwmOEAAcsJAA6qKfA1h5gAAkABaIUkCIMcBHJ2BkEBGRMqgMyilf4RxUjLSQFD-5B1oW3HAtgxDCF4MkBhtsO5fA0EQjU6dgDyDgH-NuXCUAN1HhQwBuoxCgBAKIFQBsNgZ3dvwHwnBMBZDUUbAARI5bRAAaXRKkUK9yKAY7RojgDmOQgbb42jzaYEuHgPCYx7DWGQGIGACjHBWBVB4aw6jYaSAIMYFQYkfD6g7ufPO+jNr7zcPogB+FpGxOztw9AvDWGhKvvqQuqBrD8BULwIAA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_f9b88856c4b7532b211ae4b84bbb9ab9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: a8e264977caf3ba6c288da7cb124018ef82fe310ebf13e458e4c5e5c86d2db33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 16:19:31 GMT
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 19
content-type: text/javascript;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
expires: 0

GET
H3 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
60 B 89ms
44ms Image
image/gif 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHyDBhAwA+miy8erAMwBBSQDMoYHCEm8AwpJAUQwEQKGjx6uYuWr1PLXwTASIgI4kAnqfl8ADFZs87DqjBCNT4ZDx5vUOtJcRFSCDgAa3dzFRCpaL5kYAhRLCR0sNTLKN9s3JFstDhCsz4lNJ9JHEI6RDQSEmERfJI0XRT6i0LMnnLjUWQYZEGeBpKMspzRBC6MCGAXSunZ+ZGyqCFCYDBZgAtO5BwingAxXluAd2eAOjpCAA9yOAgcRBA+nAcC8fogHogXABaKBwH6ELAkB5NPhoRCHEDHU6hOpzYbInhoOgfSrLHoFWYAWTcEVksIg8MRpUk4zEokchGqiQoaBAj12eKZtmoDh+EESPNmIAUtwAHBQ6AANKYAVVuADlHAB1ACiAEYoAqABIALQArAA2OBajD4wzdWJoGAgBFoBQ8mD8xqCnhQEhwVmehaaST+QP7ZrKEBiLpg7HhPb48aEOB9CBYOIdWrhEjAYKJ5bJhyoIRh9TsAAiADJQJBYAgUOhsPh8v9mFQaPRGNXwNB4EhUJhcHhXMgQMwWVUappixiTpp-CJReKQhokym0GmM11K4hcmPPJXHiA6DhM47mDwZTKD9zT30YMxdebTbr2Ob2BaAJy6gAsMqf5qVk63I1OeprsBEPDSOaV4ytIP7fs+7DSJWM7cry566pWqjss6oEPj+lZwGAPIIn0-ykP2j7Pq+77gZ4XhESRzokFAyD9Hop5pswrEYChwHVGOMDYfSwA1MwR50JW6IIswxB6EAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 77ms
32ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1889201156&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&dr=&dp=%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&dh=www.buxomcosmetics.com&ul=en-us&de=UTF-8&dt=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1999882045&gjid=925043553&cid=1624543304.1651767570&tid=UA-96697044-2&_gid=309987561.1651767570&_r=1&gtm=2wg5405S6J97N&cg2=English&cg3=My%20Account%20Login%20Page&cd1=non-member&cd2=regular&cd3=new&cd5=Light&cd33=(not%20set)&cd34=&cd38=(not%20set)&cd39=(not%20set)&z=1020629327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.buxomcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c69f02e0-ac00-5c89-b5b7-638fa3200ea1.json Show response
cdn-live.conductor.com/v1.1/201722c0-dd97-4b90-b97e-0228c11b4621/ 3 B
537 B 429ms
428ms XHR
application/json 2600:9000:2057:9c00:9:440c:e740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-live.conductor.com/v1.1/201722c0-dd97-4b90-b97e-0228c11b4621/c69f02e0-ac00-5c89-b5b7-638fa3200ea1.json
Requested by: Host: cdn-live.conductor.com
URL: https://cdn-live.conductor.com/v1.1/201722c0-dd97-4b90-b97e-0228c11b4621/live.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9c00:9:440c:e740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
etag: "8a80554c91d9fca8acb82f023de02f11"
age: 75322
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
access-control-max-age: 1800
content-length: 3
last-modified: Tue, 14 Sep 2021 13:54:17 GMT
server: AmazonS3
date: Wed, 04 May 2022 19:24:09 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: k-06QxLIyyDccNJszuMpIa_ZP6BaUUfAwq2a-1zh_knZFptLvWSiGQ==

GET
H3 200 1789997064572077 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 46ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1789997064572077?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e83647abd4297c9afd2ef1e493026447b4f56ab201d102c3ce07bd8796d53b6d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88850
x-xss-protection: 0
pragma: public
x-fb-debug: gm8Hv5pOUfBVfY3QT0cytoD5/I1N7Vck54Ok33mwsobVlyKGS3PZJ3nSQOaT82AzSJCeYeU5VJLabnmbM+2CYg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 05 May 2022 16:19:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/845230174/ 3 KB
2 KB 196ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845230174/?random=1651767570318&cv=9&fst=1651767570318&num=1&label=N78bCPfAw3QQ3uCEkwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&tiba=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958191b8a6a4757a7014d03cf2fa9465cd72978337ac233a45bb443d82124207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 186ms
30ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-96697044-2&cid=1624543304.1651767570&jid=1999882045&gjid=925043553&_gid=309987561.1651767570&_u=YEBAAEAAAAAAAC~&z=1613779520

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 May 2022 16:19:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.buxomcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/frame/ Frame 1741 2 KB
1 KB 157ms
156ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 18:51:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:31 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/frame/ Frame 1741 2 KB
1 KB 158ms
158ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:31 GMT

