www.itcosmetics.com Open in urlscan Pro
104.16.109.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.itcosmetics.com/
Effective URL:
https://www.itcosmetics.com/
Submission: On September 08 via manual (September 8th 2022, 12:54:51 pm UTC) from US — Scanned from DE

Summary HTTP 273 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 83 IPs in 9 countries across 66 domains to perform 273 HTTP transactions. The main IP is 104.16.109.64, located in and belongs to CLOUDFLARENET, US. The main domain is www.itcosmetics.com. The Cisco Umbrella rank of the primary domain is 410372.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 27th 2022. Valid for: a year.

This is the only time www.itcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 116	104.16.109.64 104.16.109.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
1	108.138.5.161 108.138.5.161	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	52.2.212.202 52.2.212.202	14618 (AMAZON-AES) (AMAZON-AES)
1	96.16.152.25 96.16.152.25	16625 (AKAMAI-AS) (AKAMAI-AS)
2	96.16.158.4 96.16.158.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.88 65.9.66.88	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.58.151 65.9.58.151	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1 2	99.86.4.16 99.86.4.16	16509 (AMAZON-02) (AMAZON-02)
1	54.81.184.157 54.81.184.157	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::6812:2962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
11	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:883::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
4	2600:9000:211... 2600:9000:211a:5a00:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	54.92.215.160 54.92.215.160	14618 (AMAZON-AES) (AMAZON-AES)
1	34.253.252.176 34.253.252.176	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
2	104.18.6.131 104.18.6.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	92.123.36.231 92.123.36.231	16625 (AKAMAI-AS) (AKAMAI-AS)
5	34.225.5.197 34.225.5.197	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:27::... 2620:1ec:27::cafe:1586	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ea:... 2a02:26f0:ea:488::10f5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.15.235 104.18.15.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
1	143.204.215.79 143.204.215.79	16509 (AMAZON-02) (AMAZON-02)
9	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
1 2	3.67.157.21 3.67.157.21	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.31.243.109 52.31.243.109	16509 (AMAZON-02) (AMAZON-02)
1	184.51.8.30 184.51.8.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.125.132.50 3.125.132.50	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.127.128.58 3.127.128.58	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	54.77.35.16 54.77.35.16	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	54.77.57.168 54.77.57.168	16509 (AMAZON-02) (AMAZON-02)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	52.215.16.237 52.215.16.237	16509 (AMAZON-02) (AMAZON-02)
1	3.128.146.7 3.128.146.7	16509 (AMAZON-02) (AMAZON-02)
273	83

116 104.16.109.64 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.itcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.5.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-5-161.fra56.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.212.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-212-202.compute-1.amazonaws.com

7290682.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.152.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-152-25.deploy.static.akamaitechnologies.com

origin.extole.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.158.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-158-4.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-88.fra56.r.cloudfront.net

edd8a9329ddd.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-151.fra56.r.cloudfront.net

d22xmn10vbouk4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.16 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-16.fra6.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.184.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-184-157.compute-1.amazonaws.com

c9af38100f42442ba53ca110aad9dd52-edd8a9329ddd.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

8563001.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:883::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211a:5a00:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.239.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.92.215.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-215-160.compute-1.amazonaws.com

refer.itcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.252.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-252-176.eu-west-1.compute.amazonaws.com

p.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-px9gxgqy6v.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.6.131 (None, )

ASN13335 (CLOUDFLARENET, US)

itcosmetics.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.123.36.231 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-231.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.225.5.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-5-197.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1586 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea:488::10f5 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

origin.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.15.235 (None, )

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-79.fra53.r.cloudfront.net

static-assets.dev.fs.liveperson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.249.97.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.157.21 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.243.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-243-109.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.132.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-132-50.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.128.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-128-58.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.35.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.57.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-57-168.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.16.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-16-237.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.128.146.7 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-146-7.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
117	itcosmetics.com 2 redirects www.itcosmetics.com — Cisco Umbrella Rank: 410372 refer.itcosmetics.com	2 MB
15	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 4618 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4991	444 KB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	24 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814 sslwidget.criteo.com — Cisco Umbrella Rank: 2120 widget.us.criteo.com — Cisco Umbrella Rank: 23200 dis.criteo.com — Cisco Umbrella Rank: 946	13 KB
9	forter.com 1 redirects edd8a9329ddd.cdn4.forter.com — Cisco Umbrella Rank: 71856 cdn9.forter.com — Cisco Umbrella Rank: 5461 c9af38100f42442ba53ca110aad9dd52-edd8a9329ddd.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 5597	135 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 787 c.clarity.ms — Cisco Umbrella Rank: 1178 i.clarity.ms — Cisco Umbrella Rank: 6882	26 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1011	1 KB
7	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 4693 va.v.liveperson.net — Cisco Umbrella Rank: 5403	115 KB
6	px-cloud.net collector-px9gxgqy6v.px-cloud.net	1 KB
6	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4535 itcosmetics.attn.tv	81 KB
6	doubleclick.net 3 redirects 8563001.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	5 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 730	116 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1023	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 3469 adservice.google.de — Cisco Umbrella Rank: 5202	2 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 664 c.bing.com — Cisco Umbrella Rank: 408	13 KB
3	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1908	2 KB
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 3376	481 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 297	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 419	507 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 848	852 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1020	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 420	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	314 B
2	agkn.com d.agkn.com — Cisco Umbrella Rank: 929	593 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	112 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 993	20 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	17 KB
2	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 28110	76 KB
2	igodigital.com 7290682.collect.igodigital.com nova.collect.igodigital.com — Cisco Umbrella Rank: 6260	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	172 KB
2	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 7165 p.cquotient.com — Cisco Umbrella Rank: 6980	13 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2197	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 741	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2647	220 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 18828	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2899	183 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1563	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 2156	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 652	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2154	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1485	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 842	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 799	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 494	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 999	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1041	308 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1621	40 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 819	786 B
1	liveperson.com static-assets.dev.fs.liveperson.com — Cisco Umbrella Rank: 31291	1 KB
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 4208	179 B
1	xtlo.net origin.xtlo.net — Cisco Umbrella Rank: 32009	904 B
1	linksynergy.com consent.linksynergy.com — Cisco Umbrella Rank: 23211	277 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 870	353 B
1	t.co t.co — Cisco Umbrella Rank: 600	338 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 996	15 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 7154	12 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	14 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 994	8 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1040	368 B
1	cloudfront.net d22xmn10vbouk4.cloudfront.net	23 KB
1	extole.io origin.extole.io — Cisco Umbrella Rank: 37336	14 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 6449	48 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1811	44 KB
273	66

	Domain	Requested by
116	www.itcosmetics.com	2 redirects www.itcosmetics.com
11	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
9	lpcdn.lpsnmedia.net	lptag.liveperson.net
7	tr.snapchat.com	sc-static.net
6	accdn.lpsnmedia.net	lptag.liveperson.net
6	collector-px9gxgqy6v.px-cloud.net	www.itcosmetics.com
6	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
5	va.v.liveperson.net	lptag.liveperson.net
5	cdn0.forter.com
5	gum.criteo.com	4 redirects static.criteo.net
4	ct.pinterest.com	s.pinimg.com
4	cdn.attn.tv	www.googletagmanager.com cdn.attn.tv
3	i.clarity.ms	www.clarity.ms
3	ad.yieldlab.net
3	www.google.de
3	www.google.com	1 redirects
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	ad.sxp.smartclip.net	1 redirects
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	c.clarity.ms	1 redirects
2	fonts.googleapis.com	origin.extole.io
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	itcosmetics.attn.tv	cdn.attn.tv
2	www.facebook.com
2	d.agkn.com
2	connect.facebook.net	www.itcosmetics.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	8563001.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	cdn9.forter.com	1 redirects
2	lptag.liveperson.net	www.itcosmetics.com
2	static.ordergroove.com	www.itcosmetics.com static.ordergroove.com
2	www.googletagmanager.com	www.itcosmetics.com www.googletagmanager.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	static-assets.dev.fs.liveperson.com	lptag.liveperson.net
1	c.bing.com	1 redirects
1	events.attentivemobile.com	cdn.attn.tv
1	origin.xtlo.net	origin.extole.io
1	adservice.google.de	adservice.google.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	consent.linksynergy.com
1	mug.criteo.com
1	adservice.google.com	8563001.fls.doubleclick.net
1	p.cquotient.com	cdn.cquotient.com
1	refer.itcosmetics.com	origin.extole.io
1	analytics.twitter.com
1	t.co
1	region1.google-analytics.com	www.googletagmanager.com
1	static.ads-twitter.com	www.itcosmetics.com
1	tag.rmp.rakuten.com	www.itcosmetics.com
1	static.criteo.net	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	nova.collect.igodigital.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	c9af38100f42442ba53ca110aad9dd52-edd8a9329ddd.cdn.forter.com
1	d22xmn10vbouk4.cloudfront.net	www.googletagmanager.com
1	edd8a9329ddd.cdn4.forter.com	www.itcosmetics.com
1	origin.extole.io	www.itcosmetics.com
1	7290682.collect.igodigital.com	www.itcosmetics.com
1	cdn.cquotient.com	www.itcosmetics.com
1	cdn.evgnet.com	www.itcosmetics.com
1	www.googleoptimize.com	www.itcosmetics.com
273	87

This site contains links to these domains. Also see Links.

Domain
itcosmetics.attn.tv
careers.loreal.com
www.loreal.com
www.facebook.com
twitter.com
www.pinterest.com
instagram.com
www.youtube.com
optout.networkadvertising.org

Subject Issuer	Validity	Valid
www.itcosmetics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-27` - `2023-05-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-13` - `2023-04-12`	a year	crt.sh
*.cquotient.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
*.collect.igodigital.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
media.extole.com GeoTrust RSA CA 2018	`2022-07-25` - `2023-07-28`	a year	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2022-08-24` - `2023-08-10`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2021-11-16` - `2022-12-16`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.cdn.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-27`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-17` - `2022-09-15`	3 months	crt.sh
*.rmp.rakuten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-28` - `2023-02-17`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.attn.tv Amazon	`2022-04-04` - `2023-05-02`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
refer.itcosmetics.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-30` - `2023-09-29`	a year	crt.sh
consent.linksynergy.com GTS CA 1D4	`2022-09-07` - `2022-12-06`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2022-01-03` - `2023-01-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
cdn0.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-07`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2021-11-22` - `2022-11-21`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
dev.fs.liveperson.com Amazon	`2022-06-26` - `2023-07-25`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-03-22` - `2023-03-22`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.itcosmetics.com/
Frame ID: 724C1DA624091B6A40CBE1CE9B22CB3A
Requests: 257 HTTP requests in this frame

Frame: https://8563001.fls.doubleclick.net/activityi;dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F
Frame ID: B7B5BE1F6306762C7EB137AB620AA5E5
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf&u_scsid=a9ba931d-f15f-4297-a4a9-0e4b27efad7d&u_sclid=7367b5ae-89ff-4378-bc55-666453e8a96d
Frame ID: 45928BBD8AAF15952C2E32561EAEC50B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.itcosmetics.com&origin=onetag
Frame ID: 6EFC1F28EDF6D0281E94CF988966E0AE
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F
Frame ID: 056FF912A019BAA6E155358385012FBE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F
Frame ID: A584F4D8373FC4DF197725AD7C07621A
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 0C06DCD1AD70F6E5DA869A2BB7678A22
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 652EB57F15BA358FAA363B3EAF546D84
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-V83knYPh0iaRZ6MhOuae17d_EUWutTNnS2Dc8g&expires=30
Frame ID: 0171BB8ADAE82C772841BDB9C096D300
Requests: 28 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.itcosmetics.com&site=73595848&env=prod
Frame ID: B3B9581355F7974B4C1C2987B5DB2379
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

It Cosmetics | Makeup, Skincare & Brushes for the Most Beautiful You!

Page URL History Show full URLs

http://www.itcosmetics.com/ HTTP 301
https://www.itcosmetics.com/ Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Page Statistics

273
Requests

93 %
HTTPS

26 %
IPv6

66
Domains

87
Subdomains

83
IPs

9
Countries

4111 kB
Transfer

9946 kB
Size

91
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://itcosmetics.attn.tv/p/Hkq/landing-page
Title: Sign Up For SMS Sign Up To Be The First to Know About Exclusive Offers!

Search URL Search Domain Scan URL

URL: https://careers.loreal.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.loreal.com/en/usa/articles/contact-us/consumer-inquiries-usa/
Title: other L'Oreal brands

Search URL Search Domain Scan URL

URL: https://www.facebook.com/itcosmetics

Search URL Search Domain Scan URL

URL: https://twitter.com/itcosmetics

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/itcosmetics/

Search URL Search Domain Scan URL

URL: https://instagram.com/itcosmetics

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/itcosmetics

Search URL Search Domain Scan URL

URL: http://optout.networkadvertising.org/?c=1
Title: AdChoices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.itcosmetics.com/ HTTP 301
https://www.itcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js HTTP 301
https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client

Request Chain 113

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/2db60bcd3f422d7b3d72b61818aa04eda1b69d587f894765e9b73556eb90c716ac7f4bc8611153e6dff84dd1a571

Request Chain 126

https://8563001.fls.doubleclick.net/activityi;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F HTTP 302
https://8563001.fls.doubleclick.net/activityi;dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Request Chain 197

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=FOYZY6jQNfaUmLAPjcKwkAI&sscte=1&crd=&eitems=ChAI8KXmmAYQy9P6m-u4i8UYEh0AzvEQnmK2zaFS9KWW8NaVEG4lR5TkOf0cA8MnCw&pscrd=Ek5DaEFJOEtYbW1BWVF6cS10N0pUTmlkRkNFaVlBeUdpLXBlbldtTHQ1OXM5allNODg0dFlCS1hObnFxWFB0N0E2N1N6YnY4WTA0ZW12cHcaWkNoRUk4S1htbUFZUXpJS1AtY0Q3cXFxOEFSSXVBQkMtenI0LV85Wm93aVVlQS1QMExtQ01PMEphOWNCZUZXR2poMkl0bzE2T1lwaHdCLTBvVnJqenJxYXpvZw HTTP 302
https://www.google.com/pagead/1p-conversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtYbW1BWVF6cS10N0pUTmlkRkNFaVlBeUdpLXBlbldtTHQ1OXM5allNODg0dFlCS1hObnFxWFB0N0E2N1N6YnY4WTA0ZW12cHcaWkNoRUk4S1htbUFZUXpJS1AtY0Q3cXFxOEFSSXVBQkMtenI0LV85Wm93aVVlQS1QMExtQ01PMEphOWNCZUZXR2poMkl0bzE2T1lwaHdCLTBvVnJqenJxYXpvZw&is_vtc=1&ocp_id=FOYZY6jQNfaUmLAPjcKwkAI&cid=CAQSKQCsnQUxo6uA7W1hwyhY-oqQIsAfcpClwO9S_rMSVNvfXeiC7bKhZxbL&eitems=ChAI8KXmmAYQy9P6m-u4i8UYEh0AzvEQnhqGtbyjWdtecdOI638dqlXiMPk8ZVKYzw&random=3990334934&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtYbW1BWVF6cS10N0pUTmlkRkNFaVlBeUdpLXBlbldtTHQ1OXM5allNODg0dFlCS1hObnFxWFB0N0E2N1N6YnY4WTA0ZW12cHcaWkNoRUk4S1htbUFZUXpJS1AtY0Q3cXFxOEFSSXVBQkMtenI0LV85Wm93aVVlQS1QMExtQ01PMEphOWNCZUZXR2poMkl0bzE2T1lwaHdCLTBvVnJqenJxYXpvZw&is_vtc=1&ocp_id=FOYZY6jQNfaUmLAPjcKwkAI&cid=CAQSKQCsnQUxo6uA7W1hwyhY-oqQIsAfcpClwO9S_rMSVNvfXeiC7bKhZxbL&eitems=ChAI8KXmmAYQy9P6m-u4i8UYEh0AzvEQnhqGtbyjWdtecdOI638dqlXiMPk8ZVKYzw&random=3990334934&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 207

https://gum.criteo.com/sid/json?origin=onetag&domain=itcosmetics.com&sn=ChromeSyncframe&so=0&topUrl=www.itcosmetics.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=La-LsXxhLzZOUDVIYVcyZm0vMTl6RW9GTzQzbi9mYzRBVzdlNTJnMEpOVlI0WGlVaUNYUEthZlRiUDNnN3QyNWplVjNiR0VsVkRFV0lJdXN2aGtFMFlTNkZCa21xd0tESDJhYXB1aTVTNGlkYTNCVmsrd0tiaEFSdGVPa0NxdUFYZmlkUDVTSjFyRUFHL2tDZmZHZnNIMnpHL2hCcWtidWhWSk5KbkhSblNHWGlmdk1WWFAzM0Y0N3FDVmY1bjRyeW04SzZGcHZZd2IzWFNyYWxpTUhnVWNuR0cxVFdmL0FZY0NKS3ZNK0JKUkJ1UGlwdkFVTDQ1T3hBd3JvUmp1QzhMYmFQZTlXU0lkL0pOaGgxc0llWWRoaFBKZz09fA&cppv=2

Request Chain 213

https://sslwidget.criteo.com/event?a=53594&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AeEbf18xSDBtN1lZNjdPc0JBcWU3allwJTJGbVJiQUFKOHdXVWJyUUhrJTJGNE1WYzFBMEQzOW5sVjdnY2puMHhvZzFFQXljRnZEJTJCQyUyQnoyOEJQbXpQV2g4JTJGJTJCMXZEcTgyVkhxZm1NQ29iMFN3RWJlaGdBQkF0M1dpVElJUlk4eUFNaWlrRUp2MXpkS3p3QWJBNXdNQ2Z4bUVOVklKY3clM0QlM0Q&tld=itcosmetics.com&fu=https%253A%252F%252Fwww.itcosmetics.com%252F&dtycbr=2178 HTTP 302
https://widget.us.criteo.com/event?a=53594&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AeEbf18xSDBtN1lZNjdPc0JBcWU3allwJTJGbVJiQUFKOHdXVWJyUUhrJTJGNE1WYzFBMEQzOW5sVjdnY2puMHhvZzFFQXljRnZEJTJCQyUyQnoyOEJQbXpQV2g4JTJGJTJCMXZEcTgyVkhxZm1NQ29iMFN3RWJlaGdBQkF0M1dpVElJUlk4eUFNaWlrRUp2MXpkS3p3QWJBNXdNQ2Z4bUVOVklKY3clM0QlM0Q&tld=itcosmetics.com&fu=https%253A%252F%252Fwww.itcosmetics.com%252F&dtycbr=2178

Request Chain 230

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E64E9F58714B40DCAB274F7C6933B61C&RedC=c.clarity.ms&MXFR=19B7CBEA9F8267030A3ED9F39B8269EA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E64E9F58714B40DCAB274F7C6933B61C&MUID=04CC075222AD6CC22995154B23016D47

Request Chain 239

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-V83knYPh0iaRZ6MhOuae17d_EUWutTNnS2Dc8g&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-V83knYPh0iaRZ6MhOuae17d_EUWutTNnS2Dc8g&expires=30

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hJAOgIPh0iaRZ6MhOuae17d_EUXgU6N4qoV7Fw&google_cm&google_hm=ay1oSkFPZ0lQaDBpYVJaNk1oT3VhZTE3ZF9FVVhnVTZONHFvVjdGdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hJAOgIPh0iaRZ6MhOuae17d_EUXgU6N4qoV7Fw&google_gid=CAESEKp1S5PUlIvhHKedbyw5wrw&google_cver=1&google_ula=913071,0

Request Chain 241

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4250082167376643176

Request Chain 242

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-yrEO2IPh0iaRZ6MhOuae17d_EUVel0uVs7UnhQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-yrEO2IPh0iaRZ6MhOuae17d_EUVel0uVs7UnhQ&C=1

Request Chain 243

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-02t1BIPh0iaRZ6MhOuae17d_EUWWiJqkZQMlSQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-02t1BIPh0iaRZ6MhOuae17d_EUWWiJqkZQMlSQ

Request Chain 254

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nOg1MoPh0iaRZ6MhOuae17d_EUW4gYWuhqTnBA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nOg1MoPh0iaRZ6MhOuae17d_EUW4gYWuhqTnBA&verify=true

Request Chain 258

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=upMBtAoxyEeN61kvJ0mvNELVL4MCuVnh HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=upMBtAoxyEeN61kvJ0mvNELVL4MCuVnh

Request Chain 259

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-ZdZwJYPh0iaRZ6MhOuae17d_EUWSuyROo1CH8w HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-ZdZwJYPh0iaRZ6MhOuae17d_EUWSuyROo1CH8w&ang_testid=1

Request Chain 275

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dB2shSwaJN3iTQCQpKI28c135P7BbY4j

Request Chain 278

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JdHb12277zBXow6oUi5wfOyXPGOe_ryw

273 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.itcosmetics.com/
Redirect Chain

http://www.itcosmetics.com/
https://www.itcosmetics.com/

485 KB
59 KB

1087ms
1060ms

Document
text/html

104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0334b98dd6e47a3f1a52bd0136ed903792f41f47dd4b97dbdfc531293a68cf8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7477d5913ff79945-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Thu, 08 Sep 2022 12:54:43 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=86400
vary: accept-encoding
x-content-type-options: nosniff
x-dw-request-base-id: TzhODRvPGWMBAAB_
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
CF-RAY: 7477d58fad986925-FRA
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Sep 2022 12:54:42 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://www.itcosmetics.com/
Pragma: no-cache
Server: cloudflare
X-DWSID-SAMESITE: None

GET
H2 200 abe3d3a9-c990-459f-9407-54ac96cd2f00.woff2
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/fonts/ 22 KB
22 KB 136ms
133ms Font
font/woff2 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/fonts/abe3d3a9-c990-459f-9407-54ac96cd2f00.woff2

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0db3afa73d9589b36ee4238e285ef43dea306eeb2636bcaac21c0d865705180

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.itcosmetics.com/
Origin: https://www.itcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:17:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
accept-ranges: bytes
cf-ray: 7477d5988d8a9945-FRA
x-dw-request-base-id: TzhFqvnNGWMBAAB_
content-length: 22364
expires: Sat, 08 Oct 2022 11:12:04 GMT

GET
H2 200 b2eb2ad6-3170-4f0b-a83a-e30e6d288041.woff2
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/fonts/ 21 KB
21 KB 42ms
40ms Font
font/woff2 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/fonts/b2eb2ad6-3170-4f0b-a83a-e30e6d288041.woff2

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e1ff92bdeb6550c662a97be78315216c99f3aab07d89a068d678f38761ccfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.itcosmetics.com/
Origin: https://www.itcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:17:58 GMT
server: cloudflare
age: 4117
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
accept-ranges: bytes
cf-ray: 7477d5988d929945-FRA
x-dw-request-base-id: TzhHqvnNGWMBAAB_
content-length: 21576
expires: Sat, 08 Oct 2022 11:11:53 GMT

GET
H2 200 ca8dded6-b7b2-4d3c-b45e-a32de5023d4d.woff2
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/fonts/ 21 KB
21 KB 30ms
28ms Font
font/woff2 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/fonts/ca8dded6-b7b2-4d3c-b45e-a32de5023d4d.woff2

