urlscan.io logo urlscan.io
SecurityTrails logo

rd.bizrate.com Open in urlscan Pro
2600:1901:0:fdba::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.ealfcosmetics.com/
Effective URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_...
Submission: On August 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 17 domains to perform 29 HTTP transactions. The main IP is 2600:1901:0:fdba::, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is rd.bizrate.com. The Cisco Umbrella rank of the primary domain is 78386.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 19th 2022. Valid for: a year.
This is the only time rd.bizrate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.172.228.26 14061 (DIGITALOC...)
1 2 52.117.247.211 36351 (SOFTLAYER)
2 52.116.53.146 36351 (SOFTLAYER)
1 52.116.53.151 36351 (SOFTLAYER)
1 4 2600:1901:0:f... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2001:4998:1c:... 14779 (YAHOO)
2 2 52.0.156.250 14618 (AMAZON-AES)
1 64.19.224.208 14332 (SHOPZILLA)
2 2607:f8b0:400... 15169 (GOOGLE)
2 76.13.32.146 26101 (YAHOO-BF1)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
29 14
1    167.172.228.26 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.ealfcosmetics.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p374591.myckdom.com
2    52.116.53.146 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com
clkdeals.com
1    52.116.53.151 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 97.35.7434.ip4.static.sl-reverse.com
241.trackingms.com
4    2600:1901:0:fdba:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
go.shopyourlikes.com
rd.bizrate.com
1    2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2001:4998:1c:800::1001 (United States)

ASN14779 (YAHOO, US)
s.yimg.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
1    64.19.224.208 (United States)

ASN14332 (SHOPZILLA, US)
pxl.connexity.net
2    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
301 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 356
13 KB
3 bizrate.com
rd.bizrate.com — Cisco Umbrella Rank: 78386
17 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
563 B
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1259
878 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
4 KB
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1539
2 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 602
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
78 KB
2 clkdeals.com
clkdeals.com — Cisco Umbrella Rank: 243771
393 B
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 117748
p374591.myckdom.com
2 KB
1 connexity.net
pxl.connexity.net — Cisco Umbrella Rank: 5368
771 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
70 KB
1 shopyourlikes.com
go.shopyourlikes.com — Cisco Umbrella Rank: 249561
521 B
1 trackingms.com
241.trackingms.com
601 B
1 ealfcosmetics.com
www.ealfcosmetics.com
2 KB
0 elfcosmetics.com Failed
www.elfcosmetics.com Failed
29 17
Domain Requested by
4 www.facebook.com rd.bizrate.com
4 bat.bing.com rd.bizrate.com
bat.bing.com
3 rd.bizrate.com 241.trackingms.com
rd.bizrate.com
2 www.google.com rd.bizrate.com
2 sp.analytics.yahoo.com rd.bizrate.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 loadus.exelator.com 2 redirects
2 s.yimg.com rd.bizrate.com
s.yimg.com
2 connect.facebook.net rd.bizrate.com
connect.facebook.net
2 clkdeals.com p374591.myckdom.com
241.trackingms.com
1 pxl.connexity.net rd.bizrate.com
1 www.googletagmanager.com rd.bizrate.com
1 go.shopyourlikes.com 1 redirects
1 241.trackingms.com p374591.myckdom.com
1 p374591.myckdom.com
1 myckdom.com 1 redirects
1 www.ealfcosmetics.com 1 redirects
0 www.elfcosmetics.com Failed rd.bizrate.com
29 18

This site contains no links.

Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
www.clkdeals.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-07 -
2023-12-29		 a year crt.sh
*.trackingms.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-26 -
2024-03-17		 a year crt.sh
*.bizrate.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-19 -
2023-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-01 -
2023-08-30		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-30 -
2023-11-22		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.elfcosmetics.com/?utm_source=Paid_Search&utm_medium=cpc&utm_campaign=connexity&cnxclid=16927956581300021369115861112008005&utm_term=16927956581300021369115861112008005
Frame ID: D7ADD4EFB3088F4C71B26525F948B161
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.ealfcosmetics.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=R40UBoveGXeRLtQOvXfjv48uDhK_8R6jaUOO1Sy8lLLqC2Y6bU4Xjp-I7bRFE... HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=KH3sNciCPPoYAgm9ynsJlP9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw... Page URL
  2. https://241.trackingms.com/adServe/aff?oid=989963&pid=294080&subid=90632168179&dp1=444231112&dp3=UNKNOWN Page URL
  3. https://go.shopyourlikes.com/pi/39a9f07405e997116e7281a26286308da686ac75?afId=725724&afCampaignId=MF&afPl... HTTP 302
    https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