GET
H2 200 track.gif
1xc5gazd.micpn.com/p/cp/-1/ 42 B
739 B 123ms
122ms Image
image/gif 18.66.248.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1xc5gazd.micpn.com/p/cp/-1/track.gif?t=1651767570334&mi_u=T6bt3Ph&mi_cid=8882&page_title=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&event_type=pageview&cdate=1651767570332&ck=false&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&link=anon-1651767570332-3314563640
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-126.dus51.r.cloudfront.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: https://app.movableink.com
access-control-expose-headers: X-Error
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
content-length: 42
x-amz-cf-id: dTv4po4foj6mzZ6trh2yhBT5Ae_Jadf-wQD79U9AJ9rvCcl1t7S8nw==
x-uuid: d3e59965-3b78-4906-9bb2-829f0d3eb68d

GET
H2 200 track.gif
1xc5gazd.micpn.com/p/cp/-1/ 42 B
739 B 123ms
123ms Image
image/gif 18.66.248.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1xc5gazd.micpn.com/p/cp/-1/track.gif?t=1651767570335&mi_u=T6bt3Ph&mi_cid=8882&page_title=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&event_type=click&cdate=1651767570332&ck=host&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-126.dus51.r.cloudfront.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: https://app.movableink.com
access-control-expose-headers: X-Error
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
content-length: 42
x-amz-cf-id: egluTpRhmJMQFceRXX-fAXrG10r-RrYstcbVOt6JeunyRpQv4PWPYA==
x-uuid: 91563d25-d579-46f5-a3da-1a8eefeff449

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
161 B 550ms
105ms Image
image/gif 18.233.149.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16517675703750.27559429965514437&c=liy8gloxyz03qhtknl0cc2l2t7ri64&p=xujyro&a=Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws=&o=buxomcosmetics.com&rt=1651767571004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.233.149.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-149-191.compute-1.amazonaws.com
Software: nginx/1.19.10 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
last-modified: Sun, 16 Jan 2022 17:08:04 GMT
server: nginx/1.19.10
accept-ranges: bytes
etag: "61e450f4-23"
content-length: 35
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 90ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1789997064572077&ev=PageView&dl=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&rl=&if=false&ts=1651767570409&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651767570406.875186446&it=1651767570300&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 05 May 2022 16:19:31 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 117ms
117ms Script
application/javascript 2a02:26f0:3500:88e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK chasitor.esw.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/frame/ Frame 1741 22 KB
6 KB 158ms
158ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 25 May 2021 17:01:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:31 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/ 18 KB
4 KB 1191ms
158ms Script
text/javascript 13.110.37.84
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D3i000000EaZa&EmbeddedServiceConfig.configName=BuxomChatAgent&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.37.84 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-phx3.la4-c2-ph2.salesforceliveagent.com

Software

Resource Hash

67669fe98d5e600589a23c1ce7e4a90949a4c52061cea0e011907b92807a74e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/client/ 19 KB
5 KB 157ms
157ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:31 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 94ms
45ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96697044-2&cid=1624543304.1651767570&jid=1999882045&_u=YEBAAEAAAAAAAC~&z=1930324295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 101ms
47ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96697044-2&cid=1624543304.1651767570&jid=1999882045&_u=YEBAAEAAAAAAAC~&z=1930324295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/845230174/ 42 B
64 B 76ms
37ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/845230174/?random=1651767570318&cv=9&fst=1651766400000&num=1&label=N78bCPfAw3QQ3uCEkwM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&tiba=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&async=1&fmt=3&is_vtc=1&random=1919784925&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/845230174/ 42 B
548 B 81ms
36ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/845230174/?random=1651767570318&cv=9&fst=1651766400000&num=1&label=N78bCPfAw3QQ3uCEkwM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&tiba=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics&async=1&fmt=3&is_vtc=1&random=1919784925&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
594 B 94ms
36ms Script
text/plain 34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by: Host: intljs.rmtag.com
URL: https://intljs.rmtag.com/114759.ct.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 442b7d3caf188a79516e074dee0880f22fd7916676c896e8c8c568667ddd2aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 google
content-type: text/plain; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-samesite: secure

GET
H2 200 p
consent.linksynergy.com/consent/v3/ 37 B
369 B 89ms
35ms Image
image/gif 34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.buxomcosmetics.com&sought=false&tp=gdpr&aff_mid=43023&attr_sid=114759&purposes=&vendors=&ext_id=e16bc037-7859-45f2-ac90-54cedb03b915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 google
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-samesite: secure

GET
H/1.1 200
OK config.aspx Show response
ws.sessioncam.com/Record/ 6 KB
7 KB 490ms
111ms XHR
text/javascript 3.211.42.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&jsver=596&originalUrl=https://www.buxomcosmetics.com&sse=1651767570549&inTg=a&acr=0
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.42.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-42-17.compute-1.amazonaws.com
Software: /
Resource Hash: e6e3819c4aeebd8c1c866b7d14890b8381c28134166a4ab6cf069cd5a4c08d55

Request headers

Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 16:19:31 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: https://www.buxomcosmetics.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 6307
Expires: -1

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
837 B 332ms
69ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613366651337&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1651767570559

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.9a6656b8.1651767571.1c386f7e
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1363522514959682
pin-unauth: dWlkPVpESTRZMkZqT0RndFpXSXhNaTAwTmpFMExUZzRNR1V0Tm1ReVlqRmpOR0UxTWpaaQ
access-control-allow-origin: https://www.buxomcosmetics.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 316ms
70ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613366651337&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1651767570576

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9a6656b8.1651767571.1c386f84
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1686351401672913
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3D... Show response
adservice.google.com/ddm/fls/i/ Frame FF93 751 B
978 B 308ms
62ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Requested by