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

251418d4290ae75b77edbbca52c861ca8c7dea4e531db638d187665af234cd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.itcosmetics.com/
Origin: https://www.itcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:17:58 GMT
server: cloudflare
age: 4117
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
accept-ranges: bytes
cf-ray: 7477d5988d939945-FRA
x-dw-request-base-id: TzhEqvnNGWMBAAB_
content-length: 21784
expires: Sat, 08 Oct 2022 11:11:53 GMT

GET
H2 200 commons.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/ 3 MB
2 MB 34ms
32ms Stylesheet
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/commons.css

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0cbf6adf9f9f052b69e73c25d5b79c0f6aa3bf4883cf64e99556d896133f427

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:18:04 GMT
server: cloudflare
age: 4113
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
cf-ray: 7477d5988d8f9945-FRA
x-dw-request-base-id: nJ_8L_nNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:53 GMT

GET
H2 404 home.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/ 0
0 138ms
136ms Stylesheet
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/home.css

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
strict-transport-security: max-age=86400
content-type: text/html;charset=ISO-8859-1
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
x-error: 1
cf-ray: 7477d5988d909945-FRA
x-dw-request-base-id: Tzg5EhPmGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 115 KB
44 KB 67ms
29ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PQ2M7FW

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

110a7354ad9b694308726ca072f9ff6862190c3ec62ef24c181668fc48b89b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44605
x-xss-protection: 0
expires: Thu, 08 Sep 2022 12:54:43 GMT

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/loreal/itcosmetics/scripts/ 182 KB
48 KB 158ms
105ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/loreal/itcosmetics/scripts/evergage.min.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3328ad89cd2372cd8243edd24ca4fa769078a88b280b0f6beaf70467ce2c9896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: wexZQ6Hbn2__fekxmWoa_aE6nDxBakKz
content-encoding: gzip
etag: "02bb71c1ca51ea9619ae6372a1d74b9f"
timing-allow-origin: *
age: 67
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 48116
x-amz-id-2: yDlwzxa8+SZbGYtalz7dAlPADLGXG+UIUWdttuuMATJebLI/MmPI+TbF3uT6DhRU9bl88NfC7tg=
x-served-by: cache-iad-kiad7000142-IAD, cache-hhn4036-HHN
x-amz-meta-evergage-sum: 6e85625d646aa60ab2d4f2367a5aa0c658d444ba
last-modified: Fri, 26 Aug 2022 13:04:38 GMT
server: AmazonS3
x-timer: S1662641683.336474,VS0,VE95
date: Thu, 08 Sep 2022 12:54:43 GMT
vary: Accept-Encoding
x-amz-request-id: HATZEE2JW97V7ZF0
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 1, 1

GET
H2 200 pagedesigner.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/ 70 KB
11 KB 28ms
27ms Stylesheet
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/pagedesigner.css

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b86fa65d4d3f275ed38000094c7f815c6709fea43aab0b8a0eaa12b76256c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:18:04 GMT
server: cloudflare
age: 832
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
cf-ray: 7477d5988d919945-FRA
x-dw-request-base-id: nJ8AQB7OGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:30 GMT

GET
H2 200 NAV_DESK_OFF_705x400.jpg
www.itcosmetics.com/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwcdcc50c5/Loyalty/ 13 KB
14 KB 29ms
25ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwcdcc50c5/Loyalty/NAV_DESK_OFF_705x400.jpg

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8ec9a70e24c4d3e08071add300fbc4e8fee66e864a597cdcf78fe4f2830ca04

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
vary: Accept
cf-cache-status: HIT
age: 116779
cf-polished: qual=85, origFmt=jpeg, origSize=85734
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="NAV_DESK_OFF_705x400.webp"
content-length: 13646
last-modified: Wed, 31 Aug 2022 21:21:51 GMT
server: cloudflare
strict-transport-security: max-age=86400
content-type: image/webp
expires: Fri, 07 Oct 2022 04:18:17 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7477d599dfee9945-FRA
x-dw-request-base-id: TzheLYkbGGMBAAB_
cf-bgj: imgq:85,h2pri

GET
H2 200 d-1-loyalty-is-here-hero-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw6b8cdf37/_NGL/2022/Homepage/09-September/ 29 KB
29 KB 29ms
26ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw6b8cdf37/_NGL/2022/Homepage/09-September/d-1-loyalty-is-here-hero-090722.jpg?sw=2000&sh=708&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98485b658d66a1fe9fe5bd5887f73c4649b30c7deda1a9fdd7de780451510ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 114446
cf-polished: origSize=33675, status=webp_bigger
x-cache: Miss from cloudfront
content-length: 29824
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:35 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=708&sm=cut&q=10
etag: "d7f526dcd6a1021e28fb0a7039256959"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 7477d599dfef9945-FRA
x-amz-cf-id: KIlPukh3JGwmvGmmnLbBD5f_zul61O-iD-Jkc1CLBd5OjsrjnUODUQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-2-loyalty-is-here-join-now-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw88ac5a6d/_NGL/2022/Homepage/09-September/ 3 KB
3 KB 34ms
30ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw88ac5a6d/_NGL/2022/Homepage/09-September/d-2-loyalty-is-here-join-now-090722.jpg?sw=1800&sh=290&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10f937430eee7b5ddd087a222bdac3f1f0f8a8d336cae98b936333863346465e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 114446
cf-polished: qual=85, origFmt=jpeg, origSize=4920
x-cache: Miss from cloudfront
content-disposition: inline; filename="d-2-loyalty-is-here-join-now-090722.webp"
content-length: 3208
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:34 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1800&sh=290&sm=cut&q=10
etag: "b4c2bba4f7a5d1f6e3ed8ed3a2176ff7"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 7477d599dff09945-FRA
x-amz-cf-id: d-zJSyKYuqWfawhCiBtOkPaNGwAid_Fw2nfQyQvfLBVnSWzn7aW5yA==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-3-loyalty-is-here-learn-more-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwf79e815a/_NGL/2022/Homepage/09-September/ 4 KB
5 KB 26ms
22ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwf79e815a/_NGL/2022/Homepage/09-September/d-3-loyalty-is-here-learn-more-090722.jpg?sw=1800&sh=290&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8426a54f703cbc82bf7006b803978a94bd4d704471ccb947b059093ffd8c9e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 114446
cf-polished: qual=85, origFmt=jpeg, origSize=5348
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Aeo.q4Ed7FZIZBhjxbOiBzycGCEzdMIcdsPRP1c.7LE-1662641683-0-AYvMfkO4ND5SP_l3vEpu40o2dexsnTaIdE8LZSCxd5gipyvO_fwsIh44m7YQccUUAC2XeNc4IJhDoY67SAs2Gdry8r3f9jYS8ihLkFMSqR5u; report-to cf-csp-endpoint
x-cache: Miss from cloudfront
content-disposition: inline; filename="d-3-loyalty-is-here-learn-more-090722.webp"
content-length: 3826
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:35 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1800&sh=290&sm=cut&q=10
etag: "d9a51bbcf8c93c562f35026b68341cf4"
strict-transport-security: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Aeo.q4Ed7FZIZBhjxbOiBzycGCEzdMIcdsPRP1c.7LE-1662641683-0-AYvMfkO4ND5SP_l3vEpu40o2dexsnTaIdE8LZSCxd5gipyvO_fwsIh44m7YQccUUAC2XeNc4IJhDoY67SAs2Gdry8r3f9jYS8ihLkFMSqR5u"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 7477d599dff19945-FRA
x-amz-cf-id: JE5AIwVnwWWl0CafyQ2PYBDKq_sD9RJ7Z6ylehKUt4k4KMphYin4aw==
cf-bgj: imgq:85,h2pri

GET
H2 200 category.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/ 0
12 KB 20ms
20ms Other
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/category.css

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:18:04 GMT
server: cloudflare
age: 4114
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
cf-ray: 7477d59c6c5b9945-FRA
x-dw-request-base-id: nJ8iSjfOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:55 GMT

GET
H2 200 product.css
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/ 0
31 KB 55ms
55ms Other
text/css 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/product.css

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:18:04 GMT
server: cloudflare
age: 4117
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
cf-ray: 7477d59c7c679945-FRA
x-dw-request-base-id: nJ8hSjfOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:55 GMT

GET
H2 200 d-2-sun-kissed-hero.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw89012e18/_NGL/2022/Homepage/09-September/ 13 KB
13 KB 31ms
28ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw89012e18/_NGL/2022/Homepage/09-September/d-2-sun-kissed-hero.jpg?sw=2000&sh=410&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e67c02bcda6363d62d90571b8fde671d522c8ab6ffdad835dc0eba02248328de

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 195435
cf-polished: origSize=15253, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 13369
x-amz-expiration: expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 06 Sep 2022 04:00:29 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=410&sm=cut&q=10
etag: "0dfa131d1b93239bfbdc0c225ef4a87e"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 7477d599dff39945-FRA
x-amz-cf-id: 5hvqUb6TM0eBh8QY3klqhh0hHZB5GTGz48m0m1kjQTne2EUz1fToBg==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-05-sun-kissed-products.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw0264d5ba/_NGL/2022/Homepage/09-September/ 37 KB
37 KB 29ms
26ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw0264d5ba/_NGL/2022/Homepage/09-September/d-05-sun-kissed-products.jpg?sw=2000&sh=985&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e018262bb7186aee74e5084d2c4e76b94a30f96663b6dccc57b324c4e91f0d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 441869
cf-polished: origSize=43044, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 37468
x-amz-expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 30 Aug 2022 04:00:52 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=985&sm=cut&q=10
etag: "430b77a2853dba08a0f5e176ad9564c6"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 7477d599dff49945-FRA
x-amz-cf-id: 7zzJAMmrt_vhBcPzE5B2JaK027JkUubp2Ac_FlpXcwDIQmkEw1HRug==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-07-edit-blog.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw74b55e29/_NGL/2022/Homepage/09-September/ 19 KB
19 KB 30ms
27ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw74b55e29/_NGL/2022/Homepage/09-September/d-07-edit-blog.jpg?sw=1998&sh=493&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e02c11df6ef18a787dcd1241783485ff25e699e1b510c142dc296e9dad533d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 451176
cf-polished: origSize=21723, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 19381
x-amz-expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 30 Aug 2022 04:02:57 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1998&sh=493&sm=cut&q=10
etag: "1eaceb81c7d0278a2c1a70608de6552c"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 7477d599dff59945-FRA
x-amz-cf-id: 1f824jFKwZVOINevEeKcNRnz7M0cJkW3MqrQi6Aks5z-_j6CBHbvrQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-5-new-formula-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwd0785214/_NGL/2022/Homepage/09-September/ 18 KB
18 KB 26ms
23ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwd0785214/_NGL/2022/Homepage/09-September/d-5-new-formula-090722.jpg?sw=2000&sh=625&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fab1712604357dd1cc0ff01023494329e6dd4eb55fd6a51d1fa789f22692bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 114446
cf-polished: origSize=21745, status=webp_bigger
x-cache: Miss from cloudfront
content-length: 18580
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:35 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=625&sm=cut&q=10
etag: "546ce4f4555434e56d62fda19f26fdc8"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 7477d599dff89945-FRA
x-amz-cf-id: VrT_aSVybMi03s-pCxgWWNofIW3wIfVg6Jq7Azl7RcyUa_km8YMnEA==
cf-bgj: imgq:85,h2pri

GET
H2 200 noimagelarge.png
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw1be72986/images/ 14 KB
15 KB 32ms
29ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw1be72986/images/noimagelarge.png?sw=2000&sh=625&sm=cut

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14fe50d547e7e032f9ada962dcf025f7602940a80aba55dd59d4f211707861b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 13304
cf-polished: origFmt=png, origSize=25628
x-cache: Hit from cloudfront
content-disposition: inline; filename="noimagelarge.webp"
content-length: 14492
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:35 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=625&sm=cut
etag: "14b0c9276cddfef7727ef65e7bb52b81"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 7477d599dffa9945-FRA
x-amz-cf-id: tNplya69ByAepswIDKat1fAlATeRvIaV6NsPWmW58d81u7KbRxQuNg==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-10-caw-header.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwccf013c7/_NGL/2022/Homepage/09-September/ 15 KB
15 KB 42ms
39ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwccf013c7/_NGL/2022/Homepage/09-September/d-10-caw-header.jpg?sw=2000&sh=278&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e52abc32cd3562999850ec1890b9917ad97dc0f95e56f232fb44ada82389c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 796522
cf-polished: origSize=16241, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 15306
x-amz-expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 30 Aug 2022 04:00:51 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=278&sm=cut&q=10
etag: "582ca40e7d4dd858018a78bf38624d77"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC50-P2
accept-ranges: bytes
cf-ray: 7477d599dffb9945-FRA
x-amz-cf-id: Gs7eLOMA5TAzs_0WvP6RInf9o6XAPqwjUYAphDCQuHX8-bRtdIXT4Q==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-12-CAW-new-ep4-091222.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw1aac0453/_NGL/2022/Homepage/09-September/ 21 KB
22 KB 31ms
29ms Image
image/jpeg 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw1aac0453/_NGL/2022/Homepage/09-September/d-12-CAW-new-ep4-091222.jpg?sw=2000&sh=640&sm=cut&q=10

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee84dc5d9aaf000558e082a98dbbd19607446da62f1d399914a4bbbd8c90878

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 529793
cf-polished: origSize=25972, status=webp_bigger
x-cache: Hit from cloudfront
content-length: 21924
x-amz-expiration: expiry-date="Tue, 03 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Fri, 02 Sep 2022 04:16:02 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=640&sm=cut&q=10
etag: "3c0cce329aa0be8f6f025f62a5c75a25"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC50-P1
accept-ranges: bytes
cf-ray: 7477d599dffc9945-FRA
x-amz-cf-id: Wd0MV-IXAVV-l3aqWFsIzyhd2uWmedrjw9iWjWHcOELIvyiLEx3ZHQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 noimagelarge.png
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw1be72986/images/ 14 KB
15 KB 35ms
32ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw1be72986/images/noimagelarge.png?sw=2000&sh=640&sm=cut

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f224276b5fa736d9fea1691f422101dcf15648a08a21be2f44fed726378168

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 534498
cf-polished: origFmt=png, origSize=25710
x-cache: Hit from cloudfront
content-disposition: inline; filename="noimagelarge.webp"
content-length: 14580
x-amz-expiration: expiry-date="Tue, 03 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Fri, 02 Sep 2022 04:16:02 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=640&sm=cut
etag: "2344ff4e11fde68e2b28c2e28d16d60c"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
cf-ray: 7477d599d8089945-FRA
x-amz-cf-id: gN9B0nSzsm1VaosImWQtUvepm5uZZ2VjPzEplMCf-VPBXaiEj4f9lQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 system.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/ 61 KB
20 KB 46ms
46ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2364a95d77ab31c40fe7a2757c41b16f6c9d3337f1132aabe89b41f045d4d453

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4115
cf-polished: origSize=62042
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=BC8O.2dacZ5t_hsa3NtiA196XKqtNJjO5ktp19mh48c-1662641683-0-AUt0wWhS0wqgQ9ysWlrnsyRikA1ztVTHQwKxj6BSVW6YI3G4TqSP1x1eYjjI-z2_-UuvSw27_I4MEo0u0H_RSjwo6OaU9nWsyW_9XPM8MmQY; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:18:04 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=BC8O.2dacZ5t_hsa3NtiA196XKqtNJjO5ktp19mh48c-1662641683-0-AUt0wWhS0wqgQ9ysWlrnsyRikA1ztVTHQwKxj6BSVW6YI3G4TqSP1x1eYjjI-z2_-UuvSw27_I4MEo0u0H_RSjwo6OaU9nWsyW_9XPM8MmQY"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5995f209945-FRA
x-dw-request-base-id: nJ8DMPnNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:53 GMT

GET
H2 200 system.config.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/ 5 KB
1 KB 19ms
19ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/system.config.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

496fda5e6e8fe055bca1d59dbe58eb117f652162a4e4ac71581e271252a14bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:18:04 GMT
server: cloudflare
age: 2266
strict-transport-security: max-age=86400
content-type: application/javascript
expires: Sat, 08 Oct 2022 11:11:53 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 7477d5998f899945-FRA
x-dw-request-base-id: TzhlqvnNGWMBAAB_
cf-bgj: minify

GET
H2 200 main.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/ 107 KB
30 KB 28ms
24ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c626e54448abec6cfd5b89a73fa25ecbc044fc5fc8fc2cab1fa5aa7d176311

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
age: 4115
strict-transport-security: max-age=86400
content-type: application/javascript
expires: Sat, 08 Oct 2022 11:11:53 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 7477d599dfec9945-FRA
x-dw-request-base-id: nJ8GMPnNGWMBAAB_
cf-bgj: minify

GET
H2 200 dwanalytics-22.2.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/internal/jscript/ 6 KB
3 KB 32ms
30ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/internal/jscript/dwanalytics-22.2.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4511892ecdaa2a08bfc5933e7d31f3bdeee5f706c462cb717c802718908a670c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=6582
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 11:11:53 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d599d80a9945-FRA
x-dw-request-base-id: nJ8EMPnNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:53 GMT

GET
H2 200 dwac-21.7.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/internal/jscript/ 5 KB
2 KB 33ms
31ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/internal/jscript/dwac-21.7.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4114
cf-polished: origSize=5013
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 11:11:53 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d599d80c9945-FRA
x-dw-request-base-id: nJ8FMPnNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:53 GMT

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 36 KB
12 KB 431ms
8ms Script
application/javascript 108.138.5.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-161.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 763d80ad2762d19427ede3533948edeab03053d9ee02ee0efb04ce036f5bfc54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:54:24 GMT
content-encoding: gzip
etag: W/"4522775df3bc6a8e53800401880a686c"
last-modified: Tue, 02 Aug 2022 19:14:05 GMT
server: AmazonS3
age: 64820
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: KD3vafPW4mZA9uNA2_5qy4_72bTlKkuGBXntrGuxZqjmYWQj_yEnpg==

GET
H2 200 applepay.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/internal/jscript/ 9 KB
3 KB 38ms
37ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/internal/jscript/applepay.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad8df0436390cc4a60f3d7cffb9022a4f7689478cac55850b003cb54090ed6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4114
cf-polished: origSize=14299
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 11:11:53 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d599d80d9945-FRA
x-dw-request-base-id: nJ8LMPnNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:53 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcea81d3e67e2fdc5254f53683cfddbf565986e1532e98660794f6858f7d3bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 322 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 625b09fb66338f120e423ce8c17ef8572e1c8655567b0c200295d714bfb9a275

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1449a249cafa5d97665fc3f951b25af408e764da2331db5d28512c0c6ecb6b3

Request headers

Referer
Origin: https://www.itcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 169 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25527182f0620335353c003f9384595d974209372f7d572750e3603e72f7df7f

Request headers

Referer
Origin: https://www.itcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 862 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629baa0fc58ae514f04a691ac1659cebc319097d6f150578ad86f632450f1f27

Request headers

Referer
Origin: https://www.itcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 521 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 946eb51a4db615c248ff091064b7bd86cae9d3de2d63a215f6e497eee4c46409

Request headers

Referer
Origin: https://www.itcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c420b139a1281cdb3054c54273f4c50997f2b6339af9abc1f0f797e6eda8be7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 329 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5ecb6ad4f675f9df8ba0fd750ce33eacaf62165cb19ac362a6ec55370c163f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1004 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd9968b9b02a071109956be7f86ebcc3b4a4bed51a29607d994669194475e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5353e423e58b50962094e71cfb5803495fa553fb96698ba59da3e5a204ae3688

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 805 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aade51ce3310e6aa1794edbf6a2959858bb2d50aaa9b3c2f1f157a18ecfe71ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 718 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14f28f098b13d5c561ff37cd01a2231a36a3bfd5660920bfd09af979b7642e37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab7c20c44d76075631ecfbabe7e87d69f6c4fa8d6979f119873199eb9ead8b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 657 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2134a524ecf79823a078a106a9a6ff708b36de3992d506f75e2a2bdc7696e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 413 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 603d86c3026caf81ac8e159b855009beac8b36fbb27c9b6f0583ae26ae6ca406

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 storeon@0.9.8.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/npm/ 50 B
235 B 22ms
22ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/npm/storeon@0.9.8.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93dacc32c27b2d2a3aab7da2a72c8ea6133d5afa1d4dbcafec50406151fb09d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=52
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:16:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59ced3c9945-FRA
x-dw-request-base-id: TziIqvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 index.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/npm/storeon@0.9.8/ 760 B
475 B 21ms
21ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/npm/storeon@0.9.8/index.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08c94d790fe90cfdf7477fb45dcc6bd5de696e05f6082350be1ffc5e7a585ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=2735
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:16:31 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d0d7b9945-FRA
x-dw-request-base-id: nJ89MPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 d-1-loyalty-is-here-hero-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw6b8cdf37/_NGL/2022/Homepage/09-September/ 80 KB
81 KB 26ms
25ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ada3089ed6732f56332e71740554451b0ac5616f66b8f42a1f4e837412af64

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 114447
cf-polished: qual=85, origFmt=jpeg, origSize=97020
x-cache: Miss from cloudfront
content-disposition: inline; filename="d-1-loyalty-is-here-hero-090722.webp"
content-length: 82382
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:36 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=708&sm=cut&q=70
etag: "5df300b3ad24ce77b01dec23763d352a"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 7477d59d5dfe9945-FRA
x-amz-cf-id: AXyTpImMeWIiUxDgY0UU0xSFlbJE5AZadLDLPb6ZrhzZyF9a2MiPSA==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-2-loyalty-is-here-join-now-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw88ac5a6d/_NGL/2022/Homepage/09-September/ 3 KB
4 KB 27ms
26ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5242b000934ce82895ad0aadcdfa0facf41a776d1c12f0fd1636e2373e573d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 114445
cf-polished: qual=85, origFmt=jpeg, origSize=7597
x-cache: Miss from cloudfront
content-disposition: inline; filename="d-2-loyalty-is-here-join-now-090722.webp"
content-length: 3300
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:35 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1800&sh=290&sm=cut&q=70
etag: "411722685006cbb8e27e0d9e903ee5fe"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 7477d59d5e029945-FRA
x-amz-cf-id: j6Ec_0gbSBMvtECAtkQR-rthP_awz-rNScGkErFNPmtdIEPV1VRS5g==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-3-loyalty-is-here-learn-more-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dwf79e815a/_NGL/2022/Homepage/09-September/ 4 KB
4 KB 40ms
40ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d25b1dfbe199cf375a409c9f317c16c4f501e8b980158ec98f2db23a40326d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 114445
cf-polished: qual=85, origFmt=jpeg, origSize=9125
x-cache: Miss from cloudfront
content-disposition: inline; filename="d-3-loyalty-is-here-learn-more-090722.webp"
content-length: 3804
x-amz-expiration: expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 07 Sep 2022 04:00:35 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=1800&sh=290&sm=cut&q=70
etag: "85822ee62676909912a7c89f9b511f93"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 7477d59d5e049945-FRA
x-amz-cf-id: T0A5Bs1bYxVdI6MpFlZ9SSuZJE_QqHTezNkB_XwGYaGBlov-4hzUxw==
cf-bgj: imgq:85,h2pri

