elfcosmetics.metricly.workers.dev Open in urlscan Pro
188.114.97.9  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

• https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080 HTTP 302
• https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4

Request Chain 20

• https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080 HTTP 302
• https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4

Request Chain 38

• https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2

Request Chain 40

• https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2

Request Chain 43

• https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1008852752.1718935586&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1995107937.1718935586 HTTP 302
• https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1008852752.1718935586&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1995107937.1718935586

Request Chain 87

• https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=1898365226751;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CPfl5IjO64YDFS9oHgIdoLoU4A;type=conte0;cat=homep0;ord=1898365226751;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 88

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=9453414192208;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMPB5ojO64YDFR1LHgIdgfYGNg;type=elf8j0;cat=glo_flhp;ord=9453414192208;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 89

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=1156553418964;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbC5ojO64YDFVBpHgIdPb8N4A;type=elf8j0;cat=glo_flap;ord=1156553418964;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 95

• https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=3953454992242;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COLX6ojO64YDFTFHHgIdn1oIlQ;type=retarget;cat=globa0;ord=3953454992242;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 141

• https://idsync.rlcdn.com/458359.gif?partner_uid=d2d44f6e-3965-4738-82fc-34a1d9b47d2a HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGQyZDQ0ZjZlLTM5NjUtNDczOC04MmZjLTM0YTFkOWI0N2QyYRAAGg0IpsDTswYSBQjoBxAAQgBKAA HTTP 307
• https://tags.rd.linksynergy.com/cs?ns=lr&uid3=faaf41784b66fc3e158f5daa338b29fb298aab58f849755319f2bc7db5e8bb9a6ac34734d8e453ee