Host: 11741950.fls.doubleclick.net
URL: https://11741950.fls.doubleclick.net/activityi;dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97d65d521f737bbdb387a6676d2fb4a617918016d7eb02c311ac29197a038333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11741950.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 510
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20... Show response
adservice.google.com/ddm/fls/i/ Frame 2AAB 1 KB
630 B 307ms
62ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Requested by

Host: 6479448.fls.doubleclick.net
URL: https://6479448.fls.doubleclick.net/activityi;dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f15ba1f4917cd062a79ab4620dbd58c3d91a5c18e010d370c6ec1a9561a1469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6479448.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

cs
tags.rd.linksynergy.com/
Redirect Chain

https://idsync.rlcdn.com/458359.gif?partner_uid=6e2f2630-681f-440f-b662-c7a1d4fc9cae
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDZlMmYyNjMwLTY4MWYtNDQwZi1iNjYyLWM3YTFkNGZjOWNhZRAAGg0Ik_LPkwYSBQjoBxAAQgBKAA
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=b443e519e97562d0bb7818c0cd587f56943f2e2d3670bfb771ef73b552416ce46ac34734d8e453ee

37 B
302 B

52ms
35ms

Image
image/gif

34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.rd.linksynergy.com/cs?ns=lr&uid3=b443e519e97562d0bb7818c0cd587f56943f2e2d3670bfb771ef73b552416ce46ac34734d8e453ee
Protocol: H2
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 google
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-samesite: secure

Redirect headers

date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://tags.rd.linksynergy.com/cs?ns=lr&uid3=b443e519e97562d0bb7818c0cd587f56943f2e2d3670bfb771ef73b552416ce46ac34734d8e453ee
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/frame/ Frame 1741 473 B
968 B 157ms
156ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:31 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c2-ph2.salesforceliveagent.com/chat/rest/Visitor/ 630 B
798 B 1027ms
154ms Script
text/javascript 13.110.37.84
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ph2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5733i000000ggCx]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5723i000000geYI&org_id=00D3i000000EaZa&version=48

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.37.84 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-phx3.la4-c2-ph2.salesforceliveagent.com

Software

Resource Hash

580353d886051c9806ba18a7595093d946808f4481ea7de9bda65131a945d731

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
shiseido.my.salesforce.com/embeddedservice/5.0/utils/ 8 KB
3 KB 157ms
157ms Script
application/x-javascript 13.110.88.196
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://shiseido.my.salesforce.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: shiseido.my.salesforce.com
URL: https://shiseido.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.88.196 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg0-phx3.na112-ph2.my.salesforce.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 16:19:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 May 2022 16:19:31 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 140ms
139ms Script
application/javascript 104.104.52.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C28NNQVMU8Q03RAID8GG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.49 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022050516193101011300613902FF7C13
vary: Accept-Encoding
x-cache: TCP_MISS from a104-104-52-45.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 102,104.104.52.45
x-tt-trace-host: 01c98d95a4c89fa6573f148d054a5703b56378ab54108e4febe8e0d996413c9a449c4f86139e24116d4209594626292fb474e7312c476b32daa5c3062d9781cf56df1c6f6d5c669b494d8df8e6d001d82b5f222ec3fb7ce52e203539122e2ceade
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=101
x-akamai-request-id: 39b779a5
expires: Thu, 05 May 2022 16:19:31 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 875 B
964 B 142ms
141ms Script
application/javascript 104.104.52.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C28NNQVMU8Q03RAID8GG&hostname=www.buxomcosmetics.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C28NNQVMU8Q03RAID8GG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.49 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c1d7656783396c50c20aedb7a2041b8c239f85f98f211d84ebc642176ded69cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-akamai-request-id: 39b77a2a
date: Thu, 05 May 2022 16:19:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-45.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=103
content-length: 354
pragma: no-cache
server: nginx
x-tt-logid: 20220505161931010113135050207E143A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 104,104.104.52.45
x-tt-trace-host: 01c98d95a4c89fa6573f148d054a5703b56378ab54108e4febe8e0d996413c9a449c4f86139e24116d4209594626292fb43a4cb597ea5cdedb74c234f6e9858c17f9f1c6cb6e7b52fea9374e6ff4e0b45d05e79bd55889466588375f674437a4b4
expires: Thu, 05 May 2022 16:19:31 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
571 B 149ms
149ms Ping
application/octet-stream 104.104.52.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C28NNQVMU8Q03RAID8GG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.49 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220505161931010113135044207433C3
x-cache: TCP_MISS from a104-104-52-45.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,104.104.52.45
x-tt-trace-host: 01c98d95a4c89fa6573f148d054a5703b56378ab54108e4febe8e0d996413c9a449c4f86139e24116d4209594626292fb4421984e1f338e178b03e569ca04d3625e493130dd8661e7cf8ecd83cfa594c46e348280bd79acefa5ee0a52298377bde
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=0, origin; dur=113
x-akamai-request-id: 39b77bd3
content-length: 0
expires: Thu, 05 May 2022 16:19:31 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
572 B 141ms
141ms Ping
application/octet-stream 104.104.52.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C28NNQVMU8Q03RAID8GG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.49 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220505161931010113135050207E1464
x-cache: TCP_MISS from a104-104-52-45.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 103,104.104.52.45
x-tt-trace-host: 01c98d95a4c89fa6573f148d054a5703b56378ab54108e4febe8e0d996413c9a449c4f86139e24116d4209594626292fb43a4cb597ea5cdedb74c234f6e9858c17f6f58d715149d2480e19588c78707041187fd5f9631b2db55ea08d2efeb5750e
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=2, origin; dur=103
x-akamai-request-id: 39b77bd6
content-length: 0
expires: Thu, 05 May 2022 16:19:31 GMT

GET
H2 200 dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3D... Show response
adservice.google.de/ddm/fls/i/ Frame D927 194 B
287 B 114ms
60ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKT-zdrhyPcCFe4NBgAdSbsETQ;src=11741950;type=lpvd50;cat=media00;ord=6309324172739;gtm=2wg540;auiddc=55126458.1651767570;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Thu, 05 May 2022 16:19:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20... Show response
6479448.fls.doubleclick.net/ddm/fls/r/ Frame 2800
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%...
https://6479448.fls.doubleclick.net/ddm/fls/r/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%...