GET
H2 200 d-4-loyalty-is-here-pink-bar-090722.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw094c4d78/_NGL/2022/Homepage/09-September/ 136 B
531 B 41ms
40ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw094c4d78/_NGL/2022/Homepage/09-September/d-4-loyalty-is-here-pink-bar-090722.jpg?sw=2000&sh=14&sm=cut&q=70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160499d18e0764906e1de960e76276443ef10bdc8b8b17a41dcb8ede822509c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 114445
x-amzn-requestid: 29909f75-f930-4030-90f5-1c6963c2e5d3
x-cache: Hit from cloudfront
content-disposition: inline; filename="d-4-loyalty-is-here-pink-bar-090722.webp"
x-amz-apigw-id: YEiWBGiuIAMF2eg=
content-length: 136
last-modified: Wed, 07 Sep 2022 05:07:19 GMT
server: cloudflare
x-amzn-trace-id: Root=1-63181759-418b13c466bd2094581a1795;Sampled=0
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=474
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 7477d59d5e059945-FRA
x-amz-cf-id: TbCkFBVEQ3rDm0-W1x1-2E9FIp-jL6HbiArhXeSWXA_wA6HHPBQYJg==
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 365 KB
106 KB 66ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a645ecc089b4afff57d30975fb942c5494d286d684ce31693c6714d77223506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107973
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Sep 2022 12:54:44 GMT

GET
H2 200 PerimeterXLoader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/ 3 KB
2 KB 31ms
23ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/PerimeterXLoader.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1114a3775f6c6d0d99a3204d7f658bd2a7adeca8eceba3c93de168879232850

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4095
cf-polished: origSize=3217
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ir_XQfaa04P0t0hZlrtg.HqDdA8Jy2lFi_qxb_KIqqQ-1662641684-0-AYKPdBoH_diW_VzorQnLPu2SN4ffZpfQzPyEWvJ__HCCkzTpvPzKUrEm2HiUjzmyzNNGwWphz9U_yV0S2lTg46Cb6IkTlIU993hjDL76ghE6; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:17:03 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ir_XQfaa04P0t0hZlrtg.HqDdA8Jy2lFi_qxb_KIqqQ-1662641684-0-AYKPdBoH_diW_VzorQnLPu2SN4ffZpfQzPyEWvJ__HCCkzTpvPzKUrEm2HiUjzmyzNNGwWphz9U_yV0S2lTg46Cb6IkTlIU993hjDL76ghE6"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d6e319945-FRA
x-dw-request-base-id: TziwqvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 ActiveData.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/analytics/ 2 KB
1 KB 36ms
26ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/analytics/ActiveData.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54d9d769621f8ed8da28777f520e746f2d9efe287e84eceb2b73c7a575e3e025

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=2446
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:42 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e359945-FRA
x-dw-request-base-id: nJ9XMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 SfmcDataLayer.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/analytics/ 6 KB
2 KB 49ms
40ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/analytics/SfmcDataLayer.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84d2880efcede68a16a3d05bf433773d4e15aecc71a8c380574193b2c3f7c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4095
cf-polished: origSize=6007
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:17:03 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e389945-FRA
x-dw-request-base-id: TzixqvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 Overlay.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 2 KB
869 B 34ms
24ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Overlay.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28dd0e765406a4781f88a1b6e55f39a0cbae922a3061b86de51e463718e32585

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=2216
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e399945-FRA
x-dw-request-base-id: TzivqvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 Snackbar.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 3 KB
1 KB 33ms
24ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Snackbar.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f72b7aff5efdeb684d7e4ac3ca52199f845a40496d623e955dc33e9899bf01

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4095
cf-polished: origSize=2904
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e3a9945-FRA
x-dw-request-base-id: TziuqvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 SkipLink.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 844 B
509 B 40ms
31ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/SkipLink.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022bc06e678b8a05062584441c2940abebb2e61d193e8ee1dacd368a66fc6c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=882
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e3d9945-FRA
x-dw-request-base-id: nJ9vMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 Header.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 8 KB
2 KB 38ms
30ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Header.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbacef9259af35e748ea7362bfb47c7a81647065c6f686ec765518b9cb9554b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4095
cf-polished: origSize=8012
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e3e9945-FRA
x-dw-request-base-id: TziyqvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 ComponentPlaceholder.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 388 B
349 B 42ms
33ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ComponentPlaceholder.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f4b20e7cb7dbe82dc60e1d1ec455bd0c67b4719bf43e6868139b35b982c6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4095
cf-polished: origSize=438
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e419945-FRA
x-dw-request-base-id: nJ9cMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 ContentPanel.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 3 KB
1 KB 48ms
39ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ContentPanel.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c4e05b7ef3defa68f67989adae8ce36b9c59b5253eca3e5af7492691db6561b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=2976
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e489945-FRA
x-dw-request-base-id: nJ9aMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 EventTrigger.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 2 KB
1 KB 39ms
31ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/EventTrigger.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51fbc9beeb9b3cf5891e83b85d669d107881367d3faf4de6bb15360e00b876a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=2540
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e4a9945-FRA
x-dw-request-base-id: nJ9eMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 PopOver.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 4 KB
1 KB 45ms
37ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/PopOver.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aab9ad074b40c16217065eeeaa035463c89ea46e16f580758f9f0925ac1d25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=4202
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e4d9945-FRA
x-dw-request-base-id: nJ97OhLOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:18 GMT

GET
H2 200 CustomerInfo.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/header/ 937 B
562 B 40ms
34ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/header/CustomerInfo.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

327513620c0d8f87144794b235b8e9b1e81b278c297309b1c42b4819afbc41e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=979
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e539945-FRA
x-dw-request-base-id: nJ94OhLOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:18 GMT

GET
H2 200 MiniCart.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/cart/ 3 KB
1 KB 49ms
42ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/cart/MiniCart.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f799a030b451eff44a027b62bde44fc4b8cf2a1fb35a761f9f8898ad65c021df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4095
cf-polished: origSize=3107
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e549945-FRA
x-dw-request-base-id: nJ9bMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 SimpleSearch.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 8 KB
2 KB 36ms
29ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/SimpleSearch.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5462cdd8a163f19dc441e064af7952ed2d3864dc6cc5802e28f77c962f7bfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4095
cf-polished: origSize=8420
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e589945-FRA
x-dw-request-base-id: nJ9gMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:04 GMT

GET
H2 200 Navigation.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 5 KB
2 KB 47ms
40ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Navigation.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b52714beb7968972e7e69a182e7d55bd7c0b18d185f802e4d05a942937ed980d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=5121
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e5a9945-FRA
x-dw-request-base-id: nJ9DOhLOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:18 GMT

GET
H2 200 HamburgerMenu.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 3 KB
961 B 36ms
30ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/HamburgerMenu.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03ba5ec2ec6b2eda98d2ba80f8fa4786cb2434015f0433e059ed7fbf3e164681

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=2832
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e5c9945-FRA
x-dw-request-base-id: nJ90MPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 LocalizationMenu.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/header/ 4 KB
1 KB 139ms
133ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/header/LocalizationMenu.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb8fa37fe2007bf677daa6b2d9e9b4c3c8bf4937489e28dc8dae0704f427a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
cf-polished: origSize=3684
strict-transport-security: max-age=86400
content-type: application/javascript
expires: Sat, 08 Oct 2022 11:12:18 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 7477d59d7e5e9945-FRA
x-dw-request-base-id: nJ9BOhLOGWMBAAB_
cf-bgj: minify

GET
H2 200 Form.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 13 KB
4 KB 147ms
142ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Form.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f7446efa568c963e9457cf55c5490c5e8f04b396ddbe8e30b5e3b2d5ee4df32

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:15:42 GMT
server: cloudflare
cf-polished: origSize=13595
strict-transport-security: max-age=86400
content-type: application/javascript
expires: Sat, 08 Oct 2022 11:12:00 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 7477d59d7e609945-FRA
x-dw-request-base-id: nJ9dMwDOGWMBAAB_
cf-bgj: minify

GET
H2 200 Hero.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 2 KB
796 B 153ms
148ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Hero.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66a9ec67d2c07e80edf452ac8084a57bdb174d03777b7eab82225c2476e26924

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:15:42 GMT
server: cloudflare
cf-polished: origSize=1745
strict-transport-security: max-age=86400
content-type: application/javascript
expires: Sat, 08 Oct 2022 11:12:54 GMT
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 7477d59d7e629945-FRA
x-dw-request-base-id: nJ-ySTbOGWMBAAB_
cf-bgj: minify

GET
H2 200 Recommendations.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 1 KB
716 B 37ms
32ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Recommendations.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd05fbb7cc7130b5ac7fdc122f49006ce9e22c66f0e59ed755d410552c8a31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=1421
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:42 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e659945-FRA
x-dw-request-base-id: nJ-zSTbOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:54 GMT

GET
H2 200 Extole.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/ 4 KB
2 KB 46ms
41ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/Extole.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e858f08a2bd7676474fd3f6cfa33a05b477153c5a8f52d7488c8bf1b0337057

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=4198
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:16:31 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e689945-FRA
x-dw-request-base-id: Tzi3qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 StickyBar.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 3 KB
1 KB 40ms
35ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/StickyBar.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a3b93805253efc6a3d641b7fab0d136faf97fbf7f2a79e77531880c1de726a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=2638
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e6a9945-FRA
x-dw-request-base-id: Tzi4qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 BackTop.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 1 KB
695 B 41ms
36ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/BackTop.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000fcb62c27117b1bfed5ffc9c9ac9ab2c725b5fba3369f8e70920a1e38c719a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=1279
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e6c9945-FRA
x-dw-request-base-id: nJ9kMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 OrientationMessage.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 591 B
947 B 46ms
42ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/OrientationMessage.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8c9e6f35d88b651586e03ed941b3dca7ac3631119a1880c008747a0bb0f4bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=639
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_k.AaAYvCi65qqx14iMYcz.rzB2BP_sI14KKX6ayvHw-1662641684-0-ATQKBPy0q-UtUY8BaqrFWC_n9DQZUJ3CA695zJUVVX7ZW2gwvpLRuw6OXIT_NO_Yg5cA8oLVwHbQ6x9nZkfRazPhkBLYpiOkqpLHAHeG4cUw; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_k.AaAYvCi65qqx14iMYcz.rzB2BP_sI14KKX6ayvHw-1662641684-0-ATQKBPy0q-UtUY8BaqrFWC_n9DQZUJ3CA695zJUVVX7ZW2gwvpLRuw6OXIT_NO_Yg5cA8oLVwHbQ6x9nZkfRazPhkBLYpiOkqpLHAHeG4cUw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2589972
cf-ray: 7477d59d7e6f9945-FRA
x-dw-request-base-id: nJ9mMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 OrderGrooveLoader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ 6 KB
2 KB 41ms
36ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/OrderGrooveLoader.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1603bd76ce70b766f819ed16e20c236f4ed23b0830337485381d55870a73d6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=5839
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:16:31 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e719945-FRA
x-dw-request-base-id: Tzi2qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 BazaarVoiceHosted.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 3 KB
2 KB 48ms
43ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/BazaarVoiceHosted.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9149923ff48cb61471a24dea9ef141f446ebcb1dc34733633ffaf5ce8c38d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=2736
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=CiLIIYgVlG7q6.NEUSK4gAxlFVyZgoxA70fAPw4vx1M-1662641684-0-AYtuwh7dGc94pMj6-M7qglVyUdFPb3MtrfQo9vzhSqbumT5Va8c75PJT0b07Uuba4rwQzZKOP0ktdgjZ_jL459OjMVG_qKt2xmGhQqplhcDH; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=CiLIIYgVlG7q6.NEUSK4gAxlFVyZgoxA70fAPw4vx1M-1662641684-0-AYtuwh7dGc94pMj6-M7qglVyUdFPb3MtrfQo9vzhSqbumT5Va8c75PJT0b07Uuba4rwQzZKOP0ktdgjZ_jL459OjMVG_qKt2xmGhQqplhcDH"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e729945-FRA
x-dw-request-base-id: Tzi7qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:04 GMT

GET
H2 200 Forter.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/ 7 KB
3 KB 45ms
41ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/Forter.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b5148a2335091b03b2604a130e3f89537056cd61e76406ba1e55d526d964331

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=6723
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:17:02 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e779945-FRA
x-dw-request-base-id: nJ9rMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 LiveEngage.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/ 3 KB
1 KB 47ms
43ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/LiveEngage.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d16811c35785b3935390084b52f0c19421589ae2b4f63061a69e61f4cfe490c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=3554
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:16:31 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d7e7c9945-FRA
x-dw-request-base-id: Tzi6qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 ThirdPartyLoader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 2 KB
918 B 21ms
21ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ThirdPartyLoader.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d77a9efd2261219ebe01cdce9abef56063d22cd1cd4f7f8e4efb96245bdc91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=1790
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59d9ead9945-FRA
x-dw-request-base-id: nJ9sMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 animate.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 1 KB
1 KB 27ms
26ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/animate.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69fe0b62cbec81761a3b3e6b09a0b240c0a96d2d774816310de200aa338e232

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=1103
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Q.lcW1aPwAJbMaajMca578eJlj1KdTczTrElVrbY2RQ-1662641684-0-AT2wIEEaFKSrDK8mRZYCKsBGlK3firN_Z3oH0MPntWeI4jpLRo6XLpPtWg_2yy66uWgwW_q8xSF4PgfkmiX1dzT2Jns-bSkWMrZIbH7AGXGh; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Q.lcW1aPwAJbMaajMca578eJlj1KdTczTrElVrbY2RQ-1662641684-0-AT2wIEEaFKSrDK8mRZYCKsBGlK3firN_Z3oH0MPntWeI4jpLRo6XLpPtWg_2yy66uWgwW_q8xSF4PgfkmiX1dzT2Jns-bSkWMrZIbH7AGXGh"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59daebe9945-FRA
x-dw-request-base-id: Tzi5qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 mixwith.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/core/ 1 KB
692 B 23ms
22ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/core/mixwith.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d113e1adf90d4478a8ad5b3bc39e172ca7f0c1e75e7738dd5bf2a882f58683d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=1129
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59daece9945-FRA
x-dw-request-base-id: nJ9zMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 Analytics.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/mixins/ 8 KB
3 KB 31ms
31ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/mixins/Analytics.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68db82bdd0dcd6bb49d062bb667aff856e22f52dd2ea0ac13638e527f4998be

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=8109
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59daecf9945-FRA
x-dw-request-base-id: nJ9yMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 Accessibility.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/mixins/ 6 KB
2 KB 23ms
23ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/mixins/Accessibility.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b79d4b25bbd23997aec95bb5391e87ef124b7ca9930e7d07584a9c379298baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=6331
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59daed19945-FRA
x-dw-request-base-id: Tzi8qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 Loader.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/mixins/ 2 KB
990 B 22ms
22ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/mixins/Loader.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11610c03444720b7624ef630834bf363f2cc3c30e74b9dbd2322ff5662f82a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=2459
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59daed29945-FRA
x-dw-request-base-id: nJ93MPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 Page-Resources Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 691 B
629 B 134ms
133ms Fetch
application/json 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/Page-Resources?ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea80293fc6dd7b527308f0de5f799586b2cb5174566d69c4db2da9151d1807e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d59dbee59945-FRA
x-dw-request-base-id: Tziu243OGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cookie.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 593 B
473 B 19ms
18ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/cookie.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e4b08e3a7e8f68059c6fec4465b76acc3c1717ed5355678d531bbccc0226d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=629
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59dceed9945-FRA
x-dw-request-base-id: Tzi-qvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 ToolTip.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 11 KB
3 KB 24ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ToolTip.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd5230268c553946b05b5aa9c56dccbd12a9e6cacf23464241c97fc2fe6f41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=11180
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=nQc2UaZLTCnD8QordjHEyCsWEurXPsSFuAApCv37530-1662641684-0-AYQU5hxR48mpYl0odMkCG8Fpt8sEmhZvPOQXhppLe88RkJeqImdgX1prhKoiyJfdTIEwnj_J93hxuEzSBlQAbXPUK1U_i1Czf4zFaoeplmdF; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=nQc2UaZLTCnD8QordjHEyCsWEurXPsSFuAApCv37530-1662641684-0-AYQU5hxR48mpYl0odMkCG8Fpt8sEmhZvPOQXhppLe88RkJeqImdgX1prhKoiyJfdTIEwnj_J93hxuEzSBlQAbXPUK1U_i1Czf4zFaoeplmdF"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59dcefa9945-FRA
x-dw-request-base-id: TzjPsxPOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:19 GMT

GET
H2 200 device.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 245 B
344 B 25ms
22ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/device.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44d5085a4f56f01ef006708c2aae5c9b240ba6901f9067e81123af519fbb5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=281
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59dceff9945-FRA
x-dw-request-base-id: nJ-COhPOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:19 GMT

GET
H2 200 collect.js Show response
7290682.collect.igodigital.com/ 8 KB
2 KB 384ms
105ms Script
application/javascript 52.2.212.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://7290682.collect.igodigital.com/collect.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.212.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-212-202.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 20:45:53 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 SlidingPanel.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 5 KB
2 KB 29ms
29ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/SlidingPanel.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f98eed705b9ba196fc1a69ea8c327b7df13046b2de5b48b4007739f8784eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=4845
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59ddf0b9945-FRA
x-dw-request-base-id: nJ9tMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 location.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 482 B
407 B 26ms
26ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/location.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbeefaae1841b541bd93c731d667b5df22cdff69f5edc1f33ef062f4a17a8fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=520
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59ddf109945-FRA
x-dw-request-base-id: nJ-rNQTOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:04 GMT

GET
H2

200

IZ-Client Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/
Redirect Chain

https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client

136 KB
50 KB

561ms
560ms

Script
application/javascript

104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client

Protocol

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a18741700a42d70a5b48c30e9306dc792843cc9aa9b12055643ef46194016ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=c1.nZlw0dDBzm5EU0Fx1z5xVxZmYSSwWpZISyXRvE3E-1662641684-0-AS4DmUuz1iaKsDgGg9EKGf2Iuprs98P86JSMXz4ARBigddHJ5kUSCKT7-rbH8F1jlXwfHEzf6PGY7Ocxd6XrTVoYp82M3u4VfZbI-bKX92oK; report-to cf-csp-endpoint
strict-transport-security: max-age=86400
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=c1.nZlw0dDBzm5EU0Fx1z5xVxZmYSSwWpZISyXRvE3E-1662641684-0-AS4DmUuz1iaKsDgGg9EKGf2Iuprs98P86JSMXz4ARBigddHJ5kUSCKT7-rbH8F1jlXwfHEzf6PGY7Ocxd6XrTVoYp82M3u4VfZbI-bKX92oK"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 7477d59eb8489945-FRA
x-dw-request-base-id: Tzi-EhTmGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date: Thu, 08 Sep 2022 12:54:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Accept-Encoding
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
location: /on/demandware.store/Sites-itcosmetics-us-Site/default/IZ-Client
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d59def1c9945-FRA
x-dw-request-base-id: TzjGQ6_PGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 core.js Show response
origin.extole.io/it-cosmetics/ 44 KB
14 KB 612ms
458ms Script
application/javascript 96.16.152.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.extole.io/it-cosmetics/core.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.152.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-152-25.deploy.static.akamaitechnologies.com
Software: Extole /
Resource Hash: 47c9530d0e943793cba2c927de5b3d6036c505f673edb5d8998f1ab95215a92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
server: Extole
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
p3p: CP="Please see our privacy policy"
x-extole-client-id: 807935562
access-control-max-age: 3600
cache-control: no-transform, max-age=3600
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length: 14133
access-control-expose-headers: X-Extole-Token

GET
H2 200 le-mtagconfig.min.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/js/vendors/ 2 KB
902 B 23ms
21ms Script
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/js/vendors/le-mtagconfig.min.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c7f52eafdb5cb908afba33c7575c82636a048027e08d5ddb571c876847117a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:16:31 GMT
server: cloudflare
age: 4093
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
cf-ray: 7477d59def1e9945-FRA
x-dw-request-base-id: nJ-yNQTOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:04 GMT

GET
H2 200 html.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 1 KB
1 KB 21ms
21ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/html.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3149aca7d6603317a79e286681952e01b41029b5cfcb0c82913c12bba464481

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=1080
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=DAKxEQJ69gthj_uKFA.hcWpVMZDySmnB9iHxDXDJlAc-1662641684-0-AfwDka6xSNtp-58y_9umBXL16eM9rdZGmHGvyqreZRxkQkiayOvQ1PqBV64xkuHBCnkRkCyfyoxaGGRNfqQNE3boCrHouw1SQ8e8Y352OMOA; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=DAKxEQJ69gthj_uKFA.hcWpVMZDySmnB9iHxDXDJlAc-1662641684-0-AfwDka6xSNtp-58y_9umBXL16eM9rdZGmHGvyqreZRxkQkiayOvQ1PqBV64xkuHBCnkRkCyfyoxaGGRNfqQNE3boCrHouw1SQ8e8Y352OMOA"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59dff339945-FRA
x-dw-request-base-id: nJ9-MPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:57 GMT

GET
H2 200 ModifaceVTO.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/stores/ 2 KB
651 B 27ms
23ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/stores/ModifaceVTO.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71620adf11bbda0b7c9e3812ad1fe7635cea4c3e018ea3e3e313c085d60c2798

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=1730
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59e0f529945-FRA
x-dw-request-base-id: nJ9_MPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/ 455 KB
69 KB 138ms
9ms Script
text/javascript 96.16.158.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/main.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.158.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-158-4.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

64faf7bc4f8df7a7395e4d7a3c09e43569cd87cdbdcd8da51d4d10a330f26c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Sep 2022 13:06:29 GMT
Server: Apache
ETag: "1a1d26-71a0c-5e815fb2caa35"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Date: Thu, 08 Sep 2022 12:54:44 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70017
Expires: Thu, 08 Sep 2022 13:09:44 GMT

GET
H2 200 script.js Show response
edd8a9329ddd.cdn4.forter.com/sn/edd8a9329ddd/ 270 KB
132 KB 62ms
10ms Script
application/javascript 65.9.66.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edd8a9329ddd.cdn4.forter.com/sn/edd8a9329ddd/script.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/Forter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-88.fra56.r.cloudfront.net

Software

Resource Hash

12ec1f434026326093f918615a84411dbec7fb176dbc9f8fb48efdaa4e10f02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:55:51 GMT
content-encoding: br
vary: Accept-Encoding
age: 1486733
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 22 Aug 2022 07:55:51 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/edd8a9329ddd/21032871112
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript; charset=utf-8
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
cache-control: private, max-age=300
x-amz-cf-pop: FRA56-C1
timing-allow-origin: *
x-amz-cf-id: iG_L-zAautinuPzJYmmTvHkrIC9i5eRFl_fC0N5TWHE2Lj2-WlKPzw==
expires: Mon, 22 Aug 2022 08:00:51 GMT

GET
H2 200 InteractionStudio.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/ 7 KB
2 KB 24ms
24ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/integration/InteractionStudio.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1a755a618e211e615de46d65e46cbb266ff57645222cfd1b2a7e32b25bff9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=6766
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:17:02 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2590034
cf-ray: 7477d59e1f679945-FRA
x-dw-request-base-id: nJ9aSjjOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:56 GMT