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response elfcosmetics.metricly.workers.dev/	976 KB 216 KB	439ms 370ms	Document text/html	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cc8c90ea28022f937314fb6e73bde6cecd89e609fc72570f4d788dec6110a43 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true access-control-allow-origin * age 599, 599 alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status DYNAMIC cf-ray 8970705088e0bbfe-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 21 Jun 2024 02:06:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tSA4qxCAjrp3w2Id9xovgp5z%2Fv1Kxmx5YPxpjGxshO9xg7sg1mkAYanMdocB2bbx%2BsYNDSjZByV06RWCqeDyFDcfIo6Oq1nmvbXqWIAgRug5jgZXC%2FRhg7tFDRjjVIqZ2RzpBUbI0HBBiIQ9N4%2BicrGDbCE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding via 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront) x-amz-apigw-id ZseW1FrgiYcEO1w= x-amz-cf-id nQ623mIS8eXniQPc0qR8ePB0r3RF9rELgpVU_akQUyO7M471tRYEfQ== x-amz-cf-pop FRA56-P7 x-amzn-remapped-connection close x-amzn-remapped-content-length 880867 x-amzn-remapped-date Fri, 21 Jun 2024 01:56:21 GMT x-amzn-requestid d5521bb7-18c9-4c8e-a63d-40c3b2e8d536 x-amzn-trace-id Root=1-6674ddc5-0d6cede2448b4c0573db343f;Parent=796124695dc9b522;Sampled=0;lineage=2b75b0e9:0 x-cache Hit from cloudfront x-yottaa-metrics 36218cae0e38/[73,28,-] 36D18cae0e90/[-,111.673] x-yottaa-optimizations ob/1000000100001000 si/36D18cae0e90-1718903339-501414555 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-yottaa-os 200
GET H3	200	init.js Show response elfcosmetics.metricly.workers.dev/XT4Gy2ig/	169 KB 70 KB	60ms 59ms	Script application/javascript	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e5f64c25ada7fc8e6bea4d62a9f383e38acf06387575b62a03185501138943c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT content-encoding gzip via 1.1 varnish cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-yottaa-optimizations ob/0 si/36D18cae0e9c-1718903339-6886370546 tts/1718935580731 ti/0 ai/5a0c9b7632f01c35d42101b2 alt-svc h3=":443"; ma=86400 server cloudflare etag "2a2f5-JmMn3MPPPv7Wd8GGoSGwPDxvbi0" active-cdn fastly vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fzl7VZH0dTcdttsam9WIZac8m6xd8YiX2oA7l4GNGG0BA0Lmc8746BNpHQcrd0uJsNwAaNPIv8en5wAvBhraK%2FWPojJkyFL4NpvIR0HYQlcsh5Lwz1cuWnh81h9cu9QQxzGgsjjCKaHRGa0ceBl5WN9Ns0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers active-cdn,x-served-by cache-control max-age=600 x-yottaa-metrics 36D18cae0e9c/[-,11.991] x-px-hash ODcwMmUxZmMyN2Y4NWFmNzczYjI4M2RmZGMyMTNhY2MwY2Y0ODNmYzNkMjVkMzljMWVkZDYwNWIwYjY4YjZiMQ== cf-ray 897070536ad0bbfe-FRA
GET		/ cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/	0 0
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d Request headers Referer Origin https://elfcosmetics.metricly.workers.dev Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac Request headers Referer Origin https://elfcosmetics.metricly.workers.dev Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET H2	200	0624_HPTILE_SPOTLIGHT_SOFTGLAM_D cdn.media.amplience.net/v/elfcosmetics/	24 KB 24 KB	203ms 71ms	Image image/avif	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89cd26c6da97833d4de0cb2cc60dae6563858a413dffc037f3d4d8ef6e7ee066 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT cf-cache-status HIT age 31405 x-amp-srv CF edge-cache-tag 06neNgPEu,l4p5bDg2e,lTTxSknl0,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id 1QuElCs0Xm alt-svc h3=":443"; ma=86400 content-length 24370 x-xss-protection 1; mode=block x-amp-source-height 520 last-modified Thu, 20 Jun 2024 17:22:55 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070549add8ffe-FRA x-amp-published Mon, 06 May 2024 23:46:56 GMT
GET DATA	200 OK	truncated /	37 B 37 B		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	soft-glam-satin-2024-5-spotlights_D-min cdn.media.amplience.net/i/elfcosmetics/	147 KB 147 KB	143ms 37ms	Image image/webp	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-spotlights_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT cf-cache-status HIT age 6407 x-amp-srv CF edge-cache-tag M6bNQ9eQN,l4p5bDg2e,KQtgulBJr,DtzGFM5oJ x-amp-cf-worker true edge-control max-age=86400 x-req-id f1bKX2K2RR alt-svc h3=":443"; ma=86400 content-length 150302 x-xss-protection 1; mode=block x-amp-source-height 1700 last-modified Fri, 21 Jun 2024 00:19:33 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/webp access-control-allow-origin * x-amp-source-width 2880 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070549adf8ffe-FRA x-amp-published Mon, 20 May 2024 23:26:06 GMT