722 B
462 B

35ms
34ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6479448.fls.doubleclick.net/ddm/fls/r/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

28980d5462844c99674774aa1faa24b9f24b82c62df714baa09f610ab76eb41a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Thu, 05 May 2022 16:19:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 16:19:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://6479448.fls.doubleclick.net/ddm/fls/r/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 106ms
105ms Image
image/gif 18.233.149.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16517675709380.40139438860159515&c=liy8gloxyz03qhtknl0cc2l2t7ri64&p=xujyro&a=Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws=&o=buxomcosmetics.com&rt=1651767571004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.233.149.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-149-191.compute-1.amazonaws.com
Software: nginx/1.19.10 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
last-modified: Sun, 16 Jan 2022 17:08:04 GMT
server: nginx/1.19.10
accept-ranges: bytes
etag: "61e450f4-23"
content-length: 35
content-type: image/gif

GET
H2 200 facebook.png
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwdfb846f4/images/ 6 KB
6 KB 34ms
34ms Image
image/png 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwdfb846f4/images/facebook.png

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe233dfb4729cbe81c58a356dbb2c9907ede5c968125b4aad283da5eac373405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3
cross-origin-resource-policy: cross-origin
content-length: 6293
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2566118
accept-ranges: bytes
cf-ray: 706acc5c0f509bd7-FRA
x-dw-request-base-id: cmbd0_aTc2IBAAB_
expires: Sat, 04 Jun 2022 09:08:09 GMT

GET
H2 200 google.png
www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwc9b64eb2/images/ 6 KB
6 KB 34ms
33ms Image
image/png 104.18.98.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.buxomcosmetics.com/on/demandware.static/Sites-BUXOM_US-Site/-/default/dwc9b64eb2/images/google.png

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.98.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b219e21322eeb8f440cafa1b9dddbf907fd55c2281e3d25b5bd50dcb4f0883e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/my-account/?et_rid=T6bt3Ph&mi_ecmp=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&mi_u=T6bt3Ph&utm_campaign=US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1&utm_content=mainimage1&utm_medium=Email&utm_source=Trigger
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3
cross-origin-resource-policy: cross-origin
content-length: 6477
last-modified: Fri, 29 Apr 2022 15:44:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2566119
accept-ranges: bytes
cf-ray: 706acc5c0f519bd7-FRA
x-dw-request-base-id: cmbe0_aTc2IBAAB_
expires: Sat, 04 Jun 2022 09:08:10 GMT

GET
H3 200 458359.gif
idsync.rlcdn.com/ 42 B
60 B 32ms
32ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458359.gif?partner_uid=6e2f2630-681f-440f-b662-c7a1d4fc9cae
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 16:19:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 2800 43 KB
17 KB 88ms
38ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 6479448.fls.doubleclick.net
URL: https://6479448.fls.doubleclick.net/ddm/fls/r/dc_pre=COn4zdrhyPcCFVLF1QodWXwJZw;src=6479448;type=buxom001;cat=buxom101;ord=9002041840808;gtm=2wg540;auiddc=55126458.1651767570;u1=My%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics;u2=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger;~oref=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

4d999495f11893461b0b9698205ff03567dfe0507b25f3777516c83cc2d78dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6479448.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16891
x-xss-protection: 0
server: cafe
etag: 8734957610480584535
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 May 2022 16:19:32 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 106ms
105ms Image
image/gif 18.233.149.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16517675711730.6540719790545357&c=liy8gloxyz03qhtknl0cc2l2t7ri64&p=xujyro&a=Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws=&o=buxomcosmetics.com&rt=1651767571004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.233.149.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-149-191.compute-1.amazonaws.com
Software: nginx/1.19.10 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:32 GMT
last-modified: Sun, 16 Jan 2022 17:08:04 GMT
server: nginx/1.19.10
accept-ranges: bytes
etag: "61e450f4-23"
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK GetPageId Show response
ws.sessioncam.com/Record/record.asmx/ 0
200 B 514ms
260ms XHR
text/plain 3.211.42.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/record.asmx/GetPageId?url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&id=evy2rzmxd4h0glmdt0ukaub1
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.42.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-42-17.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.buxomcosmetics.com
Date: Thu, 05 May 2022 16:19:31 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/846232920/ Frame 2800 2 KB
1 KB 34ms
34ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/846232920/?random=1651767571267&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6479448.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOn4zdrhyPcCFVLF1QodWXwJZw%3Bsrc%3D6479448%3Btype%3Dbuxom001%3Bcat%3Dbuxom101%3Bord%3D9002041840808%3Bgtm%3D2wg540%3Bauiddc%3D55126458.1651767570%3Bu1%3DMy%2520Account%2520%257C%2520Login%2520%257C%2520Create%2520an%2520Account%2520%257C%2520BUXOM%2520Cosmetics%3Bu2%3Dhttps%253A%252F%252Fwww.buxomcosmetics.com%252Fmy-account%252F%253Fet_rid%253DT6bt3Ph%2526mi_ecmp%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526mi_u%253DT6bt3Ph%2526utm_campaign%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526utm_content%25&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

26cb8639ee1ae5e11a32ba7ecbe185cbe1aa522aa103e4818492ad3840c24b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6479448.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 106ms
105ms Image
image/gif 18.233.149.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16517675712920.8305389724623837&c=liy8gloxyz03qhtknl0cc2l2t7ri64&p=xujyro&a=Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws=&o=buxomcosmetics.com&rt=1651767571004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.233.149.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-149-191.compute-1.amazonaws.com
Software: nginx/1.19.10 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:32 GMT
last-modified: Sun, 16 Jan 2022 17:08:04 GMT
server: nginx/1.19.10
accept-ranges: bytes
etag: "61e450f4-23"
content-length: 35
content-type: image/gif

GET
H3

200

/
www.google.de/pagead/1p-conversion/846232920/ Frame 2800
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600...
https://www.google.com/pagead/1p-conversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&...
https://www.google.de/pagead/1p-conversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u...