GET
H2 200 InteractionStudio-GetRecommendations Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 413 B
690 B 264ms
264ms Fetch
application/json 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/InteractionStudio-GetRecommendations?action=homepage&customerID=abvFqoQI4PV4fg1fSbTXdB2k6C&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86bac4c3d19fffa5c4b2d75b81b0b0b5cc35bc769c84014aa244a4a976a5b51f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d59e7fe99945-FRA
x-dw-request-base-id: TziZEhTmGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 Select.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 21 KB
5 KB 54ms
53ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Select.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2626c0fc9140c6f1d7a73d526ac4b1a7c71740ed5ed85648d70554515c4b633a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2260
cf-polished: origSize=21244
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59e7feb9945-FRA
x-dw-request-base-id: nJ9GOhLOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:18 GMT

GET
H2 200 scroll.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 489 B
494 B 49ms
49ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/scroll.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388f473b0b0d2855dd3c3055095ea6bb5bacf3e76dbecf328ab1db4eb6e61cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=525
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59e7fed9945-FRA
x-dw-request-base-id: nJ91MPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 54ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 11138
vary: Accept-Encoding
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 08 Sep 2022 06:34:46 GMT
server: cloudflare
etag: 0x8DA916439418414
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e946677d-f01e-000c-4151-c33617000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7477d59ece945c92-FRA

GET
H2 200 62d9970637a811ea848a1299dd64c8fb.js Show response
d22xmn10vbouk4.cloudfront.net/ 93 KB
23 KB 55ms
23ms Script
text/javascript 65.9.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22xmn10vbouk4.cloudfront.net/62d9970637a811ea848a1299dd64c8fb.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-151.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fe0a21be851e5c59524698d0ea0d431a914a810362f4e26a045690fe2b95a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:20:02 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 12:19:09 GMT
server: AmazonS3
age: 2083
etag: W/"9512afdfbea1127cc0f1409fbbf2eece"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control: public, max-age=601
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: gZFIQRklt0nmcrTbCF2H7bK26vq_ktoXKZB457VToXnxAFsqYBbTTA==

GET
H2 200 PromotionTile.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 1 KB
695 B 141ms
134ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/PromotionTile.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dba9f0a06dda5045774ad41431d709d72f6e42c8daf672fcdd7f53c2a15bb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
cf-polished: origSize=1262
strict-transport-security: max-age=86400
content-type: application/javascript
expires: Sat, 08 Oct 2022 11:12:54 GMT
cache-control: public, max-age=2589529
cross-origin-resource-policy: cross-origin
cf-ray: 7477d59ea8379945-FRA
x-dw-request-base-id: nJ-4STbOGWMBAAB_
cf-bgj: minify

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 1169ms
73ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=73595848

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/js/vendors/le-mtagconfig.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 CDSLazyload-header_headerbanner Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 3 KB
985 B 438ms
437ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-header_headerbanner?configid=&data=&id=headerbanner&section=header&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e275166f359b6ce89481b6cf9a5a08f4deb8068e6a4caa83f494468b26f1d919

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d59eb8529945-FRA
x-dw-request-base-id: Tzi5EhTmGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-header_minicarticon Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 562 B
363 B 423ms
423ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-header_minicarticon?configid=&data=&id=minicarticon&section=header&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8191b445c37893b62f476709f93e12fdd8054e5f7e66c426b444e983c94fc36a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d59eb8549945-FRA
x-dw-request-base-id: Tzi4EhTmGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
BLOB 200
OK f1923bde-ce6c-46c6-8c05-5814c62c7e45
https://www.itcosmetics.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.itcosmetics.com/f1923bde-ce6c-46c6-8c05-5814c62c7e45
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d20e96e69189259343ab288e329642a46ec88e5848fcdf8ae33f1f0c9252eafc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H2 200 AbstractField.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 9 KB
3 KB 52ms
52ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/AbstractField.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b384f6f4ffc1b4db1ebeb3e4c6d8040dd5cf1bde0935e6efb742ff34b76fbf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2260
cf-polished: origSize=9377
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59f19059945-FRA
x-dw-request-base-id: nJ9VMwDOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:04 GMT

GET
H2 200 d-2-sun-kissed-hero.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-us-Library/default/dw89012e18/_NGL/2022/Homepage/09-September/ 43 KB
44 KB 42ms
41ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9eca6dec9d5d68bc2ca1256af614b7781cc06e34db57e30b04ccde262f4b6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 fc5a4053810c85d26abbb37d924e59fe.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 18353
cf-polished: qual=85, origFmt=jpeg, origSize=50818
x-cache: Hit from cloudfront
content-disposition: inline; filename="d-2-sun-kissed-hero.webp"
content-length: 44144
x-amz-expiration: expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 06 Sep 2022 04:00:31 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sw=2000&sh=410&sm=cut&q=70
etag: "ef9f81a4f2fc1c781c44b74881d6a9ea"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: HAM50-P2
accept-ranges: bytes
cf-ray: 7477d59f595c9945-FRA
x-amz-cf-id: chqpOEOdjDjNnR6Iy6km6D1FqFdAPzGkkW6tAhqOlgAqliVzM6m5nQ==
cf-bgj: imgq:85,h2pri

GET
H2

200

2db60bcd3f422d7b3d72b61818aa04eda1b69d587f894765e9b73556eb90c716ac7f4bc8611153e6dff84dd1a571 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/2db60bcd3f422d7b3d72b61818aa04eda1b69d587f894765e9b73556eb90c716ac7f4bc8611153e6dff84dd1a571

0
323 B

103ms
103ms

XHR
text/plain

99.86.4.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/2db60bcd3f422d7b3d72b61818aa04eda1b69d587f894765e9b73556eb90c716ac7f4bc8611153e6dff84dd1a571

Protocol

Server

99.86.4.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-16.fra6.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: -A6QnioQXRMRUL-V0ZLpyTzuYaMPStmIxU5B69E4yuhuH6aKtHNRwg==

Redirect headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
location: https://cdn9.forter.com/vchk2/v1/2db60bcd3f422d7b3d72b61818aa04eda1b69d587f894765e9b73556eb90c716ac7f4bc8611153e6dff84dd1a571
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: IbiCvZn2SyRNaNdHZRcCf7aJDmKHwHsZkC5DgxohJhBql8DLg5KgXg==

GET
BLOB 200
OK 4368f167-a702-48c9-a675-ca918259f2a4
https://www.itcosmetics.com/ 12 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.itcosmetics.com/4368f167-a702-48c9-a675-ca918259f2a4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb64205273c959d3251e9c28614b1876a5d0b1a0902f5ab0e7c381353bae10c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 11958
Content-Type: application/javascript

GET
H2 200 e3936571-a8bf-46e6-98c3-e922c8d3939d.json Show response
cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/ 4 KB
2 KB 40ms
17ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/e3936571-a8bf-46e6-98c3-e922c8d3939d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33bd76abc984c67d4af1dd349ec65e1add051fc9d09ec49f95d52c9ca0d0cd36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fIDtx25uKAT4wLfHqmETbQ==
age: 11944
vary: Accept-Encoding
content-length: 1465
x-ms-lease-status: unlocked
last-modified: Thu, 03 Mar 2022 19:58:58 GMT
server: cloudflare
etag: 0x8D9FD50410DBCE7
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4f054924-001e-0030-2ccc-4f82cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7477d59fadd792ad-FRA
expires: Thu, 08 Sep 2022 16:54:44 GMT

GET
H/1.1 200
OK en-us.js Show response
static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/vendors~offers/locale/ 130 KB
7 KB 10ms
9ms Script
text/javascript 96.16.158.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/vendors~offers/locale/en-us.js

Requested by

Host: static.ordergroove.com
URL: https://static.ordergroove.com/85cfa0c6425311e89bdabc764e1107f2/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.158.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-158-4.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ae2d9f661033569a030859e6a479ceb8576824f75f25c47ce277732e3ee2fbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Sep 2022 13:06:30 GMT
Server: Apache
ETag: "22014f-20705-5e815fb37033c"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Date: Thu, 08 Sep 2022 12:54:44 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6953
Expires: Thu, 08 Sep 2022 13:09:44 GMT

POST
H/1.1 200
OK prop.json
c9af38100f42442ba53ca110aad9dd52-edd8a9329ddd.cdn.forter.com/ 2 B
627 B 343ms
103ms Ping
application/json 54.81.184.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c9af38100f42442ba53ca110aad9dd52-edd8a9329ddd.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.81.184.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-184-157.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 08 Sep 2022 12:54:44 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Thu, 08 Sep 2022 11:05:47 GMT
Server: Apache
ETag: "2-5e82869587321"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 validators.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 2 KB
715 B 28ms
28ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/validators.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b336198afc3e12a6a5fca7c8b419c451bcaa3110f237ae2b2886047bb22b2b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2260
cf-polished: origSize=1953
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d59fba049945-FRA
x-dw-request-base-id: nJ8ANQPOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:03 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 153 B
368 B 145ms
111ms XHR
application/json 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7477d5a0081392ab-FRA
access-control-allow-headers: Content-Type

GET
H2 200 CDSHtml-common_recommendations Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 125 KB
11 KB 166ms
166ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSHtml-common_recommendations?data={%22items%22:[%223605972780072%22,%223605972778031%22,%22817919013096%22,%22817919015397%22,%22817919010637%22,%22893224002819%22,%22817919016868%22,%22817919013966%22],%22recommendationsProvider%22:%22interactionstudio%22,%22subComponentModel%22:{%22cssClass%22:%22m-carousel-product%22,%22componentOptions%22:{%22showArrows%22:true,%22slidesPerView%22:5,%22spaceBetween%22:30,%22breakpoints%22:{%22medium%20down%22:{%22slidesPerView%22:%22auto%22}},%22classNames%22:{%22paginationClass%22:%22h-hide-for-large%22,%22arrows%22:%22m-aside-pagination-for-medium-down%22},%22tileType%22:%22producttile%22,%22configType%22:%22minicart%22}},%22timestamp%22:1662641684492,%22zone%22:%22homepage%22}&id=recommendations&section=common&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455f213377c913cf483a489891949e04eaa124313233ee2f2233fbfd8844552e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a01a779945-FRA
x-dw-request-base-id: Tzi0EhTmGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 202 track_page_view
nova.collect.igodigital.com/c2/7290682/ 43 B
683 B 121ms
120ms Image
image/gif 52.2.212.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/7290682/track_page_view?payload=%7B%22title%22%3A%22It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!%22%2C%22url%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.212.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-212-202.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-runtime: 0.012547
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 1d2d996f-0972-499a-89ce-9b6425bbe98d

GET
H2 200 __Analytics-Start
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 35 B
227 B 427ms
427ms Image
image/gif 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.itcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.3478652840116452&cmpn=&tz=US/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=86400
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 7477d5a0bb729945-FRA
x-dw-request-base-id: TzjmEhTmGWMBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 11111
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:37 GMT
server: cloudflare
etag: 0x8D983BB67EEBDFE
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5a6c010d-801e-0065-7c82-0f69bb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7477d5a0c9c75c92-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/9e2d6bf5-5cea-43a8-92fd-93c8276d304f/ 118 KB
23 KB 17ms
17ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e3936571-a8bf-46e6-98c3-e922c8d3939d/9e2d6bf5-5cea-43a8-92fd-93c8276d304f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc116f07dbddd9e2e6ad729f63035910362a473cde793142160650d55859bb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: tluz0+vCLTiOuGUNnzvAwg==
age: 11942
vary: Accept-Encoding
content-length: 23342
x-ms-lease-status: unlocked
last-modified: Thu, 03 Mar 2022 19:59:07 GMT
server: cloudflare
etag: 0x8D9FD50469520B3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: aa88c929-401e-0073-7bcf-4fa825000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7477d5a0ff8592ad-FRA
expires: Thu, 08 Sep 2022 16:54:44 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 89ms
50ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 12:54:44 GMT

GET
H3

200

activityi;dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F Show response
8563001.fls.doubleclick.net/ Frame B7B5
Redirect Chain

https://8563001.fls.doubleclick.net/activityi;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?
https://8563001.fls.doubleclick.net/activityi;dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fww...

486 B
405 B

62ms
44ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8563001.fls.doubleclick.net/activityi;dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

bfc1cb9b63507caea3999fa3c729876e8e287acf61c3ac7a3b32e21235cd1760

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 12:54:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 12:54:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8563001.fls.doubleclick.net/activityi;dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
9ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5926
date: Thu, 08 Sep 2022 11:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 13:15:58 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 168ms
124ms Script
application/javascript 2a02:26f0:3500:883::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "b06b4e6cb1f66b46eb000478658c5236"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 59ms
21ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3c1f4aefc4f1f802130a9ae4de294d8518ee59464736f12f89e42b82ed1713bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7898
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-id: fEXmQn4uG09CKRDs58uVYN2GBYQmF3MUuxcCrmOT_kBbF3d89xVXVg==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 92ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A10D7C037414436A2DBC0C5E749E533 Ref B: FRA31EDGE0112 Ref C: 2022-09-08T12:54:44Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 08 Sep 2022 12:54:44 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 55ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
server: nginx
etag: W/"62bc0403-a792"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Sep 2022 12:54:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 41ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: 25/nZ3S0FBUJpsvwB3DP0gk+YhlFB0NDkhHSM8G6c8F3uw/c3sCYcb+iuJKUOvrat3XEWc50eSGGu4bb0/AfQA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 12:54:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 113855.ct.js Show response
tag.rmp.rakuten.com/ 36 KB
12 KB 401ms
292ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rmp.rakuten.com/113855.ct.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 31653219fcc28c4576bb4e60d2640e9e3254e0df2eb64897dcc01a140fb9b44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 12:54:45 GMT
x-cache: miss
x-samesite: secure
via: 1.1 google
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 39ms
9ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kcgs7200044-IAD, cache-hhn11561-HHN

GET
H2 200 dtag.js Show response
cdn.attn.tv/itcosmetics/ 5 KB
3 KB 120ms
75ms Script
text/javascript 2600:9000:211a:5a00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/itcosmetics/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:5a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92ce5ee056ebb613c0fb24bdb9f6dc31a5467df7d892c618b691aa127bab5f72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: z7sfDCA0eUCHQmj4QImdhnocgtKJ3nbP
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 16:09:47 GMT
server: AmazonS3
age: 116
etag: W/"465b95302855adc4dbe0b7a60a2f782c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cac.cloudfront.net (CloudFront)
cache-control: public, max-age=120
date: Thu, 08 Sep 2022 12:54:44 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: jkkgapCkexUnKRN7FlCYe191AUkU30IGig7cS7MkPGle1Ocz6LfYwQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 45ms
25ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DPN15YB5DF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP53K8&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d133a857fcbf80e34c8cda1ee09e231df1b2309bc0cafebc6bf6635dbe2c2414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67200
x-xss-protection: 0
expires: Thu, 08 Sep 2022 12:54:44 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 13 KB
3 KB 18ms
18ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6kn6x4Mq//asafVxYG5LSA==
age: 11941
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:28 GMT
server: cloudflare
etag: 0x8D983BB627AC080
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3eab2afd-501e-00ab-4a6d-c40ff4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7477d5a1882b92ad-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 22ms
22ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 11941
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:45 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c820b8ad-601e-010d-796f-c971bf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7477d5a1882d92ad-FRA

GET
H/1.1 200
OK /
d.agkn.com/iframe/12330/ 0
0 68ms
10ms Image
text/html 3.123.239.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/iframe/12330/?orderValue=undefined&orderNum=undefined&cd1=itcosmetics.com&cd2=homepage&cd3=undefined&cd4=https%3A%2F%2Fwww.itcosmetics.com%2F&gtmcb=418154345
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.239.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 200
OK /
d.agkn.com/pixel/10859/ 43 B
593 B 56ms
10ms Image
image/gif 3.123.239.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10859/?che=659964902&gaid=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.239.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
776 B 435ms
428ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=3605972780072&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8036456bd73b715bb5397e6bab98e3db1c043bfc6677e232af45704b5e4c7030

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bcfc9945-FRA
x-dw-request-base-id: nJ8gWmTOGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
812 B 172ms
164ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=3605972778031&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf756c276b0da927d0fd6fa99f1af126d29223fb16d85c96fd9951997af0a86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bcff9945-FRA
x-dw-request-base-id: TzhRPJnPGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
805 B 175ms
168ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=817919013096&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4067e00788590460282ec3cd954bb1d06c57ffdcbb5c2d0ba4b0415d8aad385f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bd009945-FRA
x-dw-request-base-id: TzgfN4rPGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
1 KB 442ms
435ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=817919015397&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d60128709c8fd27efd7ade2bf949b2af73d504d2244ea538be48b3a1597eb008

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=gsv44MRhUQQ3L9vP4jxWrgRkXSv4KtMKcrUsrjjJRzI-1662641685-0-Ab6aDKlSqPlcrfWXxozjNqXtIX7BmcLi731CtYFezRlIWGguINVvmASY5vwcEHgQ_cBvR52z8lGnMgvkAEIHiHsw7wGVGCyTos8Aq3kypTUW; report-to cf-csp-endpoint
x-sf-cc-cacheable: false
vary: accept-encoding
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=gsv44MRhUQQ3L9vP4jxWrgRkXSv4KtMKcrUsrjjJRzI-1662641685-0-Ab6aDKlSqPlcrfWXxozjNqXtIX7BmcLi731CtYFezRlIWGguINVvmASY5vwcEHgQ_cBvR52z8lGnMgvkAEIHiHsw7wGVGCyTos8Aq3kypTUW"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bd019945-FRA
x-dw-request-base-id: nJ-_JVfQGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
779 B 179ms
173ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=817919010637&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80018a9ed6f43cb5f482f99503e605c297d859e0550de7c1fea6e562b1fa022

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bd029945-FRA
x-dw-request-base-id: TzgeN4rPGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
785 B 414ms
408ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=893224002819&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce3dcee22cc1b78f3714134b7333f4c5a4a291d065397f848aa9ad55be3ec5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bd039945-FRA
x-dw-request-base-id: nJ_uVVnOGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
823 B 436ms
430ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=817919016868&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e33d3c445f67d8d6d22bee2274f0dd89a477a7952344524beea9c7c64eab59ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bd059945-FRA
x-dw-request-base-id: nJ_11IrPGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CDSLazyload-product_productmainaction Show response
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 2 KB
970 B 406ms
400ms Fetch
text/html 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/CDSLazyload-product_productmainaction?configid=minicart&data=817919013966&id=productmainaction&pageId=product-tile&section=product&ajax=true

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4beb6af8e3763d331b06d130be49128e5249bbb0dda5f9efb1a0da95a03b5986

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sf-cc-cacheable: false
x-xss-protection: 1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: accept-encoding
strict-transport-security: max-age=86400
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 7477d5a1bd069945-FRA
x-dw-request-base-id: TzglN4rPGWMBAAB_
x-dw-trace-id: TzglN4rPGWMBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 Carousel.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/ 23 KB
6 KB 28ms
23ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/global/Carousel.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a59a0bad74327d1357fe194103e704d6ca20ffcdd67ef29c3ed9e34a391a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=23797
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:42 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a1bd079945-FRA
x-dw-request-base-id: nJ-IMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 ProductTile.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ 4 KB
2 KB 38ms
34ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ProductTile.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6356adfa7f369f5b9d090c3dc331037d4fe0597f321ce0d24ba13605db72d32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4092
cf-polished: origSize=4412
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=2K09LWscOeCKvzjviZBH8Qx2XlUpa001gOPPg3wrArY-1662641684-0-AYXD67EYAynjuhcsBTDiPmiV5ARIrY_TQ7o5weMexVxNYrwTLQiVgm355Iyd4ztlDt8b0FFAKKL5nqDWLagiQRFEmelPUKJAM7Py6BpN4EPU; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=2K09LWscOeCKvzjviZBH8Qx2XlUpa001gOPPg3wrArY-1662641684-0-AYXD67EYAynjuhcsBTDiPmiV5ARIrY_TQ7o5weMexVxNYrwTLQiVgm355Iyd4ztlDt8b0FFAKKL5nqDWLagiQRFEmelPUKJAM7Py6BpN4EPU"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a1bd089945-FRA
x-dw-request-base-id: nJ89SzrOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:58 GMT

GET
H2 200 ProductPrice.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ 3 KB
2 KB 28ms
24ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ProductPrice.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d04cbeb7396f1d0a605e7b331f2d10aa43f103bbf7de6548beed48a3dc2115

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=3303
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=icts7_7v6Ver4hapoNShtfSQLr2dCs2lrlOiy4WgtXk-1662641684-0-AVtacJDZxY43VFy-Gel0gepx3s3e-Zhj_BY1APFz8_7gQpzgNK2w0J35REMAcLWDMXwoF8m7UOqrSjWozi-CnpTiyiRHQCZEYj6mFM321MPk; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=icts7_7v6Ver4hapoNShtfSQLr2dCs2lrlOiy4WgtXk-1662641684-0-AVtacJDZxY43VFy-Gel0gepx3s3e-Zhj_BY1APFz8_7gQpzgNK2w0J35REMAcLWDMXwoF8m7UOqrSjWozi-CnpTiyiRHQCZEYj6mFM321MPk"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a1bd099945-FRA
x-dw-request-base-id: nJ9oSjjOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:56 GMT

GET
H2 200 ProductInfoUpdater.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ 1 KB
692 B 27ms
25ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ProductInfoUpdater.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83de4e0c9ecaf960e4747677cd003cb02683f90adefaeb1a37e3e2dec8614d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4094
cf-polished: origSize=1370
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a1bd0a9945-FRA
x-dw-request-base-id: nJ9jSjjOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:56 GMT

GET
H2 200 Swatches.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ 8 KB
2 KB 26ms
24ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/Swatches.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7ad2b248bd27f970a1796e1612aafdc4024dfa2003f3d4cae45df49f6adbc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2266
cf-polished: origSize=8437
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a1bd0d9945-FRA
x-dw-request-base-id: nJ9eSjjOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:56 GMT

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 560bdae66c629f209e1755492369ac978b64353017c09b7599d8ed3e05ac1be5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 642f20c90a991bb4c30728a63ddffc58369677075e2b9a29e34610730241af19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdd52fb1ded9675b946c8df5d399302e9d1412874e7460c937b76af094a5bb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 135 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2c02feef733ff76d50b3d4e6944bc5abaf7505dddcfa6aa587415a84987a435

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 MiniCartIcon.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/cart/ 2 KB
741 B 36ms
35ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/cart/MiniCartIcon.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32774f32cee23982a8093c8f299e5260379fd14b561f429624a499af9360abc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=1632
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a1dd3a9945-FRA
x-dw-request-base-id: TzjzqvrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f3cba294fade1e60aeab8e68ff44256bde9e9e083659aa12c198504fb2dbd87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 color.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 632 B
472 B 22ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/color.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad9f609601617bbdf90e01a38056c19bb7be12a83a9ffd3ce79e4879dcc9677

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4093
cf-polished: origSize=667
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a1fd879945-FRA
x-dw-request-base-id: nJ-aMPrNGWMBAAB_
expires: Sat, 08 Oct 2022 11:11:54 GMT