GET H2	200	soft-glam-satin-2024-5-background_D-min cdn.media.amplience.net/i/elfcosmetics/	3 KB 4 KB	142ms 36ms	Image image/avif	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-background_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3917055d135099cfcac6ff6745f7a1bb3525f6d49ab43e90319134708de821ae Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT cf-cache-status HIT age 81433 x-amp-srv CF edge-cache-tag _XxXG9zY7,l4p5bDg2e,4wgAmq7JA,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id xtRV0Zqvrc alt-svc h3=":443"; ma=86400 content-length 3523 x-xss-protection 1; mode=block x-amp-source-height 662 last-modified Thu, 20 Jun 2024 03:29:07 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 2880 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070549ade8ffe-FRA x-amp-published Mon, 20 May 2024 23:26:15 GMT
GET H2	200	ELF_Bronzer_HomepageTile_Comments_1440x1040 cdn.media.amplience.net/v/elfcosmetics/	37 KB 37 KB	175ms 72ms	Image image/jpeg	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d237f9147434eb7ca13c686da4346e03a6210da929e3e7f251370d2d0a149823 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT cf-cache-status HIT age 35265 x-amp-srv CF edge-cache-tag 4ofQD7Wfr,l4p5bDg2e,X_K2lO9lh,k4NPUWi7z x-amp-cf-worker true edge-control max-age=86400 x-req-id L_igkOZ2z- alt-svc h3=":443"; ma=86400 content-length 37661 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Thu, 20 Jun 2024 16:18:35 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/jpeg access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070549ae08ffe-FRA x-amp-published Wed, 05 Jun 2024 19:29:20 GMT
GET H2	200	elf-skin-logo_D-min cdn.media.amplience.net/i/elfcosmetics/	3 KB 3 KB	137ms 35ms	Image image/avif	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/elf-skin-logo_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c8c239d4cc98fc4605856c796187c92e56a8692b0f90d12e376faafbbbeb817 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT cf-cache-status HIT age 6077 x-amp-srv CF edge-cache-tag mQ2w1VlWG,l4p5bDg2e,xPkOqKkZZ,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id pbkIQzv1Ga alt-svc h3=":443"; ma=86400 content-length 2807 x-xss-protection 1; mode=block x-amp-source-height 257 last-modified Fri, 21 Jun 2024 00:25:03 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 289 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070549ae18ffe-FRA x-amp-published Tue, 02 Apr 2024 23:34:45 GMT
GET H2	200	go-wild-bronzies-2024-06-10-headline-1_D-min cdn.media.amplience.net/i/elfcosmetics/	31 KB 31 KB	173ms 71ms	Image image/avif	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/go-wild-bronzies-2024-06-10-headline-1_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4746970ad07f39350242803788c04f8a8b27fc02eec81596db2e436011ff8332 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT cf-cache-status HIT age 2055 x-amp-srv CF edge-cache-tag g6qR7ZM5r,l4p5bDg2e,QzFMFH4vh,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id ggTYqKFQwi alt-svc h3=":443"; ma=86400 content-length 31417 x-xss-protection 1; mode=block x-amp-source-height 245 last-modified Fri, 21 Jun 2024 01:32:05 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1136 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070549ae28ffe-FRA x-amp-published Mon, 03 Jun 2024 23:31:19 GMT
GET H2	200	locale-link-rewriter-0.0.2-min Show response cdn.c1.amplience.net/c/elfcosmetics/	553 B 490 B	139ms 34ms	Script application/javascript	2606:4700:4400::6812:226c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:226c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 21 Jun 2024 01:58:38 GMT server cloudflare age 462 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * edge-control max-age=1800 cache-control s-maxage=1800, max-age=120 cf-ray 897070549d50bb8b-FRA
GET H2	200	vendor.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/	2 MB 627 KB	191ms 99ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT via 1.1 c4ff0051ca0c026ecfda9d67a3f79e8a.cloudfront.net (CloudFront), 1.1 varnish content-encoding gzip x-amz-cf-pop LHR62-C3 age 303151 x-yottaa-optimizations ob/1100 si/3411a5fe3871-1718298463-898775957 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Hit from cloudfront, HIT x-amz-meta-deploy 780438 content-length 641173 x-amz-meta-bundle 11418 x-served-by cache-mad2200116-MAD x-yottaa-forcecache true, true server AmazonS3 x-timer S1718935581.906327,VS0,VE1 vary Accept-Encoding content-type application/javascript; charset=utf8 cache-control public, max-age=31104000 x-yottaa-metrics 3421a5fe389c/[64,-,1718632420667] 3411a5fe3871/[-,416.146] accept-ranges bytes x-amz-cf-id Hawh0Re6tGQZ0oSOmel6Aq0yLxT5wTUzNvnwoguBTTRIexIuyyC5uw== x-cache-hits 0