42 B
64 B

104ms
51ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6479448.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOn4zdrhyPcCFVLF1QodWXwJZw%3Bsrc%3D6479448%3Btype%3Dbuxom001%3Bcat%3Dbuxom101%3Bord%3D9002041840808%3Bgtm%3D2wg540%3Bauiddc%3D55126458.1651767570%3Bu1%3DMy%2520Account%2520%257C%2520Login%2520%257C%2520Create%2520an%2520Account%2520%257C%2520BUXOM%2520Cosmetics%3Bu2%3Dhttps%253A%252F%252Fwww.buxomcosmetics.com%252Fmy-account%252F%253Fet_rid%253DT6bt3Ph%2526mi_ecmp%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526mi_u%253DT6bt3Ph%2526utm_campaign%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526utm_content%25&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=FPlzYrXvA4uH1ga7jarADw&cid=CAQSKQCNIrLMbQgaCddtH97swHisqpJfWtGFntMElXuNMBpRDfn4rNTsvm8R&random=447342917&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6479448.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 16:19:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/846232920/?random=1505132540&cv=9&fst=1651767571267&num=1&label=kqtaCPf5qKUBENj6wZMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6479448.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOn4zdrhyPcCFVLF1QodWXwJZw%3Bsrc%3D6479448%3Btype%3Dbuxom001%3Bcat%3Dbuxom101%3Bord%3D9002041840808%3Bgtm%3D2wg540%3Bauiddc%3D55126458.1651767570%3Bu1%3DMy%2520Account%2520%257C%2520Login%2520%257C%2520Create%2520an%2520Account%2520%257C%2520BUXOM%2520Cosmetics%3Bu2%3Dhttps%253A%252F%252Fwww.buxomcosmetics.com%252Fmy-account%252F%253Fet_rid%253DT6bt3Ph%2526mi_ecmp%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526mi_u%253DT6bt3Ph%2526utm_campaign%253DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%2526utm_content%25&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=FPlzYrXvA4uH1ga7jarADw&cid=CAQSKQCNIrLMbQgaCddtH97swHisqpJfWtGFntMElXuNMBpRDfn4rNTsvm8R&random=447342917&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 106ms
106ms Image
image/gif 18.233.149.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16517675714110.5977935278241535&c=liy8gloxyz03qhtknl0cc2l2t7ri64&p=xujyro&a=Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws=&o=buxomcosmetics.com&rt=1651767571004
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.233.149.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-149-191.compute-1.amazonaws.com
Software: nginx/1.19.10 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:32 GMT
last-modified: Sun, 16 Jan 2022 17:08:04 GMT
server: nginx/1.19.10
accept-ranges: bytes
etag: "61e450f4-23"
content-length: 35
content-type: image/gif

POST
H2 201 client_infos Show response
c.riskified.com/v2/ 0
302 B 111ms
110ms XHR
text/plain 2600:1f18:f8a:b701:3891:1a3:ba9d:7ea4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.riskified.com/v2/client_infos
Requested by: Host: beacon.riskified.com
URL: https://beacon.riskified.com/?shop=buxomcosmetics.com&sid=Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:f8a:b701:3891:1a3:ba9d:7ea4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
Access-Control-Allow-Headers: Content-Type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 05 May 2022 16:19:32 GMT
access-control-request-method: *
server: istio-envoy
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
trace-id: a0694503fa29daeb568324c737819be6
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 349ms
107ms Preflight
text/plain 2600:1f18:f8a:b701:3891:1a3:ba9d:7ea4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.riskified.com/v2/client_infos
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:f8a:b701:3891:1a3:ba9d:7ea4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://www.buxomcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
content-length: 2
content-type: text/plain; charset=UTF-8
date: Thu, 05 May 2022 16:19:32 GMT
server: istio-envoy
timing-allow-origin: *
trace-id: 3346c1e45dba9e094a096a4b4cd7e170

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer: https://shiseido.my.salesforce.com/
Origin: https://www.buxomcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 47ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1789997064572077&ev=Microdata&dl=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&rl=&if=false&ts=1651767571923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CnMy%20Account%20%7C%20Login%20%7C%20Create%20an%20Account%20%7C%20BUXOM%20Cosmetics%5Cn%5Cn%22%2C%22meta%3Adescription%22%3A%22%20Welcome%20to%20buxom.%20Create%20an%20account%20or%20Sign%20in%20to%20shop%2C%20create%20a%20wish%20list.%22%2C%22meta%3Akeywords%22%3A%22%20%20buxom%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.58&r=stable&ec=1&o=30&fbp=fb.1.1651767570406.875186446&it=1651767570300&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.buxomcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 16:19:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 05 May 2022 16:19:32 GMT