90 %
HTTPS

53 %
IPv6

17
Domains

18
Subdomains

14
IPs

1
Countries

193 kB
Transfer

562 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.ealfcosmetics.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=R40UBoveGXeRLtQOvXfjv48uDhK_8R6jaUOO1Sy8lLLqC2Y6bU4Xjp-I7bRFEJP0nIFjje5HrPodK7X5QIc3n0hfs9IVa7UG37q4Cgpg75MByokIpjiFKluxNC_VCHffxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT_4ZRcycYhE4SNQnhYuCq47aVe8VVuvN3jVuQjUINTMwggkTbuWjYuabzwDXceC06qeh_63VFNG3PfSWAmhEf-iR573nbwlUML3CCNL04F4Txiwe77-V1sOhjlJCMKP4kkpWmVoRrb7hagCxyzO7yhX8HcCx9ymWmQQ44v8J5laSxZPuakWG-WqgqI1OfXi1mcbVgFteQnl7nm1LruFvSVkwOpQF_G7fkzt_r7iWd4Cx0vMdI_j-hzLY7sUPWS83NySqbAvFvMtEMdAng_p_PFEdV34xGdCHgvOAUkn00P-EWXW3M7G7JM9DyiRJcwpVyXZVr2AH4u_TzhkU6HzYCYSTfT-jtizV43y-yp7shC0Iby0owAgoe1aCaN7yD3nfWCGpQNxIP5-AdLKaSNpprSRzs0RAIwP03DWvRjSIOKcNyfqPy8_EzAZbLS3lYmhy1p44K2HsU-JcBxAn2M8mgggQmNw0_CyoZE-uJvnXoilgQ4gN1Abcgydpz1nJ3SKrq-wwsL5pQf17nFaEBCvKu-A2t4-Caw-TCsY8iiq6tfSX4wEEeCfUyQYeyfbgczuadFTNrRFW0iHq5KzOuZT1cpdvymg62m34JLnoDdWfbTBNv3JQjsD8VQ9rm0t8k75B_ObhkD4k4rFhZrCp6X0_q---WX4hjnuFPxhcqUZzIwi0-30DIH5HGe5hIcc1YyjnQ6zyeNaHdtCHYyTyPhhZ6hIJMfPf_ZpcbH-rs91G9RewipMyh0gcRXi_dy84hhoY4JOBBnTMDjmnM0hPMBi-VtHT00MPidSu3V_nS8gK7qh70mgCRwhsHWfVJNEpTNA4pReEgRRN0hyzM5wHPZb6H3B4BqY2DrhCakXj4y0mNqTWjB8x2GrRnlyAsUGlB2af9MqwdGbLC5HV_0WlvjVkcZze0OPyIvqwXOCop3lsUrHxk9NUp0OwOL1dxrb-Q6AtrYn8hsxnJtrZ5tIRwEb5WUuMCQKD7QjwPtqO-bonBeoHHiFCGuE2ZyYtR0UARJhMaBVCTWfJMC7fJPfprpufkqzLDlUjqxSDjmcoqOX7qPCmGmekBdrWWXJhEJPyUEUgpVrr2IIMLJkU_r1ClRUQvCCupmVOril39hcKNKI8dO5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEBUGgfDc7UaminJ5zlQmtYLVaHcodejbvmZ4JNqwvtfxNjTcQOom_iFTCMkECjwUBFT_pzCrMi70MQeG3LwuwezLJPq3zZFh5AaC-TNoE29IYUYJddZNGEFHmQcG0kBTpY5GetWkinglZfJl16wgR5b3ZgYOO2DSpDQcfRPrDojM4jKWYSYWzH7Y3gNl5Buw0R481x5iv98E8x9kJDHjFR7ySrQItdKAHwFdAsTPIb_N8pw-VDmwYu_SvTtMWUWhIdjLZsz0jMK_9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-AUHLrNzpv4AYp_u7vDvFKOiECl11Dm3rCVy9yU7ugF2M-yupmYy30Mku3snNMgb9fFdG14Q0-SqgvdJkUSk8UmatIlCfkT6GUZca7VLOTYr2X5roEFjb-s8ai_0NatE1cnb9Q5RUDuR6cw899H0IlmGTRWY7CzldVqGOHqlIZT6kkNyNKX7H17PdxnuQdNafmYE6CYNb-iWwdA0 HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=KH3sNciCPPoYAgm9ynsJlP9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-AUHLrNzpv4AYp_u7vDvFKOiECl5hIUoSdIVpfzrtSGNAreXMZPobn7-kZDAtHsaD3IZYdTFw91Ege6iD3YRp9_wtT4pqMeZyNV0wZDcyT2_ktIpBvf4RIcbQkdG5_eKxC-ZcL_NKpzYYcDJnb8rGSBAv6Yyd1PStxuG0qMhDqf7kErms2I4PkEiFU2BvD5txNaUfGEUiHXmOKv7rBZwfnlpzJlSTXaUkcwuEXenODIGejRLgAmUMWYQdn0ylodCoHR4T6cgv67OlVyRxWfBO_Pgkf9Lj9hxf0SJk0tVfUbfcXAU