GET
H2 200 swiper.min.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/npm/swiper@4.5.1/dist/js/ 126 KB
33 KB 22ms
20ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/npm/swiper@4.5.1/dist/js/swiper.min.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b21b672f6980e454c4628745e5f7f05c487b2426af17900bd4860ef7c920b3a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
age: 2265
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
cf-ray: 7477d5a1fd889945-FRA
x-dw-request-base-id: nJ9V7_3UGWMBAAB_
expires: Sat, 08 Oct 2022 11:41:49 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 image.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/ 2 KB
1 KB 22ms
21ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/toolbox/image.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17aa9dac838ed6cea7911d50c47ef6718bae0639b49e5769c4a62a7ad1f09c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=1583
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=bkHTeW600OUljlQbZzWiJcV2gFlD_I9_b9rOBYxjLbw-1662641684-0-ARfap39I7aPmVUioYpjWmTGVF4xPXL_poHzbosBfXxDcLPgHWr1VhNw_K1L-pS9b9OcVnRi6msmYbPEqHXHfU7d4AVp19cLkU7NnewCP2_s8; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=bkHTeW600OUljlQbZzWiJcV2gFlD_I9_b9rOBYxjLbw-1662641684-0-ARfap39I7aPmVUioYpjWmTGVF4xPXL_poHzbosBfXxDcLPgHWr1VhNw_K1L-pS9b9OcVnRi6msmYbPEqHXHfU7d4AVp19cLkU7NnewCP2_s8"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a23dea9945-FRA
x-dw-request-base-id: TzilwTjOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:56 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 24ms
7ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Sep 2022 13:17:54 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
3 KB 25ms
8ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:39:48 GMT
x-content-type-options: nosniff
age: 896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Sep 2022 13:39:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987290011/ 2 KB
2 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987290011/?random=1662641684846&cv=9&fst=1662641684846&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c419b791b0a4977c9d4a8e6db5071a5942f4b83c6f9ded9550986be36852dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858640376/ 2 KB
1 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858640376/?random=1662641684848&cv=9&fst=1662641684848&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67a0fa953058c86dfe084bddcc1d3c5e70a28d0af321fed49a5ad289bd10d72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/749421453/ 2 KB
1 KB 40ms
22ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/749421453/?random=1662641684848&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

460c8007842cbfadea647b28457a92d6037ccbf2f4aebb41561ac555b420f9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 600434936754718 Show response
connect.facebook.net/signals/config/ 297 KB
85 KB 70ms
60ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/600434936754718?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb21a0144ef95fbf81b12408c1fc6c146a785624f2cb316379e01715454a2e60

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: coKClnJtFBbAkQQ7x3JzqmIfxkjrk+U7AywXsdDh8Do411U9pTEiLw9+RgAg78j8hGveAQLBjQ/o2dVkGnluLw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 12:54:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 44ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DPN15YB5DF&gtm=2oe8v0&_p=71478260&ul=en&cid=828967241.1662641685&sr=1600x1200&ir=1&_eu=Q&_z=ccd.v9B&_s=1&dl=%2F&uid=abvFqoQI4PV4fg1fSbTXdB2k6C&sid=1662641684&sct=1&seg=0&dt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&en=page_view&_fv=1&_ss=1&ep.page_category=homepage&up.brand=itcosmetics.com&up.country=us&up.site_type_level=main
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DPN15YB5DF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
482 B 54ms
17ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=e41399ac-6328-420a-88e7-bf1ff3e72ebf

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f913eded1d0bb7e2c88609f70784f1bb145eaca37847dea6c7d58f3a42773ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.itcosmetics.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
165 B 54ms
18ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=e41399ac-6328-420a-88e7-bf1ff3e72ebf&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d9b7addc307c170904326e2128b9929e43c02baa859a7195c3841023a4200d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.itcosmetics.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 ITC-Cream-confidence-in-a-cream-supercharge-full-size-000-Front.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw3ba78093/product-images/2022/CIAC_Supercharged/ 6 KB
6 KB 23ms
22ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw3ba78093/product-images/2022/CIAC_Supercharged/ITC-Cream-confidence-in-a-cream-supercharge-full-size-000-Front.jpg?sw=270&sfrm=jpeg&q=70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

282e01bae408bb45eb6e647973977f442d9206990f3fc70147f8f1d77e6daf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 167462
cf-polished: qual=85, origFmt=jpeg, origSize=6581
x-cache: Hit from cloudfront
content-disposition: inline; filename="ITC-Cream-confidence-in-a-cream-supercharge-full-size-000-Front.webp"
content-length: 6024
x-amz-expiration: expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Wed, 20 Jul 2022 20:55:27 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sfrm=jpeg&sw=270&q=70
etag: "3751fa80467c164998857f6d4fe317aa"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 7477d5a2ded89945-FRA
x-amz-cf-id: UfkxxeKT4JW_I30uUES_gRZWaK5f0N5TXvWl6xT-Xa5LdlngT9_hzQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 ITC-Eye%20Cream-2022-confidence-in-an-eye-cream-full-size-cap-on-side-000-Front.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw37de1182/product-images/2022/ConfidenceEyeCream_Reno/ 5 KB
6 KB 33ms
32ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw37de1182/product-images/2022/ConfidenceEyeCream_Reno/ITC-Eye%20Cream-2022-confidence-in-an-eye-cream-full-size-cap-on-side-000-Front.jpg?sw=270&sfrm=jpeg&q=70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9339be72387bc2fc63945f57da76154f4be21cacf322ec1b33117207fa7a0532

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 161656
cf-polished: qual=85, origFmt=jpeg, origSize=6154
x-cache: Hit from cloudfront
content-disposition: inline; filename="ITC-Eye%20Cream-2022-confidence-in-an-eye-cream-full-size-cap-on-side-000-Front.webp"
content-length: 5270
x-amz-expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Sun, 05 Jun 2022 04:02:40 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sfrm=jpeg&sw=270&q=70
etag: "05ec45402497b0d27b5bedccbac4b33f"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
cf-ray: 7477d5a2deda9945-FRA
x-amz-cf-id: FRcnYoaOGqH8apY27Y5Thui3-XdtImuRmFrGZKf_yTcR35VvnxD3Sw==
cf-bgj: imgq:85,h2pri

GET
H2 200 secret-sauce-1-940x940.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw1e807586/product-images/2022/SecretSauce/ 4 KB
5 KB 26ms
25ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw1e807586/product-images/2022/SecretSauce/secret-sauce-1-940x940.jpg?sw=270&sfrm=jpg&q=70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94a9d881a065a477c2572a698511cf1920303cb0e5739405c37f2b7b55e3e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 161649
cf-polished: qual=85, origFmt=jpeg, origSize=5856
x-cache: Hit from cloudfront
content-disposition: inline; filename="secret-sauce-1-940x940.webp"
content-length: 4584
x-amz-expiration: expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 23 Aug 2022 04:02:24 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sfrm=jpg&sw=270&q=70
etag: "dcae9f83c9eb152c7a3e3e9b4021d27b"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
cf-ray: 7477d5a2dedb9945-FRA
x-amz-cf-id: 77phr9-5HQnwpDpp4ohhpcPl5DsOkJNWCCEeb5dez6TR9ZIXTi9gOQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 ITC-Cleanser-confidence-in-a-cleanser-2021-full-size-closed-000-Front.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dwe7c29a6a/product-images/000_CorePage_Updates/CIACleanser/ 4 KB
4 KB 25ms
24ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dwe7c29a6a/product-images/000_CorePage_Updates/CIACleanser/ITC-Cleanser-confidence-in-a-cleanser-2021-full-size-closed-000-Front.jpg?sw=270&sfrm=jpeg&q=70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bb74b15862eb22f0fda60d2a2335769ed747fe0e08067489dc3408db4bfe1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 621310
cf-polished: qual=85, origFmt=jpeg, origSize=4855
x-cache: Hit from cloudfront
content-disposition: inline; filename="ITC-Cleanser-confidence-in-a-cleanser-2021-full-size-closed-000-Front.webp"
content-length: 3626
x-amz-expiration: expiry-date="Mon, 27 Feb 2023 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Thu, 27 Jan 2022 05:20:10 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sfrm=jpeg&sw=270&q=70
etag: "66c24492d0df5bab80ca266ec95c0c4b"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 7477d5a2dedc9945-FRA
x-amz-cf-id: hDv8hhlK5jjAGCPe33puUjtCnT6FxD8OO60zOLXl5ao9SUbAt4n7Pg==
cf-bgj: imgq:85,h2pri

GET
H2 200 it-cosmetics-no-50-serum-2000x2000.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dwb9c58a59/product-images/Rescaled/SKINCARE/ 1 KB
2 KB 30ms
29ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dwb9c58a59/product-images/Rescaled/SKINCARE/it-cosmetics-no-50-serum-2000x2000.jpg?sw=270&sfrm=jpg&q=70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f7c153841a74248a2090c41f73155845e12c63798969a7803ec1ae95a9c627c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 27732
cf-polished: qual=85, origFmt=jpeg, origSize=2419
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=thqB0jCLTUsJtOuFWRcMvi9Rn7hMpTjxvFCL66l1KJc-1662641684-0-AdvYI6fHjjhlGSvvJsCcmU6KapCmxBiSXZI4U41O0Y5zK-PBB_Xhcbz7-642bSvYLKeDFKDpEonWdgNT2sXBEbsRFltyTLxYo0gSJkwo0uz_; report-to cf-csp-endpoint
x-cache: Hit from cloudfront
content-disposition: inline; filename="it-cosmetics-no-50-serum-2000x2000.webp"
content-length: 1372
x-amz-expiration: expiry-date="Sat, 26 Nov 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 26 Oct 2021 04:27:57 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sfrm=jpg&sw=270&q=70
etag: "aaabe289fac6a8cf3689a5bab5d4e2af"
strict-transport-security: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=thqB0jCLTUsJtOuFWRcMvi9Rn7hMpTjxvFCL66l1KJc-1662641684-0-AdvYI6fHjjhlGSvvJsCcmU6KapCmxBiSXZI4U41O0Y5zK-PBB_Xhcbz7-642bSvYLKeDFKDpEonWdgNT2sXBEbsRFltyTLxYo0gSJkwo0uz_"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 7477d5a2dedd9945-FRA
x-amz-cf-id: 2-NvA_exTg27V6mXi-ztiNjdNN22kfHbHDH09I1Tio8h156NuPxRXA==
cf-bgj: imgq:85,h2pri

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 4592 0
294 B 36ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf&u_scsid=a9ba931d-f15f-4297-a4a9-0e4b27efad7d&u_sclid=7367b5ae-89ff-4378-bc55-666453e8a96d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 08 Sep 2022 12:54:44 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6EFC 15 KB
6 KB 47ms
18ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.itcosmetics.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 12:54:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 852740
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 adsct
t.co/i/ 43 B
338 B 287ms
121ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3b96613a-f3e2-4d0c-9056-6a97e2e661e1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=13758731-26f2-427c-8c8d-a6eea4fb255f&tw_document_href=https%3A%2F%2Fwww.itcosmetics.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o17qu&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 112
date: Thu, 08 Sep 2022 12:54:44 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 67b8e0b5da223bd3b643f57762b07db6196cd8dc6547f0c3d47a21953eb97c40
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
353 B 408ms
115ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3b96613a-f3e2-4d0c-9056-6a97e2e661e1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=13758731-26f2-427c-8c8d-a6eea4fb255f&tw_document_href=https%3A%2F%2Fwww.itcosmetics.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o17qu&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-response-time: 107
date: Thu, 08 Sep 2022 12:54:44 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f8d64472aaeca7c4e5f1961c23904a1398d439ad1f1802b72a582965a8e78300
content-length: 43

POST
H2 200 global_footer Show response
refer.itcosmetics.com/zones/ 19 KB
7 KB 456ms
120ms XHR
text/html 54.92.215.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refer.itcosmetics.com/zones/global_footer

Requested by

Host: origin.extole.io
URL: https://origin.extole.io/it-cosmetics/core.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.92.215.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-92-215-160.compute-1.amazonaws.com

Software

Extole /

Resource Hash

18b48396759ddc324c7cc3f6c621e8406eea963694776ed736b445293149e8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="Please see our privacy policy"
vary: Origin, Accept-Encoding
content-length: 6533
server: Extole
x-extole-token: VGRGTJLJ9TJ1TID4PQAP25HP8O
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://www.itcosmetics.com
access-control-expose-headers: X-Extole-Token
cache-control: no-cache
access-control-allow-credentials: true
x-extole-cookie-consent: YEAR
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
expires: Thu, 08 Sep 2022 12:54:44 GMT

GET
H2 200 pebble Show response
p.cquotient.com/ 252 B
646 B 192ms
37ms Script
text/javascript 34.253.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.cquotient.com/pebble?tla=aang-itcosmetics-us&activityType=viewPage&callback=CQuotient._act_callback0&cookieId=abvFqoQI4PV4fg1fSbTXdB2k6C&realm=AANG&siteId=itcosmetics-us&instanceType=prd&marketingCloudStoreID=7290682&referrer=&currentLocation=https%3A%2F%2Fwww.itcosmetics.com%2F&ls=true&_=1662641685029&v=v2.34.3&fbPixelId=__UNKNOWN__&json=%7B%22cookieId%22%3A%22abvFqoQI4PV4fg1fSbTXdB2k6C%22%2C%22realm%22%3A%22AANG%22%2C%22siteId%22%3A%22itcosmetics-us%22%2C%22instanceType%22%3A%22prd%22%2C%22marketingCloudStoreID%22%3A%5B%227290682%22%5D%2C%22referrer%22%3A%22%22%2C%22currentLocation%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22ls%22%3Atrue%2C%22_%22%3A1662641685029%2C%22v%22%3A%22v2.34.3%22%2C%22fbPixelId%22%3A%22__UNKNOWN__%22%7D

Requested by

Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.253.252.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-252-176.eu-west-1.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

2c4063a61a8833c2e8d2df3086c5daf3a1c4fe89390c3d5e9733bc6e680e9ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
x-envoy-decorator-operation: api-proxy.default.svc.cluster.local:80/*
x-content-type-options: nosniff
server: istio-envoy
etag: W/"fc-4u28C278nz1NGPcnFVly+rqXaws"
strict-transport-security: max-age=15552000; includeSubdomains
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 6
content-length: 252

GET
H3 200 init Show response
tr.snapchat.com/ 126 B
149 B 26ms
17ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=e41399ac-6328-420a-88e7-bf1ff3e72ebf

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f913eded1d0bb7e2c88609f70784f1bb145eaca37847dea6c7d58f3a42773ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.itcosmetics.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H3 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
121 B 116ms
107ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=e41399ac-6328-420a-88e7-bf1ff3e72ebf&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d9b7addc307c170904326e2128b9929e43c02baa859a7195c3841023a4200d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.itcosmetics.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H3 200 p
tr.snapchat.com/ 68 B
88 B 117ms
108ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=d67a4ddb-7bc3-4a8b-84e2-229737654bfe&pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.itcosmetics.com%2F&ts=1662641685032&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=3083&m_rd=3223&m_pi=2178.6000003814697&m_dcl=2178.7999992370605&m_fcps=1697.8999996185303&m_pl=2179.1000003814697&m_ic=0&m_pv=v2&u_hem=FFFeb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&u_c1=8e88ee9a-faa2-4165-aa4d-ed4f81b2a4a1&u_scsid=a9ba931d-f15f-4297-a4a9-0e4b27efad7d&u_sclid=7367b5ae-89ff-4378-bc55-666453e8a96d&s_r_ids=0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
via: 1.1 google
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 104ms
104ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 98ms
98ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 100ms
100ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 056F 485 B
849 B 157ms
49ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Requested by

Host: 8563001.fls.doubleclick.net
URL: https://8563001.fls.doubleclick.net/activityi;dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

558628400140e64137f32599eda374d3a93560d45e9769c22bf42e5898723ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8563001.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 12:54:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.55e552f9.js Show response
s.pinimg.com/ct/lib/ 53 KB
18 KB 193ms
193ms Script
application/javascript 2a02:26f0:3500:883::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.55e552f9.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "84c1602180f73853dc1e35f7296bdf7d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18601
access-control-expose-headers: X-CDN

GET
H2 200 attn.js Show response
cdn.attn.tv/ 178 KB
59 KB 98ms
98ms Script
application/javascript 2600:9000:211a:5a00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/attn.js?v=4-latest_804861295
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/itcosmetics/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:5a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51445b3fa53efb863f62b3b181e34b8c7bdd65d96a3eae26dc0f338b3a3eef84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: vIGtHtCXW78h0DkAc27pcZqK.I5tV8iJ
content-encoding: gzip
etag: "111d63627c671a5dbb3a71ad16432c81"
age: 200
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 59786
last-modified: Tue, 06 Sep 2022 18:48:18 GMT
server: AmazonS3
date: Thu, 08 Sep 2022 12:51:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cac.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: GF89dqdeQ0VYk0cWJoYPpVqqpEfAlAG2Tdm0LEJcbeo_OzEH19rIVQ==

GET
H2 200 tag.js Show response
cdn.attn.tv/tag/4-latest/ 54 KB
19 KB 506ms
506ms Script
application/javascript 2600:9000:211a:5a00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/tag.js?v=4-latest_804861295
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/itcosmetics/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:5a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d34bf89642dd5265ae6c939d7f98f31dab576e0852f0fbc4c0ef852ba86d9f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: vkbi0AoYUhVZU7CoQ6zyPDEm8n8w8QWr
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 18:59:48 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"aeab1b9f3a49e96bbdef6e70ad449940"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cac.cloudfront.net (CloudFront)
cache-control: public, max-age=300
date: Thu, 08 Sep 2022 12:54:46 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: o0fz5cFUc5QAT8fRwO3JQVpHqXDqohuthhV3iu0Bd4sUPS2i1h_kVg==

GET
H2 200 4039867.js Show response
bat.bing.com/p/action/ 1 KB
844 B 315ms
314ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4039867.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ef9150869ccdd8078c3894766dc8e01669e2bc0ad5debef35a5d1ccda6bc2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E19C9ABE5D0B48A89973988D0DFD5293 Ref B: FRA31EDGE0112 Ref C: 2022-09-08T12:54:45Z
date: Thu, 08 Sep 2022 12:54:44 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
175 B 106ms
105ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4039867&tm=gtm002&Ver=2&mid=797b62ac-4d35-4ecd-ac78-322e3a792d64&sid=69c7ac702f7511ed98ce399ead9b4da8&vid=69c7dd402f7511ed8fe53f201b650db8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=It%20Cosmetics%20%7C%20Makeup,%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&kw=IT%20Cosmetics&p=https%3A%2F%2Fwww.itcosmetics.com%2F&r=&lt=2179&evt=pageLoad&sv=1&rn=242739

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D1A18031B83423AB011782537A878BE Ref B: FRA31EDGE0112 Ref C: 2022-09-08T12:54:45Z
date: Thu, 08 Sep 2022 12:54:44 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/749421453/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp...
https://www.google.com/pagead/1p-conversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h...
https://www.google.de/pagead/1p-conversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=...

42 B
64 B

47ms
24ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtYbW1BWVF6cS10N0pUTmlkRkNFaVlBeUdpLXBlbldtTHQ1OXM5allNODg0dFlCS1hObnFxWFB0N0E2N1N6YnY4WTA0ZW12cHcaWkNoRUk4S1htbUFZUXpJS1AtY0Q3cXFxOEFSSXVBQkMtenI0LV85Wm93aVVlQS1QMExtQ01PMEphOWNCZUZXR2poMkl0bzE2T1lwaHdCLTBvVnJqenJxYXpvZw&is_vtc=1&ocp_id=FOYZY6jQNfaUmLAPjcKwkAI&cid=CAQSKQCsnQUxo6uA7W1hwyhY-oqQIsAfcpClwO9S_rMSVNvfXeiC7bKhZxbL&eitems=ChAI8KXmmAYQy9P6m-u4i8UYEh0AzvEQnhqGtbyjWdtecdOI638dqlXiMPk8ZVKYzw&random=3990334934&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/749421453/?random=165595484&cv=9&fst=1662641684848&num=1&value=0&currency_code=USD&label=t7G5CM_Sp9MBEI2HreUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&auid=1902962413.1662641685&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtYbW1BWVF6cS10N0pUTmlkRkNFaVlBeUdpLXBlbldtTHQ1OXM5allNODg0dFlCS1hObnFxWFB0N0E2N1N6YnY4WTA0ZW12cHcaWkNoRUk4S1htbUFZUXpJS1AtY0Q3cXFxOEFSSXVBQkMtenI0LV85Wm93aVVlQS1QMExtQ01PMEphOWNCZUZXR2poMkl0bzE2T1lwaHdCLTBvVnJqenJxYXpvZw&is_vtc=1&ocp_id=FOYZY6jQNfaUmLAPjcKwkAI&cid=CAQSKQCsnQUxo6uA7W1hwyhY-oqQIsAfcpClwO9S_rMSVNvfXeiC7bKhZxbL&eitems=ChAI8KXmmAYQy9P6m-u4i8UYEh0AzvEQnhqGtbyjWdtecdOI638dqlXiMPk8ZVKYzw&random=3990334934&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/987290011/ 42 B
548 B 117ms
21ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987290011/?random=1662641684846&cv=9&fst=1662638400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=595490935&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/987290011/ 42 B
548 B 115ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987290011/?random=1662641684846&cv=9&fst=1662638400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=595490935&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858640376/ 42 B
108 B 130ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858640376/?random=1662641684848&cv=9&fst=1662638400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=512600510&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858640376/ 42 B
108 B 116ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858640376/?random=1662641684848&cv=9&fst=1662638400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&data=ecomm_pagetype%3Dhomepage&frm=0&url=https%3A%2F%2Fwww.itcosmetics.com%2F&tiba=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&async=1&fmt=3&is_vtc=1&random=512600510&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 p
tr.snapchat.com/ 68 B
88 B 88ms
87ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=ed716b09-2873-4b25-9d45-f59ca7a97b77&pid=e41399ac-6328-420a-88e7-bf1ff3e72ebf&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.itcosmetics.com%2F&ts=1662641685078&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=3083&m_rd=3268&m_pi=2178.6000003814697&m_dcl=2178.7999992370605&m_fcps=1697.8999996185303&m_pl=2179.1000003814697&m_ic=0&m_pv=v2&u_hem=FFFeb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&u_c1=8e88ee9a-faa2-4165-aa4d-ed4f81b2a4a1&u_scsid=a9ba931d-f15f-4297-a4a9-0e4b27efad7d&u_sclid=7367b5ae-89ff-4378-bc55-666453e8a96d&s_r_ids=0

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
via: 1.1 google
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 AddToBag.js Show response
www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/ 8 KB
3 KB 93ms
93ms XHR
application/javascript 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/components/product/AddToBag.js

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/javascripts/vendors/system.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cccf1e3fafc97acee3d482ab431cbf3d38322830fe7779bcb16555614f298204

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/x-es-module, */*
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2265
cf-polished: origSize=8226
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400
last-modified: Thu, 08 Sep 2022 00:15:43 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
cf-ray: 7477d5a439da9945-FRA
x-dw-request-base-id: nJ8mSzrOGWMBAAB_
expires: Sat, 08 Oct 2022 11:12:58 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 77ms
77ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 75ms
75ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 78ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=600434936754718&ev=PageView&dl=https%3A%2F%2Fwww.itcosmetics.com%2F&rl=&if=false&ts=1662641685096&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662641685096.1913218700&it=1662641684858&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 08 Sep 2022 12:54:45 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6EFC
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=itcosmetics.com&sn=ChromeSyncframe&so=0&topUrl=www.itcosmetics.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=La-LsXxhLzZOUDVIYVcyZm0vMTl6RW9GTzQzbi9mYzRBVzdlNTJnMEpOVlI0WGlVaUNYUEthZlRiUDNnN3QyNWplVjNiR0VsVkRFV0lJdXN2aGtFMFlTNkZCa21xd0tESDJhYXB1aTVTNGlkYTNCVmsrd0tiaEFSdGVPa0...