POST
H/1.1 200
OK SaveEvents Show response
ws.sessioncam.com/Record/record.asmx/ 0
232 B 125ms
124ms XHR
application/json 3.211.42.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/record.asmx/SaveEvents?url=https%3A%2F%2Fwww.buxomcosmetics.com%2Fmy-account%2F%3Fet_rid%3DT6bt3Ph%26mi_ecmp%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26mi_u%3DT6bt3Ph%26utm_campaign%3DUS_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1%26utm_content%3Dmainimage1%26utm_medium%3DEmail%26utm_source%3DTrigger&id=evy2rzmxd4h0glmdt0ukaub1
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.42.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-42-17.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buxomcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.buxomcosmetics.com
Date: Thu, 05 May 2022 16:19:32 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: yaiWtwYsFPCKE08ugS-zF9S7R0fKyusNRXeF2uMkC553mKARCbubnLKvRdxld9AzFD5crSh_Q7KrohtKtsi-SA==
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: dwac_5ecd04cd337480c8094beab733 Value: Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws%3D\|dw-only\|\|\|USD\|false\|US%2FEastern\|true
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: cqcid Value: efF8vbXpdUFNqWE1aXHZ56cqWg
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: cquid Value: \|\|
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: Ka0oL4KKyuMIb8coJnWIXzS--d9ObDUexws
www.buxomcosmetics.com/	1970-01-20 03:32:39	Name: new_user_signup Value: 1
www.buxomcosmetics.com/	1970-01-20 07:08:39	Name: dwanonymous_d4dcc87ef65b59231d1e88403a5cbcce Value: efF8vbXpdUFNqWE1aXHZ56cqWg
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 0
.buxomcosmetics.com/	1970-01-20 11:35:03	Name: BVBRANDID Value: 43703cf5-ba50-4c36-897b-258c8ef08da5
.buxomcosmetics.com/	1970-01-20 02:49:29	Name: BVBRANDSID Value: def74cee-76e3-4a35-abd9-f7d607c3b9ac
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: dw Value: 1
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: dw_cookies_accepted Value: 1
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: tfa_tra_src Value: Direct
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: VybpqyOumPc
.youtube.com/	1970-01-20 07:08:39	Name: VISITOR_INFO1_LIVE Value: vZ8ytf3MQRg
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: BVImplmain_site Value: 12982
.bounceexchange.com/	1970-01-20 02:49:29	Name: bounceClientVisit2880c Value: %7B%22vid%22%3A1651767569148166%2C%22did%22%3A%22572023688834916573%22%7D
.cquotient.com/	1970-01-20 12:18:15	Name: uuid Value: efF8vbXpdUFNqWE1aXHZ56cqWg
.buxomcosmetics.com/	1970-01-20 12:18:15	Name: __cq_uuid Value: efF8vbXpdUFNqWE1aXHZ56cqWg
.buxomcosmetics.com/	1970-01-20 03:32:39	Name: __cq_seg Value: 0~0.00!1~0.00!2~0.00!3~0.00!4~0.00!5~0.00!6~0.00!7~0.00!8~0.00!9~0.00
.salesforce.com/	1970-01-20 11:35:03	Name: BrowserId_sec Value: I_gvecyPEeyciVO_0d2cmA
.buxomcosmetics.com/	1970-01-20 07:08:39	Name: __55 Value: %7B%22ms%22%3A%22non-member%22%2C%22st%22%3A%22regular%22%2C%22vF0%22%3A1651767569840%2C%22vF%22%3A%22new%22%7D
.buxomcosmetics.com/	1970-01-20 04:59:03	Name: _gcl_au Value: 1.1.55126458.1651767570
.buxomcosmetics.com/	1970-01-20 20:20:39	Name: __gabuxom Value: GA1.2.1624543304.1651767570
.buxomcosmetics.com/	1970-01-20 02:50:53	Name: __gabuxom_gid Value: GA1.2.309987561.1651767570
.buxomcosmetics.com/	1970-01-20 02:49:27	Name: _gat__gabuxom Value: 1
www.buxomcosmetics.com/	1970-01-20 11:35:03	Name: _mibhv Value: T6bt3Ph_8882
www.buxomcosmetics.com/	1970-01-20 02:55:13	Name: _micpn Value: esp:-1:US_BXM_Trigger_TriggerBirthdayCapture_0_101221_CRM_Touch1:1651767570332
.buxomcosmetics.com/	1970-01-20 20:20:39	Name: lastRskxRun Value: 1651767570363
.buxomcosmetics.com/	1970-01-20 20:20:39	Name: rskxRunCookie Value: 0
.buxomcosmetics.com/	1970-01-20 20:20:39	Name: rCookie Value: liy8gloxyz03qhtknl0cc2l2t7ri64
.buxomcosmetics.com/	1970-01-20 04:59:03	Name: _fbp Value: fb.1.1651767570406.875186446
1xc5gazd.micpn.com/	1970-01-20 11:35:03	Name: _mibhv Value: T6bt3Ph_8882
1xc5gazd.micpn.com/	1970-01-20 02:55:13	Name: _micpn Value: esp:-1:us_bxm_trigger_triggerbirthdaycapture_0_101221_crm_touch1:1651767570332
.buxomcosmetics.com/	1970-01-20 03:32:39	Name: rmStore Value: atm:mop
.linksynergy.com/	1970-01-20 11:35:03	Name: icts Value: 2022-05-05T16:19:31Z
.linksynergy.com/	1970-01-20 11:35:03	Name: rmuid Value: 3952fb5d-f1b0-4358-845e-f638a0ce378f
.rlcdn.com/	1970-01-20 11:35:03	Name: rlas3 Value: OL2hnHOXQD44iQQumf4zuGwSC7yyvBuHd8kt7LMTXmU=