2dgRsl_cISdhzavJEfo6eseVq4GY9uFdcNqOvDdTKI0rAgV2R4ubIyh-8XWjYI5uwiDuXNfsXyfVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPPfR9CJZhk0VoEFjb-s8ai83hjWnQSPjuCQviv94DTfnHk3LrnkH9dTyhQ7SwsB-WrMYfaiuo_bz&ui=R40UBoveGXeRLtQOvXfjv_bWwvziNp_1xLgNeF8Zj-hQS0imVi9lH5CjXqHhw0FHobUpktIiD82nvzyGZHsRa2bfla8MkjkrJQ43Bu16yybCDjlEe1_N6Q&si=1&oref=510a36ce48c1eca1ce854976fd19f11f&optunit=v80qnNhhwMmdvysZIEC_pnnSiUDV5iGD&rb=oK90Xc5o3Yk&rr=1&isco=t&abtg=0 Page URL
  2. https://241.trackingms.com/adServe/aff?oid=989963&pid=294080&subid=90632168179&dp1=444231112&dp3=UNKNOWN Page URL
  3. https://go.shopyourlikes.com/pi/39a9f07405e997116e7281a26286308da686ac75?afId=725724&afCampaignId=MF&afPlacementId=187216&afRid=90632201959 HTTP 302
    https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.ealfcosmetics.com/ HTTP 302
  • https://myckdom.com/aS/feedclick?s=R40UBoveGXeRLtQOvXfjv48uDhK_8R6jaUOO1Sy8lLLqC2Y6bU4Xjp-I7bRFEJP0nIFjje5HrPodK7X5QIc3n0hfs9IVa7UG37q4Cgpg75MByokIpjiFKluxNC_VCHffxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT_4ZRcycYhE4SNQnhYuCq47aVe8VVuvN3jVuQjUINTMwggkTbuWjYuabzwDXceC06qeh_63VFNG3PfSWAmhEf-iR573nbwlUML3CCNL04F4Txiwe77-V1sOhjlJCMKP4kkpWmVoRrb7hagCxyzO7yhX8HcCx9ymWmQQ44v8J5laSxZPuakWG-WqgqI1OfXi1mcbVgFteQnl7nm1LruFvSVkwOpQF_G7fkzt_r7iWd4Cx0vMdI_j-hzLY7sUPWS83NySqbAvFvMtEMdAng_p_PFEdV34xGdCHgvOAUkn00P-EWXW3M7G7JM9DyiRJcwpVyXZVr2AH4u_TzhkU6HzYCYSTfT-jtizV43y-yp7shC0Iby0owAgoe1aCaN7yD3nfWCGpQNxIP5-AdLKaSNpprSRzs0RAIwP03DWvRjSIOKcNyfqPy8_EzAZbLS3lYmhy1p44K2HsU-JcBxAn2M8mgggQmNw0_CyoZE-uJvnXoilgQ4gN1Abcgydpz1nJ3SKrq-wwsL5pQf17nFaEBCvKu-A2t4-Caw-TCsY8iiq6tfSX4wEEeCfUyQYeyfbgczuadFTNrRFW0iHq5KzOuZT1cpdvymg62m34JLnoDdWfbTBNv3JQjsD8VQ9rm0t8k75B_ObhkD4k4rFhZrCp6X0_q---WX4hjnuFPxhcqUZzIwi0-30DIH5HGe5hIcc1YyjnQ6zyeNaHdtCHYyTyPhhZ6hIJMfPf_ZpcbH-rs91G9RewipMyh0gcRXi_dy84hhoY4JOBBnTMDjmnM0hPMBi-VtHT00MPidSu3V_nS8gK7qh70mgCRwhsHWfVJNEpTNA4pReEgRRN0hyzM5wHPZb6H3B4BqY2DrhCakXj4y0mNqTWjB8x2GrRnlyAsUGlB2af9MqwdGbLC5HV_0WlvjVkcZze0OPyIvqwXOCop3lsUrHxk9NUp0OwOL1dxrb-Q6AtrYn8hsxnJtrZ5tIRwEb5WUuMCQKD7QjwPtqO-bonBeoHHiFCGuE2ZyYtR0UARJhMaBVCTWfJMC7fJPfprpufkqzLDlUjqxSDjmcoqOX7qPCmGmekBdrWWXJhEJPyUEUgpVrr2IIMLJkU_r1ClRUQvCCupmVOril39hcKNKI8dO5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEBUGgfDc7UaminJ5zlQmtYLVaHcodejbvmZ4JNqwvtfxNjTcQOom_iFTCMkECjwUBFT_pzCrMi70MQeG3LwuwezLJPq3zZFh5AaC-TNoE29IYUYJddZNGEFHmQcG0kBTpY5GetWkinglZfJl16wgR5b3ZgYOO2DSpDQcfRPrDojM4jKWYSYWzH7Y3gNl5Buw0R481x5iv98E8x9kJDHjFR7ySrQItdKAHwFdAsTPIb_N8pw-VDmwYu_SvTtMWUWhIdjLZsz0jMK_9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-AUHLrNzpv4AYp_u7vDvFKOiECl11Dm3rCVy9yU7ugF2M-yupmYy30Mku3snNMgb9fFdG14Q0-SqgvdJkUSk8UmatIlCfkT6GUZca7VLOTYr2X5roEFjb-s8ai_0NatE1cnb9Q5RUDuR6cw899H0IlmGTRWY7CzldVqGOHqlIZT6kkNyNKX7H17PdxnuQdNafmYE6CYNb-iWwdA0 HTTP 302