433 B
654 B

45ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=La-LsXxhLzZOUDVIYVcyZm0vMTl6RW9GTzQzbi9mYzRBVzdlNTJnMEpOVlI0WGlVaUNYUEthZlRiUDNnN3QyNWplVjNiR0VsVkRFV0lJdXN2aGtFMFlTNkZCa21xd0tESDJhYXB1aTVTNGlkYTNCVmsrd0tiaEFSdGVPa0NxdUFYZmlkUDVTSjFyRUFHL2tDZmZHZnNIMnpHL2hCcWtidWhWSk5KbkhSblNHWGlmdk1WWFAzM0Y0N3FDVmY1bjRyeW04SzZGcHZZd2IzWFNyYWxpTUhnVWNuR0cxVFdmL0FZY0NKS3ZNK0JKUkJ1UGlwdkFVTDQ1T3hBd3JvUmp1QzhMYmFQZTlXU0lkL0pOaGgxc0llWWRoaFBKZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

89ba47e6bab12a46c4258b98ed56a39b21a70ac9b39cab9b82260a7f7772cfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1947182
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=La-LsXxhLzZOUDVIYVcyZm0vMTl6RW9GTzQzbi9mYzRBVzdlNTJnMEpOVlI0WGlVaUNYUEthZlRiUDNnN3QyNWplVjNiR0VsVkRFV0lJdXN2aGtFMFlTNkZCa21xd0tESDJhYXB1aTVTNGlkYTNCVmsrd0tiaEFSdGVPa0NxdUFYZmlkUDVTSjFyRUFHL2tDZmZHZnNIMnpHL2hCcWtidWhWSk5KbkhSblNHWGlmdk1WWFAzM0Y0N3FDVmY1bjRyeW04SzZGcHZZd2IzWFNyYWxpTUhnVWNuR0cxVFdmL0FZY0NKS3ZNK0JKUkJ1UGlwdkFVTDQ1T3hBd3JvUmp1QzhMYmFQZTlXU0lkL0pOaGgxc0llWWRoaFBKZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 759564
content-length: 0
expires: 0

POST
H2 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 354 B
609 B 87ms
40ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 773c1b83af1f9616b45e7b82bdcea813f95bfc67c7924dbd61925a6fda685ba9

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 12:54:44 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354

GET
H2 200 it-cosmetics-lips-vitality-lip-flush-stain-4-in-1-pack-shot-je-ne-sais-quoi.jpg
www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw2a6a5f1c/product-images/Optimized/ITC_0015/ 3 KB
4 KB 53ms
53ms Image
image/webp 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/dw/image/v2/AANG_PRD/on/demandware.static/-/Sites-itcosmetics-master-catalog/default/dw2a6a5f1c/product-images/Optimized/ITC_0015/it-cosmetics-lips-vitality-lip-flush-stain-4-in-1-pack-shot-je-ne-sais-quoi.jpg?sw=270&sfrm=jpg&q=70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aab1d0c111dda59afc8bfe129be5e9a09c01e38d6c4e2ec3550d4e622c94447

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
vary: Accept
cf-cache-status: HIT
age: 64683
cf-polished: qual=85, origFmt=jpeg, origSize=4929
x-cache: Miss from cloudfront
content-disposition: inline; filename="it-cosmetics-lips-vitality-lip-flush-stain-4-in-1-pack-shot-je-ne-sais-quoi.webp"
content-length: 3462
x-amz-expiration: expiry-date="Sat, 26 Nov 2022 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified: Tue, 26 Oct 2021 04:34:15 GMT
server: cloudflare
x-amz-meta-cleanquerystring: sfrm=jpg&sw=270&q=70
etag: "4412ea061ff1392e1ad927e70de8b87a"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 7477d5a439dc9945-FRA
x-amz-cf-id: zN7ryN-GlxHQOsPHkzCU3OR_OKvabLuwCzF1iiRmiJBivjmtkHNIVA==
cf-bgj: imgq:85,h2pri

GET
H2 200 p
consent.linksynergy.com/consent/v3/ 37 B
277 B 59ms
26ms Image
image/gif 34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.itcosmetics.com&sought=false&tp=gdpr&aff_mid=42479&attr_sid=113855&purposes=&vendors=&ext_id=f15eea79-2f4e-4591-b2ab-10fe06338e7c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
via: 1.1 google
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-samesite: secure

GET
H2 200 / Show response
itcosmetics.attn.tv/d/ 5 B
285 B 443ms
397ms Fetch
application/json 104.18.6.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itcosmetics.attn.tv/d/?attn_vid=18f7a5f636104237b10ac72f3881764e
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4-latest_804861295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 7477d5a4dcdc9a41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 itcosmetics.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
393 B 435ms
434ms Script
text/javascript 2600:9000:211a:5a00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/itcosmetics.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4-latest_804861295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:5a00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
age: 26682
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cac.cloudfront.net (CloudFront)
date: Thu, 08 Sep 2022 05:33:17 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: I7n5ZRwZ4j9FPJPyYP3xRoHjaTRx0e0iSlkzn69BY595lIn2K9ucPA==

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=53594&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AeEbf18xSDBtN1lZNjdPc0JBcWU3allwJTJGbVJiQUFKOHdXVWJyUUhr...
https://widget.us.criteo.com/event?a=53594&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AeEbf18xSDBtN1lZNjdPc0JBcWU3allwJTJGbVJiQUFKOHdXVWJyUUhr...

8 KB
4 KB

387ms
108ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=53594&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AeEbf18xSDBtN1lZNjdPc0JBcWU3allwJTJGbVJiQUFKOHdXVWJyUUhrJTJGNE1WYzFBMEQzOW5sVjdnY2puMHhvZzFFQXljRnZEJTJCQyUyQnoyOEJQbXpQV2g4JTJGJTJCMXZEcTgyVkhxZm1NQ29iMFN3RWJlaGdBQkF0M1dpVElJUlk4eUFNaWlrRUp2MXpkS3p3QWJBNXdNQ2Z4bUVOVklKY3clM0QlM0Q&tld=itcosmetics.com&fu=https%253A%252F%252Fwww.itcosmetics.com%252F&dtycbr=2178

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3b97d762df6072aa5bce3afcd9eca2f237ad6c3fc10ac3a4feb715ac347df544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16140109
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
content-encoding: gzip
server: Kestrel
location: https://widget.us.criteo.com/event?a=53594&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AeEbf18xSDBtN1lZNjdPc0JBcWU3allwJTJGbVJiQUFKOHdXVWJyUUhrJTJGNE1WYzFBMEQzOW5sVjdnY2puMHhvZzFFQXljRnZEJTJCQyUyQnoyOEJQbXpQV2g4JTJGJTJCMXZEcTgyVkhxZm1NQ29iMFN3RWJlaGdBQkF0M1dpVElJUlk4eUFNaWlrRUp2MXpkS3p3QWJBNXdNQ2Z4bUVOVklKY3clM0QlM0Q&tld=itcosmetics.com&fu=https%253A%252F%252Fwww.itcosmetics.com%252F&dtycbr=2178
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6316935
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame A584 194 B
870 B 73ms
46ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNnaiviehfoCFV7KOwIdBhgLbQ;src=8563001;type=itcos00;cat=itcos00;ord=7645219959765;gtm=2wg8v0;auiddc=1902962413.1662641685;~oref=https%3A%2F%2Fwww.itcosmetics.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 12:54:45 GMT
expires: Thu, 08 Sep 2022 12:54:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
856 B 136ms
55ms XHR
application/json 92.123.36.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2616019776711&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1662641685301

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.55e552f9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.36.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-36-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

0cd5443c326181df3c9f8d265c97237a85f7f8964bc3b2f9a6119fdeabada840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.67611702.1662641685.49277668
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1501887702345204
pin-unauth: dWlkPU1HSXhZVEE1WVdRdFlUYzJaaTAwWWpRMUxUZzFZelV0TkdKak5HSXpabUZoWXpFeQ
access-control-allow-origin: https://www.itcosmetics.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 371
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 131ms
61ms Image
image/gif 92.123.36.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2616019776711&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2255e552f9%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1662641685311

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.36.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-36-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.67611702.1662641685.49277670
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1355924674886773
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
577 B 135ms
66ms Image
image/gif 92.123.36.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2616019776711&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22country%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.itcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2255e552f9%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1662641685313

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.36.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-36-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.67611702.1662641685.49277675
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1339485167224049
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.itcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/ 20 B
363 B 415ms
189ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/prop.json?_=1662641685366
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:45 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H2 200 4039867 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 227ms
129ms Script
application/x-javascript 2620:1ec:27::cafe:1586
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4039867
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4039867.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: b3efcc65f87b93c1c861a240131995d3e98e34e9fa5a4d323c684fea63e91a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
x-powered-by: ASP.NET
x-azure-ref: 0FeYZYwAAAACzvPvaBBzoQalP7gHYl/SQTVJTMjBFREdFMDMwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 0C06 565 B
590 B 64ms
63ms Document
text/html 92.123.36.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.55e552f9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.36.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-36-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.67611702.1662641685.4927771c
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 12:54:45 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1097822011214316

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/ 282 KB
102 KB 58ms
57ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Requested by

Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/js/vendors/le-mtagconfig.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

d19a8062445f1f41b4e206e11cc69e95b94048b31bf5320950927201f72ade84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 css
fonts.googleapis.com/ 3 KB
703 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: origin.extole.io
URL: https://origin.extole.io/it-cosmetics/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:50:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 12:54:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 12:54:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:700

Requested by

Host: origin.extole.io
URL: https://origin.extole.io/it-cosmetics/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03e4cd39cd3d0911fda12e26601476583815e0114064090319218f3a7b32f2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:46:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 12:54:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 12:54:45 GMT

GET
H/1.1 200
OK main-en.css
origin.xtlo.net/type=creativeArchive:clientId=807935562:creativeArchiveId=6743545391552903078:version=39:coreAssetsVersion=1544591110402/css/ 2 KB
904 B 179ms
19ms Stylesheet
text/css 2a02:26f0:ea:488::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=creativeArchive:clientId=807935562:creativeArchiveId=6743545391552903078:version=39:coreAssetsVersion=1544591110402/css/main-en.css
Requested by: Host: origin.extole.io
URL: https://origin.extole.io/it-cosmetics/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ea:488::10f5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 08f220c9aec9350a4dba24420504f40874873f6d43860132441cbfb02bcb1239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 12:54:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 04:31:19 GMT
Server: Extole
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: no-transform, max-age=1978179
Connection: keep-alive
Content-Length: 559

POST
H2 200 e
events.attentivemobile.com/ 0
179 B 191ms
123ms Ping
text/plain 104.18.15.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.16.1_930afb9871&pd=https%3A%2F%2Fwww.itcosmetics.com%2F&u=18f7a5f636104237b10ac72f3881764e&c=itcosmetics&ceid=4YP&lt=1662641685578&tag=modern&cs=520305966&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1662641685581
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/tag.js?v=4-latest_804861295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 4
cf-ray: 7477d5a75cde6949-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 652E 0
17 B 18ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.itcosmetics.com
Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.itcosmetics.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 12:54:45 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c/s/0.6.40/ 54 KB
23 KB 120ms
119ms Script
application/javascript 2620:1ec:27::cafe:1586
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4039867
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: br
etag: "1d8bd4806fdad30"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0FeYZYwAAAAAlC+LpG0+TRqzev2nld4hBTVJTMjBFREdFMDMwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23442
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E64E9F58714B40DCAB274F7C6933B61C&RedC=c.clarity.ms&MXFR=19B7CBEA9F8267030A3ED9F39B8269EA
https://c.clarity.ms/c.gif?CtsSyncId=E64E9F58714B40DCAB274F7C6933B61C&MUID=04CC075222AD6CC22995154B23016D47

42 B
367 B

30ms
30ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E64E9F58714B40DCAB274F7C6933B61C&MUID=04CC075222AD6CC22995154B23016D47
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:44 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 892D205B10FF4D8FB867E7D82F1E0BF8 Ref B: FRA31EDGE0112 Ref C: 2022-09-08T12:54:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E64E9F58714B40DCAB274F7C6933B61C&MUID=04CC075222AD6CC22995154B23016D47
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 204 unrenderedCreative
itcosmetics.attn.tv/ 0
0 441ms
424ms Fetch 104.18.6.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itcosmetics.attn.tv/unrenderedCreative?v=e587f6d6&r=&id=18f7a5f636104237b10ac72f3881764e&pv=1&l=https%3A%2F%2Fwww.itcosmetics.com%2F&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4-latest_804861295
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.6.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 18
cf-ray: 7477d5a76c199201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/ 6 KB
3 KB 126ms
44ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

14cceaf27355d6e5946e221d12338f4946787ea9013677c3fee173f7fc9be4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 08 Sep 2022 12:55:45 GMT

GET
H/1.1 200
OK loadscript2.js Show response
static-assets.dev.fs.liveperson.com/ABC/ 908 B
1 KB 76ms
24ms Script
application/javascript 143.204.215.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.dev.fs.liveperson.com/ABC/loadscript2.js
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-79.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b20cb94d01d0f40a92dcef9f248535fa9a883868ca63a2c202bf0153e302f50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: .YDMuLISSa7Z5ge9j5i.kUyM9Era9jNT
Via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
ETag: "0453bc344b0188432cfe659ffe6cea39"
Age: 176
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 908
Last-Modified: Thu, 01 Sep 2022 21:27:41 GMT
Server: AmazonS3
Date: Thu, 08 Sep 2022 12:54:45 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: Rk1PpxZapfeumEHOo3KR-DmAeQL6XLEp11nvSkPgxeIP42OD_FHmWw==

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ 39 KB
15 KB 115ms
42ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ui-framework.js?version=10.20.1.9-release_5536

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:45 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ 88 KB
30 KB 136ms
63ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/UMSClientAPI.min.js?version=10.20.1.9-release_5536

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Aug 2022 14:50:34 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:45 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ 92 KB
31 KB 158ms
85ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/lpChatV3.min.js?version=10.20.1.9-release_5536

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:45 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ 8 KB
3 KB 137ms
64ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/surveylogicinstance.min.js?version=10.20.1.9-release_5536

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Aug 2022 14:50:35 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:45 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/ 47 KB
8 KB 100ms
25ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

1c9b67c627dc66924e49ad37fdbfd7d2fe99285ac00c5191bacbd124fac78879

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 08 Sep 2022 12:55:45 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 0171
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-V83knYPh0iaRZ6MhOuae17d_EUWutTNnS2Dc8g&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-V83knYPh0iaRZ6MhOuae17d_EUWutTNnS2Dc8g&expires=30

43 B
495 B

14ms
14ms

Image
image/gif

3.67.157.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-V83knYPh0iaRZ6MhOuae17d_EUWutTNnS2Dc8g&expires=30
Protocol: HTTP/1.1
Server: 3.67.157.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 12:54:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-V83knYPh0iaRZ6MhOuae17d_EUWutTNnS2Dc8g&expires=30
Date: Thu, 08 Sep 2022 12:54:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0171
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hJAOgIPh0iaRZ6MhOuae17d_EUXgU6N4qoV7Fw&google_cm&google_hm=ay1oSkFPZ0lQaDBpYVJaNk1oT3VhZTE3ZF9FVVhnVTZON...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hJAOgIPh0iaRZ6MhOuae17d_EUXgU6N4qoV7Fw&google_gid=CAESEKp1S5PUlIvhHKedbyw5wrw&google_cver=1&google_ula=913071,0

43 B
371 B

74ms
23ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hJAOgIPh0iaRZ6MhOuae17d_EUXgU6N4qoV7Fw&google_gid=CAESEKp1S5PUlIvhHKedbyw5wrw&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1798457
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hJAOgIPh0iaRZ6MhOuae17d_EUXgU6N4qoV7Fw&google_gid=CAESEKp1S5PUlIvhHKedbyw5wrw&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0171
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4250082167376643176

43 B
370 B

57ms
23ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4250082167376643176

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2291613
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:45 GMT
X-Proxy-Origin: 81.95.5.37; 81.95.5.37; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d1577e43-46e1-463f-95d9-c2c56f442dd3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4250082167376643176
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame 0171
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-yrEO2IPh0iaRZ6MhOuae17d_EUVel0uVs7UnhQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-yrEO2IPh0iaRZ6MhOuae17d_EUVel0uVs7UnhQ&C=1

43 B
873 B

41ms
28ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-yrEO2IPh0iaRZ6MhOuae17d_EUVel0uVs7UnhQ&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7477d5a8c9a8bb4a-FRA
pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEJHSPyhgpOiAGEqG2W7KS5MNqBRp4Dz5wAGqhc7Uioq9XGCsxVWnqK9%2B%2BnagiJoBv%2BKyvbjAnJqQJKWPSG%2FeKb6W%2B%2FDXrcdiFifVlbupDPB7AILwPbxrU%2BiPaW%2BGWYidE59"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qkKnF%2FouqWnXpi%2FPmWJWKSZz0Mw%2B%2FWq3nUvVbCOGUChnpvkIv1iDlgyBXsPgm5CnmnhNVAyMarps5tenkfDikzR%2BichdW7a7cYmZOFSrp7aevuhHbfPiElsPM6H1G214CSu"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-yrEO2IPh0iaRZ6MhOuae17d_EUVel0uVs7UnhQ&C=1
cache-control: no-cache
cf-ray: 7477d5a87fff9049-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 0171
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-02t1BIPh0iaRZ6MhOuae17d_EUWWiJqkZQMlSQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-02t1BIPh0iaRZ6MhOuae17d_EUWWiJqkZQMlSQ

43 B
447 B

33ms
33ms

Image
image/gif

52.31.243.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-02t1BIPh0iaRZ6MhOuae17d_EUWWiJqkZQMlSQ
Protocol: H2
Server: 52.31.243.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-109.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Sep 2022 12:54:46 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-02t1BIPh0iaRZ6MhOuae17d_EUWWiJqkZQMlSQ
date: Thu, 08 Sep 2022 12:54:46 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 0171 45 B
786 B 99ms
47ms Image
image/gif 184.51.8.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-DpCyTIPh0iaRZ6MhOuae17d_EUXFJbahfYfJ5w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-8-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Thu, 08 Sep 2022 12:54:45 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 08 Sep 2022 12:54:45 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 0171 40 B
40 B 48ms
14ms Image
text/html 3.125.132.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-mL5ePYPh0iaRZ6MhOuae17d_EUVbXlct5pjatA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.132.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-132-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 0171 0
308 B 373ms
90ms Image
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-5WyVgoPh0iaRZ6MhOuae17d_EUWHItRWTeDP8w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 12:54:46 GMT
Cache-Control: no-cache
X-TraceId: 4e813c1032ab6f390b1ea0c44975d62f
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0171 0
225 B 123ms
18ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-f9ZHrYPh0iaRZ6MhOuae17d_EUUiNBr_AW85Ug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 0171 0
239 B 66ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Q1kXZYPh0iaRZ6MhOuae17d_EUVzojP9IIWUqA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 0171 0
35 B 93ms
10ms Image
text/plain 3.127.128.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-WPute4Ph0iaRZ6MhOuae17d_EUXekSLDmYaFJw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.128.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-128-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0171 43 B
163 B 76ms
20ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-2lNyH4Ph0iaRZ6MhOuae17d_EUXvKpl19q5_lQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0171 0
99 B 51ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-jZvupIPh0iaRZ6MhOuae17d_EUWUWWGl_v14NA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13007

GET
H2 200 um
criteo-sync.teads.tv/ Frame 0171 23 B
172 B 154ms
55ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-AXsCOIPh0iaRZ6MhOuae17d_EUXmmOAMhzNEIA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:46 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 08 Sep 2022 12:54:46 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 0171 37 B
140 B 28ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-pgsrX4Ph0iaRZ6MhOuae17d_EUWkFGPmb_QHfg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 0171
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nOg1MoPh0iaRZ6MhOuae17d_EUW4gYWuhqTnBA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nOg1MoPh0iaRZ6MhOuae17d_EUW4gYWuhqTnBA&verify=true

0
121 B

11ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nOg1MoPh0iaRZ6MhOuae17d_EUW4gYWuhqTnBA&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nOg1MoPh0iaRZ6MhOuae17d_EUW4gYWuhqTnBA&verify=true
date: Thu, 08 Sep 2022 12:54:45 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0171 0
522 B 41ms
16ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-jsOrMoPh0iaRZ6MhOuae17d_EUVIvuTb_021Hw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 07 Sep 2022 12:54:45 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 0171 43 B
163 B 60ms
19ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-djyw8YPh0iaRZ6MhOuae17d_EUXp98YgCUzt2w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
last-modified: Fri, 07 Feb 2020 08:03:00 GMT
server: nginx
accept-ranges: bytes
etag: "5e3d19b4-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 0171 49 B
235 B 70ms
20ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-CIhzJ4Ph0iaRZ6MhOuae17d_EUWZ9CFzgHHI3Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 0171
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=upMBtAoxyEeN61kvJ0mvNELVL4MCuVnh
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=upMBtAoxyEeN61kvJ0mvNELVL4MCuVnh

42 B
942 B

34ms
34ms

Image
image/gif

54.77.35.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=upMBtAoxyEeN61kvJ0mvNELVL4MCuVnh

Protocol

HTTP/1.1

Server

54.77.35.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-08ff11a55.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: S/EZizWiRy4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v039-0d5a37ed3.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Bbh28mqGTNc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=upMBtAoxyEeN61kvJ0mvNELVL4MCuVnh
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

sync
ad.sxp.smartclip.net/ Frame 0171
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-ZdZwJYPh0iaRZ6MhOuae17d_EUWSuyROo1CH8w
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-ZdZwJYPh0iaRZ6MhOuae17d_EUWSuyROo1CH8w&ang_testid=1

42 B
60 B

36ms
10ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-ZdZwJYPh0iaRZ6MhOuae17d_EUWSuyROo1CH8w&ang_testid=1
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 08 Sep 2022 12:54:45 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-ZdZwJYPh0iaRZ6MhOuae17d_EUWSuyROo1CH8w&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 0171 43 B
183 B 292ms
92ms Image
image/gif 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-2ObguoPh0iaRZ6MhOuae17d_EUWA8PxFzhVDFA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 0171 43 B
153 B 81ms
21ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-uyF69IPh0iaRZ6MhOuae17d_EUU2ZkuevuUxnQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Sep 2022 12:54:46 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 0171 43 B
220 B 92ms
29ms Image
image/gif 54.77.57.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-okSQfYPh0iaRZ6MhOuae17d_EUUgfZb6KZpFug&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.57.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-57-168.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Sep 2022 12:54:46 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/ 20 B
363 B 95ms
95ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/prop.json?_=1662641685805
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:45 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H2 200 __Analytics-Start
www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/ 35 B
124 B 125ms
124ms Image
image/gif 104.16.109.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.itcosmetics.com/on/demandware.store/Sites-itcosmetics-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.itcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.844318075250382&cmpn=&tz=US/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.109.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 12:54:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=86400
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 7477d5a868109945-FRA
x-dw-request-base-id: TzhbExXmGWMBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/ 949 KB
296 KB 51ms
51ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.20.1.9-release_5536/desktopEmbedded.js?version=10.20.1.9-release_5536