.buxomcosmetics.com/	1970-01-20 11:35:03	Name: _pin_unauth Value: dWlkPVpESTRZMkZqT0RndFpXSXhNaTAwTmpFMExUZzRNR1V0Tm1ReVlqRmpOR0UxTWpaaQ
.rlcdn.com/	1970-01-20 04:15:51	Name: pxrc Value: CJPyz5MGEgUI6AcQABIGCOTrARAA
ws.sessioncam.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: evy2rzmxd4h0glmdt0ukaub1
www.buxomcosmetics.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: evy2rzmxd4h0glmdt0ukaub1
.doubleclick.net/	1970-01-20 12:11:03	Name: IDE Value: AHWqTUnq0jYUPzZe2LH_3GdNGWUKNUexC1nk6291J7XIugYqJMCzBlqK_FH4v8Yv3sc
www.buxomcosmetics.com/	1970-01-20 11:35:03	Name: sc.UserId Value: a564893e-af42-4a59-98e9-f5bd586d5bc4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.a3cloud.net/AM-141452/tag.js?ns=am Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11741950.fls.doubleclick.net
1xc5gazd.micpn.com
6479448.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics-static.ugc.bazaarvoice.com
analytics.tiktok.com
api.bounceexchange.com
apps.bazaarvoice.com
assets.bounceexchange.com
beacon.riskified.com
c.riskified.com
cdn-live.conductor.com
cdn.attn.tv
cdn.cquotient.com
click.mail.buxomcosmetics.com
connect.facebook.net
consent.linksynergy.com
ct.pinterest.com
d.la4-c2-ph2.salesforceliveagent.com
d2oh4tlt9mrke9.cloudfront.net
display.ugc.bazaarvoice.com
events.bouncex.net
googleads.g.doubleclick.net
idsync.rlcdn.com
img.riskified.com
intljs.rmtag.com
network.bazaarvoice.com
p.cquotient.com
s.pinimg.com
shiseido.my.salesforce.com
stats.g.doubleclick.net
t.a3cloud.net
tag.bounceexchange.com
tags.rd.linksynergy.com
ut.rd.linksynergy.com
ws.sessioncam.com
www.buxomcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.tryzens-analytics.com
www.youtube.com
104.104.52.49
104.18.98.106
104.75.88.209
13.110.37.84
13.110.88.196
13.111.240.96
142.250.185.70
172.217.16.130
18.233.149.191
18.66.242.54
18.66.248.126
18.66.248.58
2600:1f18:f8a:b700:8a9:2580:cf1a:56c4
2600:1f18:f8a:b701:3891:1a3:ba9d:7ea4
2600:9000:2057:9c00:9:440c:e740:93a1
2600:9000:206f:8200:1c:9484:cec0:93a1
2600:9000:2156:9c00:d:274d:a6c0:93a1
2600:9000:224a:7e00:18:4532:5280:93a1
2600:9000:224a:a400:1c:58a3:4780:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9b
2a02:26f0:3500:88e::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.211.42.17
34.102.147.248
34.111.8.32
34.120.253.250
34.249.235.28
34.98.67.3
34.98.72.95
35.244.174.68
52.30.10.34
65.9.67.160
99.86.4.122
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0946d732e34a1aef3f5d1b8eefa1df1996fc755850625618116765beb89a6829
0a8f5f2b28cfd21ddbe8c64ed73d75469a27e43e92a15704d75e2bb60ce26127
0f15ba1f4917cd062a79ab4620dbd58c3d91a5c18e010d370c6ec1a9561a1469
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11975cb0f653254a69cccd295f68946ea6b6567dd96da9795e002bb324ff9977
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
149866a3d44cbf6a35f73010dd6490d2e620e30feec2457fe596612cf1057542
184a37c9cd8ba6830b37b9360b945bb207cb5e9b8b6b7fcd3979ff718f5bb7cc
1871d05a2a44ccbb46379dc63ea091a86a342e8fd2ded760c7e5a689bfe85c3e
26cb8639ee1ae5e11a32ba7ecbe185cbe1aa522aa103e4818492ad3840c24b6a
28980d5462844c99674774aa1faa24b9f24b82c62df714baa09f610ab76eb41a
2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
343b1cb5920f37339190b22fa737f6c7a25e09b9d2d6b4db715724bad664848b
3536ab5389295054a599eb7f8a48e8dc85553bbb6d6a6cd1349cbb4220e28fc6
3601bad1b9510844dc381f61dee97f68fcf0b81829455bcab4f6f61a7920629b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c3669397a0d6ab57176fa267184cf71c62cac31cd57d6d26aa0f5cdd1797d19
442b7d3caf188a79516e074dee0880f22fd7916676c896e8c8c568667ddd2aa7
4998cb22d95ce00c4a214aa03b83347211c3c77bce91ebf50b9798303e637549
49cde9cb077e5c3eb380ab964f8563375b4f2cd07f1d688fbfc12caf6872efae
4d999495f11893461b0b9698205ff03567dfe0507b25f3777516c83cc2d78dc2
500735e619a532911632379133951138a839d0b90fe5bad336730ffb9e168462
50fb3608259f5e6dbf852d5aff0dcfca55a8504cfe22d4be86b207381143a4e7
51c2a5bef605b22f6930332d4adb9ab68b0f821387e614c952e06bdf9ae9d3fc
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
55ffe374e0804596013419ce6ffc150b104072d7d82e153bb31c1d3c17ce97d5
580353d886051c9806ba18a7595093d946808f4481ea7de9bda65131a945d731
596df2e9e2c81658a577260ad9658abab0fac53d07b445dbb090a79ba9ccb0b3
5a973ec89e1f6cbe237244f764643d3672d74c885ece3abb275a93db0a7c4098
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
648ed54f0830bb18e8f86d27b6f2c84f30fcf041889c9aad6bd606ce6f20d894
67669fe98d5e600589a23c1ce7e4a90949a4c52061cea0e011907b92807a74e7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784
6fd677e98143e04fb57c24fec79027b93984a95c25988bf677a98010a57c185c