  • https://p374591.myckdom.com/adServe/domainClick?ai=KH3sNciCPPoYAgm9ynsJlP9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-AUHLrNzpv4AYp_u7vDvFKOiECl5hIUoSdIVpfzrtSGNAreXMZPobn7-kZDAtHsaD3IZYdTFw91Ege6iD3YRp9_wtT4pqMeZyNV0wZDcyT2_ktIpBvf4RIcbQkdG5_eKxC-ZcL_NKpzYYcDJnb8rGSBAv6Yyd1PStxuG0qMhDqf7kErms2I4PkEiFU2BvD5txNaUfGEUiHXmOKv7rBZwfnlpzJlSTXaUkcwuEXenODIGejRLgAmUMWYQdn0ylodCoHR4T6cgv67OlVyRxWfBO_Pgkf9Lj9hxf0SJk0tVfUbfcXAU2dgRsl_cISdhzavJEfo6eseVq4GY9uFdcNqOvDdTKI0rAgV2R4ubIyh-8XWjYI5uwiDuXNfsXyfVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPPfR9CJZhk0VoEFjb-s8ai83hjWnQSPjuCQviv94DTfnHk3LrnkH9dTyhQ7SwsB-WrMYfaiuo_bz&ui=R40UBoveGXeRLtQOvXfjv_bWwvziNp_1xLgNeF8Zj-hQS0imVi9lH5CjXqHhw0FHobUpktIiD82nvzyGZHsRa2bfla8MkjkrJQ43Bu16yybCDjlEe1_N6Q&si=1&oref=510a36ce48c1eca1ce854976fd19f11f&optunit=v80qnNhhwMmdvysZIEC_pnnSiUDV5iGD&rb=oK90Xc5o3Yk&rr=1&isco=t&abtg=0
Request Chain 8
  • https://loadus.exelator.com/load/?p=204&g=92&j=0 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=92&j=0&xl8blockcheck=1 HTTP 302
  • https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=465597443686131bc327c7f8c9bd5a08&b=1692795658498
Request Chain 24
  • https://rd.connexity.net/rd2?mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913&t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3D16927956581300021369115861112008005%26utm_term%3D16927956581300021369115861112008005&br=16927956583832080985762275566000001&rf=af1&vsc=dau&rdrSerial=797d26a3-8b58-4470-9b1d-0e9f92eeb848&redirectId=16927956581300021369115861112008005 HTTP 302
  • https://www.elfcosmetics.com/?utm_source=Paid_Search&utm_medium=cpc&utm_campaign=connexity&cnxclid=16927956581300021369115861112008005&utm_term=16927956581300021369115861112008005
Request Chain 26
  • https://rd.connexity.net/rd2?mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913&t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3D16927956581300021369115861112008005%26utm_term%3D16927956581300021369115861112008005&br=16927956583832080985762275566000001&rf=af1&vsc=dau&rdrSerial=797d26a3-8b58-4470-9b1d-0e9f92eeb848&redirectId=16927956581300021369115861112008005 HTTP 302
  • https://www.elfcosmetics.com/?utm_source=Paid_Search&utm_medium=cpc&utm_campaign=connexity&cnxclid=16927956581300021369115861112008005&utm_term=16927956581300021369115861112008005