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

bc5259e990ef3d6917c3a9b7e7bccd0a7ab8f638db8ff00ec77553894ed915ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Aug 2022 14:50:34 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:45 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
177 B 306ms
99ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.itcosmetics.com
date: Thu, 08 Sep 2022 12:54:45 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ Frame B3B9 39 KB
16 KB 117ms
116ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.html?loc=https%3A%2F%2Fwww.itcosmetics.com&site=73595848&env=prod

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Thu, 08 Sep 2022 12:54:45 GMT
expires: Fri, 08 Sep 2023 12:54:45 GMT
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

POST
H3 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 419 B
437 B 119ms
102ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 9c237e9fdb04ee9c86681c4c355e65ff99ce1992d5847ee4c8ba04b0a5cea83a

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 12:54:45 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 419

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0171 0
522 B 38ms
38ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-jsOrMoPh0iaRZ6MhOuae17d_EUVIvuTb_021Hw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:45 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 07 Sep 2022 12:54:45 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0171 0
522 B 20ms
19ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=12438557&ext_id=k-jsOrMoPh0iaRZ6MhOuae17d_EUVIvuTb_021Hw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:46 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 07 Sep 2022 12:54:46 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/ 20 B
363 B 96ms
96ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/prop.json?_=1662641686002
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:46 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 821ms
308ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.itcosmetics.com
date: Thu, 08 Sep 2022 12:54:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/ 37 KB
15 KB 43ms
43ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.18.0.0-release_5078/storage.secure.min.js?loc=https%3A%2F%2Fwww.itcosmetics.com&site=73595848&force=1&env=prod

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:15:58 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:46 GMT

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 242 B
1 KB 489ms
182ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?&cb=lpCb93014x55399&t=sp&ts=1662641685698&pid=1427657784&tid=7114491436&pt=It%20Cosmetics%20%7C%20Makeup%2C%20Skincare%20%26%20Brushes%20for%20the%20Most%20Beautiful%20You!&u=https%3A%2F%2Fwww.itcosmetics.com%2F&sec=%5B%22Home%22%5D&df=0&os=0&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22ctype%22%3Anull%2C%22accountName%22%3A%22aBi16000000XbjZCAS%22%2C%22customerId%22%3A%22828967241.1662641685%22%7D%7D%2C%7B%22type%22%3A%22personal%22%2C%22personal%22%3A%7B%22company%22%3A%22aBT160000004D1TGAU%22%7D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: bfd2f2bd2dee47c3ab0c509bf90243be9cfdf4a5a09c1e12189e5d4c40ca9d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0171
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dB2shSwaJN3iTQCQpKI28c135P7BbY4j

0
338 B

114ms
31ms

Image
text/plain

52.215.16.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dB2shSwaJN3iTQCQpKI28c135P7BbY4j
Protocol: H2
Server: 52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1662641686
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dB2shSwaJN3iTQCQpKI28c135P7BbY4j
date: Thu, 08 Sep 2022 12:54:45 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1558322
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/ 20 B
420 B 96ms
96ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 12:54:46 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.itcosmetics.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/ Frame 0
0 95ms
95ms Preflight 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/edd8a9329ddd/c9af38100f42442ba53ca110aad9dd52/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.itcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Thu, 08 Sep 2022 12:54:46 GMT
Vary: Access-Control-Request-Headers

GET
H2

200

cs
s.thebrighttag.com/ Frame 0171
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JdHb12277zBXow6oUi5wfOyXPGOe_ryw

35 B
268 B

393ms
104ms

Image
image/gif

3.128.146.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JdHb12277zBXow6oUi5wfOyXPGOe_ryw
Protocol: H2
Server: 3.128.146.7 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-146-7.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
x-bt-requestid: 6abcca70-2f75-11ed-aec6-0000ac1703f4
server: nginx
date: Thu, 08 Sep 2022 12:54:46 GMT
p3p: CP=NOI DSP COR NID
access-control-allow-origin
cache-control: private, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=JdHb12277zBXow6oUi5wfOyXPGOe_ryw
date: Thu, 08 Sep 2022 12:54:45 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1057185
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 929 B
1 KB 97ms
96ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=Gu3fl4ERSVqWfikA5xqvWQ&cb=lpCb20495x96311&t=uc&ts=1662641685817&pid=1427657784&tid=7114491436&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22ngl-livechat-footer%22%7D%2C%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22ngl-livechat-sticky-button%22%7D%5D&vid=YxODEzZWJkNTJkMTUwNGRl
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: af3263390c13e2184071fa8e3b90d74a1b2c1fe6a340797dfd9b543dae12c8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.52.0.0-release_5108/jsv2/ 9 KB
4 KB 23ms
22ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_re/3.52.0.0-release_5108/jsv2/overlay.js?_v=3.52.0.0-release_5108

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a10e8b884f045a6cb59fc69549e06fd49cab376c307668ba0378082170a4572a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:12:57 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:46 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.52.0.0-release_5108/jsv2/ 30 KB
12 KB 43ms
43ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_re/3.52.0.0-release_5108/jsv2/UISuite.js?_v=3.52.0.0-release_5108

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 03:12:57 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Fri, 08 Sep 2023 12:54:46 GMT

GET
H2 200 5849 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089330/revision/ 2 KB
2 KB 26ms
25ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089330/revision/5849?v=3.0&cb=lp3436089330&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

3d7b75f6f78156db8c265b88597ad81355fdfe70889489408629ec69fa08b8f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 08 Sep 2022 12:55:46 GMT

GET
H2 200 5849 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089830/revision/ 2 KB
2 KB 45ms
45ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/le-campaigns/campaigns/3436089230/engagements/3436089830/revision/5849?v=3.0&cb=lp3436089830&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

5ce94674e8b0715ea5e6d6acb7277f5a2bd8b5d61ac1504a5bbe940d9392118e

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 08 Sep 2022 12:55:46 GMT

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 94ms
94ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=Gu3fl4ERSVqWfikA5xqvWQ&cb=lpCb84721x37408&t=pl&ts=1662641686122&pid=1427657784&tid=7114491436&vid=YxODEzZWJkNTJkMTUwNGRl
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 549300258c9721205c0ace0b0430c76a1a9df971c233364e7960dbcaf71cbdb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 1583210514 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/ 4 KB
3 KB 42ms
42ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/1583210514?cb=lpCb43651x58677

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

3ed71f5b1ecda7f14559b5733291bc2df9244b3b46e449e47d60561a1d18d436

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 08 Sep 2022 12:55:46 GMT

GET
H2 200 1583210514 Show response
accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/ 4 KB
3 KB 89ms
89ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/73595848/configuration/engagement-window/window-confs/1583210514?cb=lpCb25750x14475

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

f28f3972d7a694d537bba0638853ef1566784d09dd7e8689b9aabd8a3c895b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 08 Sep 2022 12:55:46 GMT

POST
H3 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 18 B
35 B 28ms
28ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 41 B
791 B 95ms
95ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=Gu3fl4ERSVqWfikA5xqvWQ&cb=lpCb86258x3604&t=uc&ts=1662641686819&pid=1427657784&tid=7114491436&vid=YxODEzZWJkNTJkMTUwNGRl&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A3436089230%2C%22engId%22%3A3436089330%2C%22revision%22%3A5849%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 32fcca5f4a3c973ba72d517ec99790e0cfcc328091af87d1b9ac56806e9c4722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 73595848 Show response
va.v.liveperson.net/api/js/ 42 B
792 B 93ms
93ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/73595848?sid=Gu3fl4ERSVqWfikA5xqvWQ&cb=lpCb29689x93930&t=uc&ts=1662641686868&pid=1427657784&tid=7114491436&vid=YxODEzZWJkNTJkMTUwNGRl&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A3436089230%2C%22engId%22%3A3436089830%2C%22revision%22%3A5849%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%222%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/73595848/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=Home&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 81ecddcefb1827c4905e94cf8f920a5be8a919609a1f50c016453a39defaeb15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.itcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H3 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 18 B
35 B 30ms
29ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 12:54:46 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 97ms
97ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.itcosmetics.com
date: Thu, 08 Sep 2022 12:54:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H3 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 18 B
35 B 31ms
31ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 12:54:47 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18

POST
H3 200 collector Show response
collector-px9gxgqy6v.px-cloud.net/api/v2/ 18 B
35 B 24ms
23ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px9gxgqy6v.px-cloud.net/api/v2/collector
Requested by: Host: www.itcosmetics.com
URL: https://www.itcosmetics.com/IZ/PX9gXgqy6v/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031

Request headers

Referer: https://www.itcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Sep 2022 12:54:49 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.itcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