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
74ad1f32b67f73feec07d99767db03d5f5ec78548ddc67b34a39b56abc0d2519
797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858
79bd919cdda4ed82c4c4e28cf2f3f79a05aab9381a2d334800489127e2f6805e
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7e77c571a4a2547f6a78feaf06d969bd97b4d0f7854a5dd006a041acef608638
83658093e2e0c893b2eb966dbf4e0299043616c00eac3b4a032722212439a484
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8800b7ce18efd7e2ba14cb23d93b7c5e4ff5c1afc35d8c15d5807896457315b9
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8ded8f427c8d4eaaf3d7ad53f6e0218e407cf5ac5ef6282a45fe2781b6ff231b
92e81b169619fdcbe081a5bed25ccc81ef5c6dfec096fa902f6327357b1fac34
941cf990f408eaf3f0857b9f18fcff562e13e9a3c42473c879c022e0821a4347
958191b8a6a4757a7014d03cf2fa9465cd72978337ac233a45bb443d82124207
962fa7587158284e616a6d8b823eccdcdf9348c5076f04335e1f7bc4d666a386
963fb677d2c39f39135acd5a996e631a9faaf9383a1eed54ee85c2f48151213c
978838ebb9190a3520eb9f10b8d97d50cf9bbb0a62819d5afc69180254751133
97d65d521f737bbdb387a6676d2fb4a617918016d7eb02c311ac29197a038333
987638d637b95ed9aed0b695825b67045806aa0421e89a93cf6ed2c8bac862e2
9bad803273c21032be4d0111294784fce79e6197d94f3b8fa32830e7429fd77e
9f5a484012a39673c20adad65cb49047cda5bc883ffbaea439899707c83af3e6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a279ccabda2ea4715897639c3ed84f1dd8692bd9539f4b69dcf7611e45de8a5d
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a556ca20bc5e934d95c85c4fdd4d2b783d4f5a419cf18f3e250d9ca07293b1fd
a7f2a5bcc2f6322e9874f02dabb374e31846734ef8057a10d6115b2309e2cdac
a893f9e21dea896b616de3d6b09835f9f93b1dbb5c41dfe98b6a02a01d6a2ade
a8e264977caf3ba6c288da7cb124018ef82fe310ebf13e458e4c5e5c86d2db33
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b0645cf2dc4784a2b7133df73a20c34cac6a85547babb99c99c081e1657ba14c
b219e21322eeb8f440cafa1b9dddbf907fd55c2281e3d25b5bd50dcb4f0883e5
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b6decdf0216b96841bc0690075dd3d2156509245682e367ae96b9bc69886b715
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd770dbc583abfb9295abbdefbab9a3819d6e6a080acc585b1178fd38efee213
c1d7656783396c50c20aedb7a2041b8c239f85f98f211d84ebc642176ded69cd
c3412bd2ed5730cc10799097f7bbfb2cdecab14d8f831fe6597185628e6fb645
c8ef253d8e1c888d71e7139ed5958fa414886493f4528fda29fff41065717892
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca9b1d807d88b7adcc80c302d617a70b7dca4c40fb8ecfedc977b3b83b28bf76
ccba3b196f5164dcc304ab53879a6589888241ee6eab98dfcda103e351c72028
cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
d00f9246541dda744494153ec3efdda9058121023aa9e1483e6fefca8ac13296
d35748680b9ec1bd882109f5f6cce84912bf3344288e5a33ac8cbabadb52d9ea
da83d1176c1cc931c1232a7fbf9729a466bcddd042673b6d8a80a754f74b74f6
dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e
dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e20ba678a2579288643f5582a52919a34cbb77a30370dfd7f440eff4d24fb163
e355d8e163aceefd69394f222e2834bba0145f8a8fc6a2f57f084a7a39958e74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e3819c4aeebd8c1c866b7d14890b8381c28134166a4ab6cf069cd5a4c08d55
e83647abd4297c9afd2ef1e493026447b4f56ab201d102c3ce07bd8796d53b6d
eb8aa933c13c594a0753ffd5a948224cc4da9c30a6d7f79900529a7dbe65b76b
ec88e9506673eb2528a9f57aa4136624cc5481b2ab3db552bb8ec24120951c94
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ed674798917fc9b95dbdb7005f7f2acb1ed11649b76fd4e4f649db89da08c360
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f36c44bc84b94a5ae0dd5fe6fc014df9fa5ad4c0e4ce2ef8d818f18853ab9b4c
f507d010d60238c9b6e254f16e62957fcfb970a677bbf3a5ce79326c960e95ea
f6ef6ac3ba1337056cbce9059554e45529418bd5f4084891d99907ee7386eb5f
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
fa62956c63609f523c9298f0371d90ba1a1b1a5a1fd23a6338a99e49b74f77ce
fa85b802ec0dc2fbf7655b1b6a4e41f47dbc5d4774653a00ba258bf24954481e
fe233dfb4729cbe81c58a356dbb2c9907ede5c968125b4aad283da5eac373405

www.buxomcosmetics.com Open in urlscan Pro 104.18.98.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

99 %HTTPS

47 %IPv6

31 Domains

47 Subdomains

43 IPs

6 Countries

2140 kBTransfer

8324 kBSize

45 Cookies

7 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.buxomcosmetics.com Open in urlscan Pro
104.18.98.106 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

99 %
HTTPS

47 %
IPv6

31
Domains

47
Subdomains

43
IPs

6
Countries

2140 kB
Transfer

8324 kB
Size

45
Cookies

144 HTTP transactions
2 data transactions