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p374591.myckdom.com/adServe/
Redirect Chain
  • https://www.ealfcosmetics.com/
  • https://myckdom.com/aS/feedclick?s=R40UBoveGXeRLtQOvXfjv48uDhK_8R6jaUOO1Sy8lLLqC2Y6bU4Xjp-I7bRFEJP0nIFjje5HrPodK7X5QIc3n0hfs9IVa7UG37q4Cgpg75MByokIpjiFKluxNC_VCHffxlOmzgR5fh3nQoQZVtH1UcHY6z5T2K7NFT...
  • https://p374591.myckdom.com/adServe/domainClick?ai=KH3sNciCPPoYAgm9ynsJlP9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-A...
665 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p374591.myckdom.com/adServe/domainClick?ai=KH3sNciCPPoYAgm9ynsJlP9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-AUHLrNzpv4AYp_u7vDvFKOiECl5hIUoSdIVpfzrtSGNAreXMZPobn7-kZDAtHsaD3IZYdTFw91Ege6iD3YRp9_wtT4pqMeZyNV0wZDcyT2_ktIpBvf4RIcbQkdG5_eKxC-ZcL_NKpzYYcDJnb8rGSBAv6Yyd1PStxuG0qMhDqf7kErms2I4PkEiFU2BvD5txNaUfGEUiHXmOKv7rBZwfnlpzJlSTXaUkcwuEXenODIGejRLgAmUMWYQdn0ylodCoHR4T6cgv67OlVyRxWfBO_Pgkf9Lj9hxf0SJk0tVfUbfcXAU2dgRsl_cISdhzavJEfo6eseVq4GY9uFdcNqOvDdTKI0rAgV2R4ubIyh-8XWjYI5uwiDuXNfsXyfVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPPfR9CJZhk0VoEFjb-s8ai83hjWnQSPjuCQviv94DTfnHk3LrnkH9dTyhQ7SwsB-WrMYfaiuo_bz&ui=R40UBoveGXeRLtQOvXfjv_bWwvziNp_1xLgNeF8Zj-hQS0imVi9lH5CjXqHhw0FHobUpktIiD82nvzyGZHsRa2bfla8MkjkrJQ43Bu16yybCDjlEe1_N6Q&si=1&oref=510a36ce48c1eca1ce854976fd19f11f&optunit=v80qnNhhwMmdvysZIEC_pnnSiUDV5iGD&rb=oK90Xc5o3Yk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
fbfcee0a484962bac11b585e787aec33524358609b208ba7ebd7e5aa6203157f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 23 Aug 2023 13:00:56 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 23 Aug 2023 13:00:56 GMT
location
https://p374591.myckdom.com/adServe/domainClick?ai=KH3sNciCPPoYAgm9ynsJlP9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-AUHLrNzpv4AYp_u7vDvFKOiECl5hIUoSdIVpfzrtSGNAreXMZPobn7-kZDAtHsaD3IZYdTFw91Ege6iD3YRp9_wtT4pqMeZyNV0wZDcyT2_ktIpBvf4RIcbQkdG5_eKxC-ZcL_NKpzYYcDJnb8rGSBAv6Yyd1PStxuG0qMhDqf7kErms2I4PkEiFU2BvD5txNaUfGEUiHXmOKv7rBZwfnlpzJlSTXaUkcwuEXenODIGejRLgAmUMWYQdn0ylodCoHR4T6cgv67OlVyRxWfBO_Pgkf9Lj9hxf0SJk0tVfUbfcXAU2dgRsl_cISdhzavJEfo6eseVq4GY9uFdcNqOvDdTKI0rAgV2R4ubIyh-8XWjYI5uwiDuXNfsXyfVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPPfR9CJZhk0VoEFjb-s8ai83hjWnQSPjuCQviv94DTfnHk3LrnkH9dTyhQ7SwsB-WrMYfaiuo_bz&ui=R40UBoveGXeRLtQOvXfjv_bWwvziNp_1xLgNeF8Zj-hQS0imVi9lH5CjXqHhw0FHobUpktIiD82nvzyGZHsRa2bfla8MkjkrJQ43Bu16yybCDjlEe1_N6Q&si=1&oref=510a36ce48c1eca1ce854976fd19f11f&optunit=v80qnNhhwMmdvysZIEC_pnnSiUDV5iGD&rb=oK90Xc5o3Yk&rr=1&isco=t&abtg=0
server
nginx
track
clkdeals.com/adServe/ 		49 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clkdeals.com/adServe/track?subid=90632168179&prdid=2750&price=0
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:57 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
aff
241.trackingms.com/adServe/ 		735 B
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://241.trackingms.com/adServe/aff?oid=989963&pid=294080&subid=90632168179&dp1=444231112&dp3=UNKNOWN
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=KH3sNciCPPoYAgm9ynsJlP9UKvqNkY02Qn5E-hlGXGtiHBraLSbQw53o6ZnNx3FpxgfrS4VZ-U_Mo3NaCfc5tu7T0n-zomaajZ3It5gxmjkktbsMnohwgCsW18YmDycn7BfOcUJ5egoOKfFW-AUHLrNzpv4AYp_u7vDvFKOiECl5hIUoSdIVpfzrtSGNAreXMZPobn7-kZDAtHsaD3IZYdTFw91Ege6iD3YRp9_wtT4pqMeZyNV0wZDcyT2_ktIpBvf4RIcbQkdG5_eKxC-ZcL_NKpzYYcDJnb8rGSBAv6Yyd1PStxuG0qMhDqf7kErms2I4PkEiFU2BvD5txNaUfGEUiHXmOKv7rBZwfnlpzJlSTXaUkcwuEXenODIGejRLgAmUMWYQdn0ylodCoHR4T6cgv67OlVyRxWfBO_Pgkf9Lj9hxf0SJk0tVfUbfcXAU2dgRsl_cISdhzavJEfo6eseVq4GY9uFdcNqOvDdTKI0rAgV2R4ubIyh-8XWjYI5uwiDuXNfsXyfVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPPfR9CJZhk0VoEFjb-s8ai83hjWnQSPjuCQviv94DTfnHk3LrnkH9dTyhQ7SwsB-WrMYfaiuo_bz&ui=R40UBoveGXeRLtQOvXfjv_bWwvziNp_1xLgNeF8Zj-hQS0imVi9lH5CjXqHhw0FHobUpktIiD82nvzyGZHsRa2bfla8MkjkrJQ43Bu16yybCDjlEe1_N6Q&si=1&oref=510a36ce48c1eca1ce854976fd19f11f&optunit=v80qnNhhwMmdvysZIEC_pnnSiUDV5iGD&rb=oK90Xc5o3Yk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.151 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
97.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 23 Aug 2023 13:00:57 GMT
server
nginx
vary
Accept-Encoding
track
clkdeals.com/adServe/ 		49 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clkdeals.com/adServe/track?subid=90632201959&prdid=2750&price=0
Requested by
Host: 241.trackingms.com
URL: https://241.trackingms.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:57 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
Primary Request rd2
rd.bizrate.com/
Redirect Chain
  • https://go.shopyourlikes.com/pi/39a9f07405e997116e7281a26286308da686ac75?afId=725724&afCampaignId=MF&afPlacementId=187216&afRid=90632201959
  • https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mi...
15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Requested by
Host: 241.trackingms.com
URL: https://241.trackingms.com/adServe/aff?oid=989963&pid=294080&subid=90632168179&dp1=444231112&dp3=UNKNOWN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:fdba:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
584d502448876c845c58720e9f4ccc36fe4e3b935ec59747a7f959ce25e2b9a5