91 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 05:52:08	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.itcosmetics.com/	1969-12-31 23:59:59	Name: dwac_2bb74a522b3dbd1580b5ef276a Value: omwYm9E7c3AhXl6AAGvELscFjFgLf5Zx-us%3D\|dw-only\|\|\|USD\|false\|US%2FEastern\|true
www.itcosmetics.com/	1969-12-31 23:59:59	Name: cqcid Value: abvFqoQI4PV4fg1fSbTXdB2k6C
www.itcosmetics.com/	1969-12-31 23:59:59	Name: cquid Value: \|\|
www.itcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: omwYm9E7c3AhXl6AAGvELscFjFgLf5Zx-us
www.itcosmetics.com/	1970-01-20 05:52:08	Name: skipGeoRedirect Value: true
www.itcosmetics.com/	1970-01-20 10:09:53	Name: dwanonymous_7832f8d434ad2b090c0bf461bc03f030 Value: abvFqoQI4PV4fg1fSbTXdB2k6C
www.itcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
www.itcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 0
www.itcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: Q4M_X2kKMt7tY6QW1t1tQSbqq5yzTtffNtasLGpqmYUixBgrQCB1K6jY5jtXpwuy-A8l_ZU_BJ18gbplRfNNjg==
.itcosmetics.com/	1970-01-20 15:26:41	Name: ftr_ncd Value: 6
.itcosmetics.com/	1970-01-20 15:26:41	Name: forterToken Value: c9af38100f42442ba53ca110aad9dd52_1662641684127__UDF43_9ck
.itcosmetics.com/	1970-01-20 15:26:41	Name: og_session_id Value: 85cfa0c6425311e89bdabc764e1107f2.604719.1662641684
.igodigital.com/	1970-01-20 15:26:41	Name: igodigitaltc2 Value: 697c1350-2f75-11ed-8f78-2abeee010728
.igodigital.com/	1970-01-20 05:50:45	Name: igodigitalst_7290682 Value: 697c1922-2f75-11ed-8f78-2abeee010728
.igodigital.com/	1970-01-20 05:50:45	Name: igodigitalstdomain Value: 29993
.itcosmetics.com/	1970-01-20 08:00:17	Name: _gcl_au Value: 1.1.1902962413.1662641685
www.itcosmetics.com/	1970-01-20 05:50:43	Name: ga_session Value: true
.bing.com/	1970-01-20 15:12:17	Name: MUID Value: 04CC075222AD6CC22995154B23016D47
.itcosmetics.com/	1970-01-20 14:36:17	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Sep+08+2022+12%3A54%3A44+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&hosts=&consentId=b8bb7c57-b6d2-4831-90c0-bd01c1d14600&interactionCount=0&landingPath=https%3A%2F%2Fwww.itcosmetics.com%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.agkn.com/	1970-01-20 14:36:17	Name: ab Value: 0001%3AymOoNKJbkwISWcqn5STRjDN8HjKCZ5gz
.agkn.com/	1970-01-20 14:36:17	Name: u Value: C\|0CAAqrKKUKqyilAAAAAAAAUBiAAAAAA
.itcosmetics.com/	1970-01-20 05:52:08	Name: _gid Value: GA1.2.1290144826.1662641685
.itcosmetics.com/	1970-01-20 15:26:41	Name: _ga_DPN15YB5DF Value: GS1.1.1662641684.1.0.1662641684.0.0.0
.criteo.com/	1970-01-20 15:12:17	Name: uid Value: 32e9c586-f24d-42fb-99c9-233cb456d611
.itcosmetics.com/	1970-01-20 15:20:28	Name: _scid Value: 8e88ee9a-faa2-4165-aa4d-ed4f81b2a4a1
.itcosmetics.com/	1970-01-20 15:26:41	Name: _ga Value: GA1.2.828967241.1662641685
.itcosmetics.com/	1970-01-20 05:52:08	Name: _uetsid Value: 69c7ac702f7511ed98ce399ead9b4da8
.itcosmetics.com/	1970-01-20 15:12:17	Name: _uetvid Value: 69c7dd402f7511ed8fe53f201b650db8
.itcosmetics.com/	1970-01-20 08:00:17	Name: _fbp Value: fb.1.1662641685096.1913218700
.snapchat.com/	1970-01-20 15:12:17	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiREAMAQEwIrMIFyknDxUofjs+q60MZ1urkXGOynMi56qYN6Mw9UtgMIE4c0fuY/R2TIAAAA=
.doubleclick.net/	1970-01-20 15:12:17	Name: IDE Value: AHWqTUnNPfRR_QludyVrwlHLe8DNEB24l2NATomB_s8xJLE7SCtvnpF8m68z9zNg
www.itcosmetics.com/	1970-01-20 15:26:41	Name: __attentive_id Value: 18f7a5f636104237b10ac72f3881764e
www.itcosmetics.com/	1970-01-20 15:26:41	Name: __attentive_cco Value: 1662641685201
www.itcosmetics.com/	1970-01-20 05:50:41	Name: _pxff_cc Value: U2FtZVNpdGU9TGF4Ow==
.itcosmetics.com/	1969-12-31 23:59:59	Name: pxcts Value: 69d75918-2f75-11ed-aa87-6d73654d6746
.itcosmetics.com/	1970-01-20 14:36:17	Name: _pxvid Value: 69d74d84-2f75-11ed-aa87-6d73654d6746
.linksynergy.com/	1970-01-20 14:36:17	Name: rmuid Value: 25517f39-19f0-4ad5-bc61-0e630376fdc5
.cquotient.com/	1970-01-20 15:19:29	Name: uuid Value: abvFqoQI4PV4fg1fSbTXdB2k6C
.itcosmetics.com/	1970-01-20 15:20:05	Name: cto_bundle Value: AeEbf18xSDBtN1lZNjdPc0JBcWU3allwJTJGbVJiQUFKOHdXVWJyUUhrJTJGNE1WYzFBMEQzOW5sVjdnY2puMHhvZzFFQXljRnZEJTJCQyUyQnoyOEJQbXpQV2g4JTJGJTJCMXZEcTgyVkhxZm1NQ29iMFN3RWJlaGdBQkF0M1dpVElJUlk4eUFNaWlrRUp2MXpkS3p3QWJBNXdNQ2Z4bUVOVklKY3clM0QlM0Q
.itcosmetics.com/	1970-01-20 15:19:29	Name: __cq_uuid Value: abvFqoQI4PV4fg1fSbTXdB2k6C
.itcosmetics.com/	1970-01-20 06:33:53	Name: __cq_seg Value: 0~0.00!1~0.00!2~0.00!3~0.00!4~0.00!5~0.00!6~0.00!7~0.00!8~0.00!9~0.00
.t.co/	1970-01-20 15:26:41	Name: muc_ads Value: 76b037fc-2fbb-43d2-bb8d-19299dabd414
.twitter.com/	1970-01-20 15:26:41	Name: personalization_id Value: "v1_78PzAP/aiaQFhgthkRGmbA=="
.itcosmetics.com/	1970-01-20 14:36:17	Name: _pin_unauth Value: dWlkPU1HSXhZVEE1WVdRdFlUYzJaaTAwWWpRMUxUZzFZelV0TkdKak5HSXpabUZoWXpFeQ
.ct.pinterest.com/	1970-01-20 14:36:17	Name: _pinterest_ct_ua Value: "TWc9PSZ1VmtYZ24yazY2N0ROSm9qV3g0Sis5K08wYmU5T0FWWGxsTkFnNkM5cUxEZ0J6R25hditxd3BEbjhzYlU3K2s1enViVGhJSEVtNlJrUm45SHgvbnArcGJabEpuYnN0NkVKZzcreFZKcDBVRT0mdTY5QTBDNFFQNTl2azBJNnV3bEhNdHNjOFBRPQ=="
.refer.itcosmetics.com/	1970-01-20 14:36:17	Name: access_token Value: VGRGTJLJ9TJ1TID4PQAP25HP8O
.refer.itcosmetics.com/	1970-01-20 14:36:17	Name: xtl_bid Value: 7140991663472087715
www.itcosmetics.com/	1970-01-20 14:36:17	Name: extole_access_token Value: VGRGTJLJ9TJ1TID4PQAP25HP8O
www.itcosmetics.com/	1970-01-20 15:26:41	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjYyNjQxNjg1NTgwLFwidW9cIjoxNjYyNjQxNjg1NTgwLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjE4ZjdhNWY2MzYxMDQyMzdiMTBhYzcyZjM4ODE3NjRlXCJ9In0=
www.clarity.ms/	1970-01-20 14:36:17	Name: CLID Value: 5730fc5902484bfaae881f98e290eba2.20220908.20230908
www.itcosmetics.com/	1970-01-20 05:50:43	Name: __attentive_pv Value: 1
www.itcosmetics.com/	1970-01-20 05:50:43	Name: __attentive_ss_referrer Value: "ORGANIC"
www.itcosmetics.com/	1970-01-20 05:52:08	Name: __attentive_dv Value: 1
.itcosmetics.com/	1970-01-20 14:36:17	Name: _clck Value: 3aocjn\|1\|f4p\|0
.c.bing.com/	1970-01-20 15:12:17	Name: SRM_B Value: 04CC075222AD6CC22995154B23016D47
.bidswitch.net/	1970-01-20 14:36:17	Name: tuuid Value: 8b321c45-219b-4079-8a46-26a042c00670
.bidswitch.net/	1970-01-20 14:36:17	Name: c Value: 1662641685
.bidswitch.net/	1970-01-20 14:36:17	Name: tuuid_lu Value: 1662641685
.adnxs.com/	1970-01-20 08:00:17	Name: uuid2 Value: 4250082167376643176
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:12:17	Name: MUID Value: 04CC075222AD6CC22995154B23016D47
.c.clarity.ms/	1970-01-20 05:50:42	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-20 14:36:17	Name: CMID Value: YxnmFaFnmtJ.O2XM.1s1OQAA
.casalemedia.com/	1970-01-20 08:00:17	Name: CMPS Value: 5134
.casalemedia.com/	1970-01-20 08:00:17	Name: CMPRO Value: 5134
exchange.mediavine.com/	1970-01-20 06:10:51	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%226a421c30-2f75-11ed-9a1b-83e90c225598%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:10:51	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226a421c30-2f75-11ed-9a1b-83e90c225598%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:10:51	Name: criteo Value: %7B%22id%22%3A%22k-mL5ePYPh0iaRZ6MhOuae17d_EUVbXlct5pjatA%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 08:00:17	Name: CMTS Value: 1189
.media.net/	1970-01-20 14:36:17	Name: visitor-id Value: 3056432858173350000V10
.media.net/	1970-01-20 06:33:53	Name: data-c-ts Value: 1662641685
.media.net/	1970-01-20 06:33:53	Name: data-c Value: k-DpCyTIPh0iaRZ6MhOuae17d_EUXFJbahfYfJ5w~~3
.yahoo.com/	1970-01-20 14:36:39	Name: A3 Value: d=AQABBBXmGWMCEHJdG6xEXA0BFAO3e1IK8sQFEgEBAQE3G2MjYwAAAAAA_eMAAA&S=AQAAAtn_zhwN-xdynBdyM5Rgbb8
.analytics.yahoo.com/	1970-01-20 14:36:17	Name: IDSYNC Value: 18zh~271o
.yieldlab.net/	1970-01-20 14:36:17	Name: id Value: 3256dcbb-e8ba-4279-b25a-a182de0e1908
.sxp.smartclip.net/	1970-01-20 06:33:53	Name: uuid Value: 959c2690-15e6-1963-7f72-467783fae94f
.sxp.smartclip.net/	1970-01-20 06:33:53	Name: dspuuid Value: 69.k-ZdZwJYPh0iaRZ6MhOuae17d_EUWSuyROo1CH8w
.sxp.smartclip.net/	1970-01-20 06:33:53	Name: psyn Value: 19243.69
.360yield.com/	1970-01-20 08:00:17	Name: tuuid Value: b0190234-c8dd-475f-b401-f5a40f6a1209
.360yield.com/	1970-01-20 08:00:17	Name: tuuid_lu Value: 1662641686
.itcosmetics.com/	1970-01-20 05:50:42	Name: _px3 Value: 38cb7f8b77b92c1e281860ccdd3858d954a17107fc153f54a6edbf05638512b1:A7TqaXWKF6AcMRf9CTYWceVSs6xzQ0BK7vm7zO/ASoCHeROCJmcv6duLUzr13fWUB0nxTAa8BaK1DiJIiACO+Q==:1000:pgVdwznN55BsOrkDOSSEWd6mlNpdwGmTCTWT/dpQw+MFFrn/x0tINHlZ3QA+qv9y62pe2tho8jB7JtX2XJUjdchHgKPydchhjolzixYH6q7p51XHgAtqnfbaGOUGzIV3q6TgwS9Lk5HJMW36es4fToBHo94hxQK34uaP4+5v5pxKzsqjUsRoxPxcyqUadG0pmYERbYaJHPc4ldmxAwVMmA==
.360yield.com/	1970-01-20 08:00:17	Name: um Value: !38,7XLIJgk1j0drJABSIl29ooZvllFvxM15w3vX.JW15-cBmbOVa7lVHJLcgLZWpt6QtON7vASH,1670417686
.360yield.com/	1970-01-20 08:00:17	Name: umeh Value: !38,0,1724849686,-1
.demdex.net/	1970-01-20 10:09:53	Name: demdex Value: 17871245780600947940154561423234066589
.dpm.demdex.net/	1970-01-20 10:09:53	Name: dpm Value: 17871245780600947940154561423234066589
.itcosmetics.com/	1970-01-20 05:52:08	Name: _clsk Value: 158meyh\|1662641686196\|1\|1\|i.clarity.ms/collect
.outbrain.com/	1970-01-20 08:00:17	Name: obuid Value: 07658617-bd2d-4ef6-a574-e1747631e1b5
.krxd.net/	1970-01-20 10:09:53	Name: _kuid_ Value: PERUO4ka
.itcosmetics.com/	1970-01-20 14:36:17	Name: LPVID Value: YxODEzZWJkNTJkMTUwNGRl
.itcosmetics.com/	1969-12-31 23:59:59	Name: LPSID-73595848 Value: Gu3fl4ERSVqWfikA5xqvWQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.itcosmetics.com/on/demandware.static/Sites-itcosmetics-us-Site/-/en_US/v1662635502897/dist/css/home.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7290682.collect.igodigital.com
8563001.fls.doubleclick.net
a.twiago.com
accdn.lpsnmedia.net
ad.360yield.com
ad.sxp.smartclip.net
ad.yieldlab.net
adservice.google.com
adservice.google.de
analytics.twitter.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
c9af38100f42442ba53ca110aad9dd52-edd8a9329ddd.cdn.forter.com
cdn.attn.tv
cdn.cookielaw.org
cdn.cquotient.com
cdn.evgnet.com
cdn0.forter.com
cdn9.forter.com
cm.adform.net
cm.g.doubleclick.net
collector-px9gxgqy6v.px-cloud.net
connect.facebook.net
consent.linksynergy.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d.agkn.com
d22xmn10vbouk4.cloudfront.net
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
edd8a9329ddd.cdn4.forter.com
events.attentivemobile.com
exchange.mediavine.com
fonts.googleapis.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
i.clarity.ms
ib.adnxs.com
itcosmetics.attn.tv
lpcdn.lpsnmedia.net
lptag.liveperson.net
match.sharethrough.com
mug.criteo.com
nova.collect.igodigital.com
origin.extole.io
origin.xtlo.net
p.cquotient.com
pixel.rubiconproject.com
r.casalemedia.com
refer.itcosmetics.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.pinimg.com
s.thebrighttag.com
sc-static.net
simage2.pubmatic.com
sslwidget.criteo.com
static-assets.dev.fs.liveperson.com
static.ads-twitter.com
static.criteo.net
static.ordergroove.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
tag.rmp.rakuten.com
tr.snapchat.com
ups.analytics.yahoo.com
va.v.liveperson.net
visitor.omnitagjs.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.itcosmetics.com
x.bidswitch.net
104.16.109.64
104.18.15.235
104.18.18.126
104.18.6.131
104.244.42.133
104.244.42.3
104.96.128.226
108.138.5.161
141.226.228.48
142.250.186.130
142.250.186.166
143.204.207.250
143.204.215.79
151.101.192.114
172.217.16.194
178.249.97.23
178.249.97.98
178.249.97.99
178.250.0.163
178.250.2.146
178.250.2.151
184.51.8.30
185.255.84.152
185.64.190.80
185.86.137.110
185.89.211.116
199.232.136.157
20.234.93.27
2001:4860:4802:32::36
2001:4860:4802:36::178
208.89.12.87
2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6
2600:9000:211a:5a00:1c:9484:cec0:93a1
2606:4700:4400::6812:2962
2606:4700::6810:9440
2620:1ec:27::cafe:1586
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2004
2a02:2638:1::13
2a02:2638::3
2a02:26f0:3500:883::1931
2a02:26f0:ea:488::10f5
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.123.239.111
3.125.132.50
3.126.56.137
3.127.128.58
3.128.146.7
3.67.157.21
34.102.147.248
34.225.5.197
34.253.252.176
34.98.67.3
35.186.194.101
35.190.10.96
35.190.43.134
37.157.3.29
52.167.85.21
52.2.212.202
52.215.16.237
52.31.243.109
54.77.35.16
54.77.57.168
54.81.184.157
54.92.215.160
65.9.58.151
65.9.66.88
69.173.144.138
70.42.32.31
74.119.119.150
76.223.111.18
85.215.5.31
92.123.36.231
96.16.132.239
96.16.152.25
96.16.158.4
99.86.4.16
000fcb62c27117b1bfed5ffc9c9ac9ab2c725b5fba3369f8e70920a1e38c719a
01a59a0bad74327d1357fe194103e704d6ca20ffcdd67ef29c3ed9e34a391a6a
022bc06e678b8a05062584441c2940abebb2e61d193e8ee1dacd368a66fc6c55
0334b98dd6e47a3f1a52bd0136ed903792f41f47dd4b97dbdfc531293a68cf8a
03ba5ec2ec6b2eda98d2ba80f8fa4786cb2434015f0433e059ed7fbf3e164681
03e4cd39cd3d0911fda12e26601476583815e0114064090319218f3a7b32f2fe
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
08c94d790fe90cfdf7477fb45dcc6bd5de696e05f6082350be1ffc5e7a585ed4
08f220c9aec9350a4dba24420504f40874873f6d43860132441cbfb02bcb1239
0acc05529b896335e67451050b9d9353d4cd680a470919fecf91c12ff09196d3
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0cb8fa37fe2007bf677daa6b2d9e9b4c3c8bf4937489e28dc8dae0704f427a74
0cd5443c326181df3c9f8d265c97237a85f7f8964bc3b2f9a6119fdeabada840
0e52abc32cd3562999850ec1890b9917ad97dc0f95e56f232fb44ada82389c33
0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba
0f7446efa568c963e9457cf55c5490c5e8f04b396ddbe8e30b5e3b2d5ee4df32
1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f937430eee7b5ddd087a222bdac3f1f0f8a8d336cae98b936333863346465e
110a7354ad9b694308726ca072f9ff6862190c3ec62ef24c181668fc48b89b35
12ec1f434026326093f918615a84411dbec7fb176dbc9f8fb48efdaa4e10f02d
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
14cceaf27355d6e5946e221d12338f4946787ea9013677c3fee173f7fc9be4b3
14f28f098b13d5c561ff37cd01a2231a36a3bfd5660920bfd09af979b7642e37
14fe50d547e7e032f9ada962dcf025f7602940a80aba55dd59d4f211707861b7
1603bd76ce70b766f819ed16e20c236f4ed23b0830337485381d55870a73d6e7
160499d18e0764906e1de960e76276443ef10bdc8b8b17a41dcb8ede822509c4
17aa9dac838ed6cea7911d50c47ef6718bae0639b49e5769c4a62a7ad1f09c2b
18b48396759ddc324c7cc3f6c621e8406eea963694776ed736b445293149e8a1
1b79d4b25bbd23997aec95bb5391e87ef124b7ca9930e7d07584a9c379298baa
1c4e05b7ef3defa68f67989adae8ce36b9c59b5253eca3e5af7492691db6561b
1c9b67c627dc66924e49ad37fdbfd7d2fe99285ac00c5191bacbd124fac78879
1d16811c35785b3935390084b52f0c19421589ae2b4f63061a69e61f4cfe490c
1d34bf89642dd5265ae6c939d7f98f31dab576e0852f0fbc4c0ef852ba86d9f9
2364a95d77ab31c40fe7a2757c41b16f6c9d3337f1132aabe89b41f045d4d453
251418d4290ae75b77edbbca52c861ca8c7dea4e531db638d187665af234cd81
25527182f0620335353c003f9384595d974209372f7d572750e3603e72f7df7f
2626c0fc9140c6f1d7a73d526ac4b1a7c71740ed5ed85648d70554515c4b633a
282e01bae408bb45eb6e647973977f442d9206990f3fc70147f8f1d77e6daf6a
28dd0e765406a4781f88a1b6e55f39a0cbae922a3061b86de51e463718e32585
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad8df0436390cc4a60f3d7cffb9022a4f7689478cac55850b003cb54090ed6a
2b86fa65d4d3f275ed38000094c7f815c6709fea43aab0b8a0eaa12b76256c4c
2c4063a61a8833c2e8d2df3086c5daf3a1c4fe89390c3d5e9733bc6e680e9ec7
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2ee84dc5d9aaf000558e082a98dbbd19607446da62f1d399914a4bbbd8c90878
2f98eed705b9ba196fc1a69ea8c327b7df13046b2de5b48b4007739f8784eefd
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31653219fcc28c4576bb4e60d2640e9e3254e0df2eb64897dcc01a140fb9b44c
327513620c0d8f87144794b235b8e9b1e81b278c297309b1c42b4819afbc41e2
32774f32cee23982a8093c8f299e5260379fd14b561f429624a499af9360abc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fcca5f4a3c973ba72d517ec99790e0cfcc328091af87d1b9ac56806e9c4722
3328ad89cd2372cd8243edd24ca4fa769078a88b280b0f6beaf70467ce2c9896
33bd76abc984c67d4af1dd349ec65e1add051fc9d09ec49f95d52c9ca0d0cd36
36d04cbeb7396f1d0a605e7b331f2d10aa43f103bbf7de6548beed48a3dc2115
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
388f473b0b0d2855dd3c3055095ea6bb5bacf3e76dbecf328ab1db4eb6e61cd6
38f4b20e7cb7dbe82dc60e1d1ec455bd0c67b4719bf43e6868139b35b982c6af
3a18741700a42d70a5b48c30e9306dc792843cc9aa9b12055643ef46194016ee
3b97d762df6072aa5bce3afcd9eca2f237ad6c3fc10ac3a4feb715ac347df544
3c1f4aefc4f1f802130a9ae4de294d8518ee59464736f12f89e42b82ed1713bd
3c7f52eafdb5cb908afba33c7575c82636a048027e08d5ddb571c876847117a9
3d7b75f6f78156db8c265b88597ad81355fdfe70889489408629ec69fa08b8f9
3ed71f5b1ecda7f14559b5733291bc2df9244b3b46e449e47d60561a1d18d436
4067e00788590460282ec3cd954bb1d06c57ffdcbb5c2d0ba4b0415d8aad385f
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4511892ecdaa2a08bfc5933e7d31f3bdeee5f706c462cb717c802718908a670c
455f213377c913cf483a489891949e04eaa124313233ee2f2233fbfd8844552e
460c8007842cbfadea647b28457a92d6037ccbf2f4aebb41561ac555b420f9f1
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
47c9530d0e943793cba2c927de5b3d6036c505f673edb5d8998f1ab95215a92e
496fda5e6e8fe055bca1d59dbe58eb117f652162a4e4ac71581e271252a14bb0
49f224276b5fa736d9fea1691f422101dcf15648a08a21be2f44fed726378168
4beb6af8e3763d331b06d130be49128e5249bbb0dda5f9efb1a0da95a03b5986
4d9149923ff48cb61471a24dea9ef141f446ebcb1dc34733633ffaf5ce8c38d2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51445b3fa53efb863f62b3b181e34b8c7bdd65d96a3eae26dc0f338b3a3eef84
51fbc9beeb9b3cf5891e83b85d669d107881367d3faf4de6bb15360e00b876a4
52e1ff92bdeb6550c662a97be78315216c99f3aab07d89a068d678f38761ccfa
5353e423e58b50962094e71cfb5803495fa553fb96698ba59da3e5a204ae3688
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549300258c9721205c0ace0b0430c76a1a9df971c233364e7960dbcaf71cbdb7
54d9d769621f8ed8da28777f520e746f2d9efe287e84eceb2b73c7a575e3e025
558628400140e64137f32599eda374d3a93560d45e9769c22bf42e5898723ada
560bdae66c629f209e1755492369ac978b64353017c09b7599d8ed3e05ac1be5
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5aab9ad074b40c16217065eeeaa035463c89ea46e16f580758f9f0925ac1d25d
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a
5ce94674e8b0715ea5e6d6acb7277f5a2bd8b5d61ac1504a5bbe940d9392118e
5d77a9efd2261219ebe01cdce9abef56063d22cd1cd4f7f8e4efb96245bdc91c
603d86c3026caf81ac8e159b855009beac8b36fbb27c9b6f0583ae26ae6ca406
625b09fb66338f120e423ce8c17ef8572e1c8655567b0c200295d714bfb9a275
629baa0fc58ae514f04a691ac1659cebc319097d6f150578ad86f632450f1f27
6356adfa7f369f5b9d090c3dc331037d4fe0597f321ce0d24ba13605db72d32c
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
642f20c90a991bb4c30728a63ddffc58369677075e2b9a29e34610730241af19
64faf7bc4f8df7a7395e4d7a3c09e43569cd87cdbdcd8da51d4d10a330f26c3d
66a9ec67d2c07e80edf452ac8084a57bdb174d03777b7eab82225c2476e26924
67a0fa953058c86dfe084bddcc1d3c5e70a28d0af321fed49a5ad289bd10d72a
6a645ecc089b4afff57d30975fb942c5494d286d684ce31693c6714d77223506
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5148a2335091b03b2604a130e3f89537056cd61e76406ba1e55d526d964331
6bb74b15862eb22f0fda60d2a2335769ed747fe0e08067489dc3408db4bfe1ba
6e858f08a2bd7676474fd3f6cfa33a05b477153c5a8f52d7488c8bf1b0337057
6fab1712604357dd1cc0ff01023494329e6dd4eb55fd6a51d1fa789f22692bb0
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
71620adf11bbda0b7c9e3812ad1fe7635cea4c3e018ea3e3e313c085d60c2798
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
763d80ad2762d19427ede3533948edeab03053d9ee02ee0efb04ce036f5bfc54
76ada3089ed6732f56332e71740554451b0ac5616f66b8f42a1f4e837412af64
773c1b83af1f9616b45e7b82bdcea813f95bfc67c7924dbd61925a6fda685ba9
77a3b93805253efc6a3d641b7fab0d136faf97fbf7f2a79e77531880c1de726a
77e4b08e3a7e8f68059c6fec4465b76acc3c1717ed5355678d531bbccc0226d2
7aab1d0c111dda59afc8bfe129be5e9a09c01e38d6c4e2ec3550d4e622c94447
7bd5230268c553946b05b5aa9c56dccbd12a9e6cacf23464241c97fc2fe6f41c
7ef9150869ccdd8078c3894766dc8e01669e2bc0ad5debef35a5d1ccda6bc2a9
8036456bd73b715bb5397e6bab98e3db1c043bfc6677e232af45704b5e4c7030
8191b445c37893b62f476709f93e12fdd8054e5f7e66c426b444e983c94fc36a
81ecddcefb1827c4905e94cf8f920a5be8a919609a1f50c016453a39defaeb15
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83de4e0c9ecaf960e4747677cd003cb02683f90adefaeb1a37e3e2dec8614d19
8426a54f703cbc82bf7006b803978a94bd4d704471ccb947b059093ffd8c9e9d
85c626e54448abec6cfd5b89a73fa25ecbc044fc5fc8fc2cab1fa5aa7d176311
86bac4c3d19fffa5c4b2d75b81b0b0b5cc35bc769c84014aa244a4a976a5b51f
89ba47e6bab12a46c4258b98ed56a39b21a70ac9b39cab9b82260a7f7772cfee
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c419b791b0a4977c9d4a8e6db5071a5942f4b83c6f9ded9550986be36852dbc
8cd05fbb7cc7130b5ac7fdc122f49006ce9e22c66f0e59ed755d410552c8a31a
8ce3dcee22cc1b78f3714134b7333f4c5a4a291d065397f848aa9ad55be3ec5a
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8dba9f0a06dda5045774ad41431d709d72f6e42c8daf672fcdd7f53c2a15bb78
8f3cba294fade1e60aeab8e68ff44256bde9e9e083659aa12c198504fb2dbd87
8fe0a21be851e5c59524698d0ea0d431a914a810362f4e26a045690fe2b95a7b
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
92ce5ee056ebb613c0fb24bdb9f6dc31a5467df7d892c618b691aa127bab5f72
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9339be72387bc2fc63945f57da76154f4be21cacf322ec1b33117207fa7a0532
93dacc32c27b2d2a3aab7da2a72c8ea6133d5afa1d4dbcafec50406151fb09d0
946eb51a4db615c248ff091064b7bd86cae9d3de2d63a215f6e497eee4c46409
97f72b7aff5efdeb684d7e4ac3ca52199f845a40496d623e955dc33e9899bf01
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99975f334655703578e77034bebce02b63668d2d8a0144c2e5b72b40d234a386
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
9c237e9fdb04ee9c86681c4c355e65ff99ce1992d5847ee4c8ba04b0a5cea83a
9cd9968b9b02a071109956be7f86ebcc3b4a4bed51a29607d994669194475e2c
9e1a755a618e211e615de46d65e46cbb266ff57645222cfd1b2a7e32b25bff9c
9f7c153841a74248a2090c41f73155845e12c63798969a7803ec1ae95a9c627c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10e8b884f045a6cb59fc69549e06fd49cab376c307668ba0378082170a4572a
a11610c03444720b7624ef630834bf363f2cc3c30e74b9dbd2322ff5662f82a7
a1449a249cafa5d97665fc3f951b25af408e764da2331db5d28512c0c6ecb6b3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44d5085a4f56f01ef006708c2aae5c9b240ba6901f9067e81123af519fbb5b8
a5ec545801c483a0bb18f6c9c6ed675eada482ba56a46e3fdc554c83aca779d8
a68db82bdd0dcd6bb49d062bb667aff856e22f52dd2ea0ac13638e527f4998be
a8ec9a70e24c4d3e08071add300fbc4e8fee66e864a597cdcf78fe4f2830ca04
aade51ce3310e6aa1794edbf6a2959858bb2d50aaa9b3c2f1f157a18ecfe71ac
ab7c20c44d76075631ecfbabe7e87d69f6c4fa8d6979f119873199eb9ead8b2d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae2d9f661033569a030859e6a479ceb8576824f75f25c47ce277732e3ee2fbdc
af3263390c13e2184071fa8e3b90d74a1b2c1fe6a340797dfd9b543dae12c8c9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20cb94d01d0f40a92dcef9f248535fa9a883868ca63a2c202bf0153e302f50a
b21b672f6980e454c4628745e5f7f05c487b2426af17900bd4860ef7c920b3a1
b336198afc3e12a6a5fca7c8b419c451bcaa3110f237ae2b2886047bb22b2b8e
b384f6f4ffc1b4db1ebeb3e4c6d8040dd5cf1bde0935e6efb742ff34b76fbf2f
b3efcc65f87b93c1c861a240131995d3e98e34e9fa5a4d323c684fea63e91a6c
b52714beb7968972e7e69a182e7d55bd7c0b18d185f802e4d05a942937ed980d
b8c9e6f35d88b651586e03ed941b3dca7ac3631119a1880c008747a0bb0f4bb8
b98485b658d66a1fe9fe5bd5887f73c4649b30c7deda1a9fdd7de780451510ae
b9eca6dec9d5d68bc2ca1256af614b7781cc06e34db57e30b04ccde262f4b6b3
bad9f609601617bbdf90e01a38056c19bb7be12a83a9ffd3ce79e4879dcc9677
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bc5259e990ef3d6917c3a9b7e7bccd0a7ab8f638db8ff00ec77553894ed915ea
bdd52fb1ded9675b946c8df5d399302e9d1412874e7460c937b76af094a5bb9e
bfc1cb9b63507caea3999fa3c729876e8e287acf61c3ac7a3b32e21235cd1760
bfd2f2bd2dee47c3ab0c509bf90243be9cfdf4a5a09c1e12189e5d4c40ca9d62
c0db3afa73d9589b36ee4238e285ef43dea306eeb2636bcaac21c0d865705180
c420b139a1281cdb3054c54273f4c50997f2b6339af9abc1f0f797e6eda8be7b
c5e02c11df6ef18a787dcd1241783485ff25e699e1b510c142dc296e9dad533d
c69fe0b62cbec81761a3b3e6b09a0b240c0a96d2d774816310de200aa338e232
c80018a9ed6f43cb5f482f99503e605c297d859e0550de7c1fea6e562b1fa022
cb64205273c959d3251e9c28614b1876a5d0b1a0902f5ab0e7c381353bae10c5
cbacef9259af35e748ea7362bfb47c7a81647065c6f686ec765518b9cb9554b0
cbeefaae1841b541bd93c731d667b5df22cdff69f5edc1f33ef062f4a17a8fa8
cc116f07dbddd9e2e6ad729f63035910362a473cde793142160650d55859bb0c
cccf1e3fafc97acee3d482ab431cbf3d38322830fe7779bcb16555614f298204
cd5242b000934ce82895ad0aadcdfa0facf41a776d1c12f0fd1636e2373e573d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d113e1adf90d4478a8ad5b3bc39e172ca7f0c1e75e7738dd5bf2a882f58683d8
d133a857fcbf80e34c8cda1ee09e231df1b2309bc0cafebc6bf6635dbe2c2414
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d19a8062445f1f41b4e206e11cc69e95b94048b31bf5320950927201f72ade84
d20e96e69189259343ab288e329642a46ec88e5848fcdf8ae33f1f0c9252eafc
d25b1dfbe199cf375a409c9f317c16c4f501e8b980158ec98f2db23a40326d36
d5ecb6ad4f675f9df8ba0fd750ce33eacaf62165cb19ac362a6ec55370c163f8
d60128709c8fd27efd7ade2bf949b2af73d504d2244ea538be48b3a1597eb008
d94a9d881a065a477c2572a698511cf1920303cb0e5739405c37f2b7b55e3e49
d9b7addc307c170904326e2128b9929e43c02baa859a7195c3841023a4200d2e
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcea81d3e67e2fdc5254f53683cfddbf565986e1532e98660794f6858f7d3bb6
e018262bb7186aee74e5084d2c4e76b94a30f96663b6dccc57b324c4e91f0d67
e275166f359b6ce89481b6cf9a5a08f4deb8068e6a4caa83f494468b26f1d919
e2c02feef733ff76d50b3d4e6944bc5abaf7505dddcfa6aa587415a84987a435
e33d3c445f67d8d6d22bee2274f0dd89a477a7952344524beea9c7c64eab59ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5462cdd8a163f19dc441e064af7952ed2d3864dc6cc5802e28f77c962f7bfed
e67c02bcda6363d62d90571b8fde671d522c8ab6ffdad835dc0eba02248328de
e84d2880efcede68a16a3d05bf433773d4e15aecc71a8c380574193b2c3f7c80
eb21a0144ef95fbf81b12408c1fc6c146a785624f2cb316379e01715454a2e60
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508
eea80293fc6dd7b527308f0de5f799586b2cb5174566d69c4db2da9151d1807e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cbf6adf9f9f052b69e73c25d5b79c0f6aa3bf4883cf64e99556d896133f427
f1114a3775f6c6d0d99a3204d7f658bd2a7adeca8eceba3c93de168879232850
f2134a524ecf79823a078a106a9a6ff708b36de3992d506f75e2a2bdc7696e75
f28f3972d7a694d537bba0638853ef1566784d09dd7e8689b9aabd8a3c895b46
f3149aca7d6603317a79e286681952e01b41029b5cfcb0c82913c12bba464481
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f799a030b451eff44a027b62bde44fc4b8cf2a1fb35a761f9f8898ad65c021df
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f913eded1d0bb7e2c88609f70784f1bb145eaca37847dea6c7d58f3a42773ce4
fa7ad2b248bd27f970a1796e1612aafdc4024dfa2003f3d4cae45df49f6adbc0
fbf756c276b0da927d0fd6fa99f1af126d29223fb16d85c96fd9951997af0a86
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fdd05b738b34277c9b69bd1d1cb198820f593b68e43cdbd54fe6d16659004f73

www.itcosmetics.com Open in urlscan Pro 104.16.109.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

273 Requests

93 %HTTPS

26 %IPv6

66 Domains

87 Subdomains

83 IPs

9 Countries

4111 kBTransfer

9946 kBSize

91 Cookies

9 Outgoing links

Page URL History

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.itcosmetics.com Open in urlscan Pro
104.16.109.64 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

93 %
HTTPS

26 %
IPv6

66
Domains

87
Subdomains

83
IPs

9
Countries

4111 kB
Transfer

9946 kB
Size

91
Cookies

273 HTTP transactions
22 data transactions