Request headers

Referer
https://241.trackingms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-language
en-US
content-type
text/html;charset=UTF-8
date
Wed, 23 Aug 2023 13:00:57 GMT
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Aug 2023 13:00:57 GMT
location
https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
via
1.1 google
js
www.googletagmanager.com/gtag/ 		190 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4269abc9031de1efbf445fbd4efd2bbf96c0d5d8813f629e98cc5c46397f2db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 13:00:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71069
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Aug 2023 13:00:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 23 Aug 2023 13:00:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
p78vLttyEZDZAmB3qpNM+7jBNiTcd0+PqPBK7tj9sbdngL6OTOJy4hjsSuXTEBfb1z9IW7+iJWzgXjVlgi7ttQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 23 Aug 2023 13:00:58 GMT
last-modified
Fri, 28 Jul 2023 18:19:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 88FCE3F210954EB8B5A69A542C4D2D9B Ref B: MIAEDGE1918 Ref C: 2023-08-23T13:00:58Z
etag
"806f3b1280c1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12469
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 13:00:51 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
9DFD2N2ZSTKB6VQT
age
8
x-amz-server-side-encryption
AES256
x-amz-id-2
FyuBORDuC5wgK+YHLZJALGggD4M2iviW7o/39SB/PtkT/5vUKW3AyJ827koeUtLIj3V4RV+eSOLbglENRsieCg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
cse
pxl.connexity.net/c/
Redirect Chain
  • https://loadus.exelator.com/load/?p=204&g=92&j=0
  • https://loadus.exelator.com/load/?p=204&g=92&j=0&xl8blockcheck=1
  • https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=465597443686131bc327c7f8c9bd5a08&b=1692795658498
44 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=465597443686131bc327c7f8c9bd5a08&b=1692795658498
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
HTTP/1.1
Server
64.19.224.208 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
Software
nginx /
Resource Hash
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Aug 2023 13:00:58 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR CURa DEVa PSDo PSAo BUS COR UNI COM",an.pp="http://www.connexity.com/privacy",an.oo="http://www.connexity.com/privacy",an.bt="N"
Content-Type
image/gif
Cache-Control
no-store, max-age=-1, post-check=0, pre-check=0
Content-Transfer-Encoding
binary
Connection
keep-alive
Expires
-1

Redirect headers

date
Wed, 23 Aug 2023 13:00:58 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=465597443686131bc327c7f8c9bd5a08&b=1692795658498
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
17135630.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17135630.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 23 Aug 2023 13:00:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6D4A2548FD4249B1A0853CC943603DDA Ref B: MIAEDGE1918 Ref C: 2023-08-23T13:00:58Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17135630&Ver=2&mid=1071d1b0-c07c-4c6c-a855-51a05a47a7a5&sid=1a743aa041b511eea92e2d7a3f9ccd02&vid=1a74943041b511eebab819df684f9143&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&r=&lt=428&evt=pageLoad&sv=1&rn=823625
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 23 Aug 2023 13:00:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BFC13B718E60490FA7FAE2901C15A492 Ref B: MIAEDGE1918 Ref C: 2023-08-23T13:00:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17135630&Ver=2&mid=1071d1b0-c07c-4c6c-a855-51a05a47a7a5&sid=1a743aa041b511eea92e2d7a3f9ccd02&vid=1a74943041b511eebab819df684f9143&vids=0&msclkid=N&pagetype=searchresults&p=https%3A%2F%2Frd.bizrate.com%2Frd2&sw=1600&sh=1200&sc=24&evt=custom&rn=901142
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 23 Aug 2023 13:00:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3940891921ED48F6829CFF1DAB79CC4D Ref B: MIAEDGE1918 Ref C: 2023-08-23T13:00:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
10135448.json
s.yimg.com/wi/config/ 		2 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10135448.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 12:10:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
3VQ26W36N1K28FKH
age
3012
content-length
2
x-amz-id-2
0cDgScxth02APjgpkJD+H6RGUoTAQ4nCNrIpMF6n58gTRtak5/BrZA++zm0gtTRnbAFCGoH/BeYDHq4bjc6DFg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/?random=1692795658574&cv=11&fst=1692795658574&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&hn=www.googleadservices.com&frm=0&auid=1956761661.1692795659&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6bd83d07cc1c6d3397d695bc719714fd8f040450327b291b2c14c968b97d1b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1576
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/?random=1692795658592&cv=11&fst=1692795658592&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&hn=www.googleadservices.com&frm=0&auid=1956761661.1692795659&uamb=0&uaw=0&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d6f9138b18e8cbdcf889805171d633deb39ee58876c4c05236f8664ff8ca41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1599
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1593772137433234
connect.facebook.net/signals/config/ 		116 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1593772137433234?v=2.9.124&r=stable&domain=rd.bizrate.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f28a1ffe75586c2cec5e83e4d810bff48db2e6a7bd93938064ae53713e3d9917
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 23 Aug 2023 13:00:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
31335
x-xss-protection
0
pragma
public
x-fb-debug
Z24SWdUibmb3q2+xltI/CQy41slgF4EmYV33cI9w/6TJ02XhGOr8tEtM+hNDYK5wouRIKo6FrebfGDWnl/Ta2g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2023%20Aug%202023%2013%3A00%3A58%20GMT&n=10&.yp=10135448&f=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 23 Aug 2023 13:00:58 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10135448&f=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&enc=UTF-8&yv=1.15.1&et=custom&ea=ViewProduct&product_id=&tagmgr=gtm
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 23 Aug 2023 13:00:58 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=PageView&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=&if=false&ts=1692795658718&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692795658716.936797202&it=1692795658612&coo=false&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 23 Aug 2023 13:00:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=AddToCart&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=&if=false&ts=1692795658723&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22quantity%22%3A1%7D%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692795658716.936797202&it=1692795658612&coo=false&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 23 Aug 2023 13:00:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=ViewContent&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=&if=false&ts=1692795658724&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22mid%22%3A%22%22%2C%22atom%22%3A%22%22%7D%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=2&o=30&fbp=fb.1.1692795658716.936797202&it=1692795658612&coo=false&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 23 Aug 2023 13:00:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/1070533785/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070533785/?random=1692795658592&cv=11&fst=1692795600000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&frm=0&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D&fmt=3&is_vtc=1&random=953528352&rmt_tld=0&ipr=y
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1070533785/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070533785/?random=1692795658574&cv=11&fst=1692795600000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2019889094&rmt_tld=0&ipr=y
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial-redirect-publisher-min-javascript-abtest-remarketing
rd.bizrate.com/em/ 		43 B
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/em/interstitial-redirect-publisher-min-javascript-abtest-remarketing
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:fdba:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://rd.bizrate.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:00:58 GMT
via
1.1 google
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.elfcosmetics.com/
Redirect Chain
  • https://rd.connexity.net/rd2?mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308...
  • https://www.elfcosmetics.com/?utm_source=Paid_Search&utm_medium=cpc&utm_campaign=connexity&cnxclid=16927956581300021369115861112008005&utm_term=16927956581300021369115861112008005
0
0
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=Microdata&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fwww.elfcosmetics.com%252F%253Futm_source%253DPaid_Search%2526utm_medium%253Dcpc%2526utm_campaign%253Dconnexity%2526cnxclid%253DSZ_REDIRECT_ID%2526utm_term%253DSZ_REDIRECT_ID%26mid%3D316282%26dMid%3D316282%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Db79e3374317fac778f936ee8c03726c1%26af_id%3D725724%26af_rid%3D90632201959%26af_permalink_id%3D39a9f07405e997116e7281a26286308da686ac75%26cobrand%3D1%26af_placement_id%3D187216%26afCampaignId%3DMF%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=&if=false&ts=1692795660222&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=3&o=30&fbp=fb.1.1692795658716.936797202&it=1692795658612&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 23 Aug 2023 13:01:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.elfcosmetics.com/
Redirect Chain
  • https://rd.connexity.net/rd2?mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308...
  • https://www.elfcosmetics.com/?utm_source=Paid_Search&utm_medium=cpc&utm_campaign=connexity&cnxclid=16927956581300021369115861112008005&utm_term=16927956581300021369115861112008005
0
0
interstitial-redirect-publisher-min-javascript-abtest-remarketing
rd.bizrate.com/em/ 		43 B
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/em/interstitial-redirect-publisher-min-javascript-abtest-remarketing
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fwww.elfcosmetics.com%2F%3Futm_source%3DPaid_Search%26utm_medium%3Dcpc%26utm_campaign%3Dconnexity%26cnxclid%3DSZ_REDIRECT_ID%26utm_term%3DSZ_REDIRECT_ID&mid=316282&dMid=316282&tokenId=18P&bId=314&bidType=11&a=b79e3374317fac778f936ee8c03726c1&af_id=725724&af_rid=90632201959&af_permalink_id=39a9f07405e997116e7281a26286308da686ac75&cobrand=1&af_placement_id=187216&afCampaignId=MF&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:fdba:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rd.bizrate.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 13:01:02 GMT
via
1.1 google
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.elfcosmetics.com
URL
https://www.elfcosmetics.com/?utm_source=Paid_Search&utm_medium=cpc&utm_campaign=connexity&cnxclid=16927956581300021369115861112008005&utm_term=16927956581300021369115861112008005
Domain
www.elfcosmetics.com
URL
https://www.elfcosmetics.com/?utm_source=Paid_Search&utm_medium=cpc&utm_campaign=connexity&cnxclid=16927956581300021369115861112008005&utm_term=16927956581300021369115861112008005

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag string| google_tag object| dataLayer string| fb_tag function| fbq function| _fbq string| bing_tag object| uetq string| yahoo_tag object| dotq string| url boolean| enableHardCutoff number| delayBeforeRedirect object| collectedResources boolean| perfDataSent function| isResourceImgPixel function| isResourceSnapchatPixel function| isResourceYahooPixel function| isResourceCriteoPixel function| isResourceOutbrainPixel function| isResourceTaboolaPixel function| gatherTimingData function| getPixelChainSpan function| gatherResourceData function| sendBeacon function| elapsedSinceNavigationStart function| snapchatPixelFired function| onPixelFired function| onBeforeRedirect number| elapsedSinceNavStart number| hardCutoff function| UET function| UET_init function| UET_push object| ueto_348782bec6 object| YAHOO object| google_tag_manager object| google_tag_data object| GooglebQhCsO

23 Cookies

Domain/Path Name / Value
.myckdom.com/ Name: rhid
Value: 83569548824
.myckdom.com/ Name: loi
Value: ad_1194587_off_638358_aff_12590_cid_374591-EALFCOSMETICS.COM_ts_1692795656
241.trackingms.com/ Name: rhid
Value: 83569574808
.bizrate.com/ Name: sessionid
Value: 922756371511922458
.bizrate.com/ Name: br
Value: 16927956583832080985762275566000001
.bizrate.com/ Name: _data
Value: _time%3A%3Astart_time%3D1692795658%3Btimestamp%3D1692795658%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Daf1%3Brf2%3D%3Bvsc%3Ddau%3Baf_id%3D725724%3Baf_assettype_id%3D14%3Baf_creative_id%3D2913%3Baf_placement_id%3D187216%7Cdnt%3A%3Aon%3D0%3Bsrc%3D0
.bizrate.com/ Name: rng
Value: 1960931
.bizrate.com/ Name: redirect_data
Value: eyJvIjpbXSwibSI6WzMxNjI4Ml0sImMiOltdLCJiIjpbXX0=
.bizrate.com/ Name: roi_cookie
Value: 16927956581300021369115861112008005%7C316282
.bizrate.com/ Name: roi_mid_attr
Value: 316282%3A316282
.bizrate.com/ Name: _uetsid
Value: 1a743aa041b511eea92e2d7a3f9ccd02
.bizrate.com/ Name: _uetvid
Value: 1a74943041b511eebab819df684f9143
.exelator.com/ Name: EE
Value: "465597443686131bc327c7f8c9bd5a08"
.bat.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 24738028C29E6C2E2307935EC3F26D85
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHEzNTU0tzExNjMwszQ2DAp2djIPNk8zSLZMinFNNHAYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6otDgxUUpaQyLSopPBR8VtAMAXNUpGQ%253D%253D"
.bizrate.com/ Name: _gcl_au
Value: 1.1.1956761661.1692795659
.bizrate.com/ Name: _fbp
Value: fb.1.1692795658716.936797202
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yahoo.com/ Name: A3
Value: d=AQABBAoD5mQCEDckO6yucsF0JA7GrJH09XsFEgEBAQFU52TvZNxH0iMA_eMAAA&S=AQAAAuSf8D6x4fF2BNyWcCgA1Mc
.connexity.net/ Name: COu
Value: e8606bdedd07e1f5-075174e8c5cd0fcb-206ea6b59e82051d
.connexity.net/ Name: br
Value: 16927956583832080985762275566000001
.connexity.net/ Name: rf
Value: af1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

241.trackingms.com
bat.bing.com
clkdeals.com
connect.facebook.net
go.shopyourlikes.com
googleads.g.doubleclick.net
loadus.exelator.com
myckdom.com
p374591.myckdom.com
pxl.connexity.net
rd.bizrate.com
s.yimg.com
sp.analytics.yahoo.com
www.ealfcosmetics.com
www.elfcosmetics.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.elfcosmetics.com
167.172.228.26
2001:4998:1c:800::1001
2600:1901:0:fdba::
2607:f8b0:4006:809::2008
2607:f8b0:4006:80b::2002
2607:f8b0:4006:81d::2004
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
52.0.156.250
52.116.53.146
52.116.53.151
52.117.247.211
64.19.224.208
76.13.32.146
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
4269abc9031de1efbf445fbd4efd2bbf96c0d5d8813f629e98cc5c46397f2db6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
584d502448876c845c58720e9f4ccc36fe4e3b935ec59747a7f959ce25e2b9a5
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd
7d6f9138b18e8cbdcf889805171d633deb39ee58876c4c05236f8664ff8ca41a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bd83d07cc1c6d3397d695bc719714fd8f040450327b291b2c14c968b97d1b9
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28a1ffe75586c2cec5e83e4d810bff48db2e6a7bd93938064ae53713e3d9917
fbfcee0a484962bac11b585e787aec33524358609b208ba7ebd7e5aa6203157f