GET H2	200	main.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/	2 MB 494 KB	133ms 41ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/main.js?yocs=1u_1y_ Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT via 1.1 20340eb7909bfa098c771e4c93be880a.cloudfront.net (CloudFront), 1.1 varnish content-encoding gzip x-amz-cf-pop LHR62-C3 age 303151 x-yottaa-optimizations ob/1100 si/3411a5fe3871-1718298463-898775958 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Hit from cloudfront, HIT x-amz-meta-deploy 780438 content-length 505275 x-amz-meta-bundle 11418 x-served-by cache-mad2200116-MAD x-yottaa-forcecache true, true server AmazonS3 x-timer S1718935581.906312,VS0,VE1 vary Accept-Encoding content-type application/javascript; charset=utf8 cache-control public, max-age=31104000 x-yottaa-metrics 3421a5fe389b/[25,-,1718632420591] 3411a5fe3871/[-,314.786] accept-ranges bytes x-amz-cf-id qp0z5JsOkfRhbmkevPGsgTJ8nDypb5wyUj_BU8qn9OzJPl7rSyRtQw== x-cache-hits 0
GET H2	200	pages-home.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/	5 KB 3 KB	229ms 137ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/pages-home.js?yocs=1u_1y_ Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:20 GMT via 1.1 7654e8d5fbf72d40d262281571df7bae.cloudfront.net (CloudFront), 1.1 varnish content-encoding gzip x-amz-cf-pop LHR62-C3 age 303151 x-yottaa-optimizations ob/1000 si/3411a5fe3874-1718296802-1425416167 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Hit from cloudfront, HIT x-amz-meta-deploy 780438 content-length 2337 x-amz-meta-bundle 11418 x-served-by cache-mad2200116-MAD x-yottaa-forcecache true, true server AmazonS3 x-timer S1718935581.906420,VS0,VE1 vary Accept-Encoding content-type application/javascript; charset=utf8 cache-control public, max-age=31104000 x-yottaa-metrics 3421a5fe3895/[106,102,-] 3411a5fe3874/[-,109.439] accept-ranges bytes x-amz-cf-id U7mXTYzgZPIfKIgTnm2vJR74HtccxcQLadhLWb0hiR7bxs-1HsdsOg== x-cache-hits 0
POST H2	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	540 B 805 B	184ms 140ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash 0de8c62202604c5ceaa6298830296567158f49277a14875b669c41e9d844683d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 21 Jun 2024 02:06:20 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 540
GET H2	200	2024-06-hptile-newArrivals-hero-D-img1-min cdn.media.amplience.net/i/elfcosmetics/	53 KB 53 KB	51ms 33ms	Image image/avif	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eb56da4ee08046d471003dd9f6c44d09e8d54451918ec84c0a7de293abc236a Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:21 GMT cf-cache-status HIT age 6407 x-amp-srv CF edge-cache-tag ut0_Cc70j,l4p5bDg2e,sKbI0Xlxp,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id zyD_t4837e alt-svc h3=":443"; ma=86400 content-length 54250 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Fri, 21 Jun 2024 00:19:34 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070554b298ffe-FRA x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	2024-06-hptile-newArrivals-D-behindText-min cdn.media.amplience.net/i/elfcosmetics/	8 KB 9 KB	54ms 37ms	Image image/avif	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f2e68f4e14df47f09509d13a68b579d84ccdc614384a968271fb5a3864a4af5 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:21 GMT cf-cache-status HIT age 20714 x-amp-srv CF edge-cache-tag ChHe38sMe,l4p5bDg2e,yWgNg5NdX,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id BgOIjvNyGO alt-svc h3=":443"; ma=86400 content-length 8563 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Thu, 20 Jun 2024 20:21:07 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070554b2a8ffe-FRA x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	ELF_Bronzer_HomepageTile_Comments_1440x1040 cdn.media.amplience.net/v/elfcosmetics/	13 KB 14 KB	43ms 35ms	Image image/avif	2606:4700:4400::ac40:9ba6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e89c53d125513c76e61d13e99b7ab3f2fe9852d69b30d0832c7296390054a99c Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:21 GMT cf-cache-status HIT age 6405 x-amp-srv CF edge-cache-tag 9eyOH-Cqf,l4p5bDg2e,X_K2lO9lh,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id xMGQOPJv1v alt-svc h3=":443"; ma=86400 content-length 13687 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Fri, 21 Jun 2024 00:19:36 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070554b2b8ffe-FRA x-amp-published Wed, 05 Jun 2024 19:29:20 GMT
GET H2	206	ee1a24f4-5709-4375-8fed-729b60d485e8.mp4 cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ Redirect Chain https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080 https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4	2 MB 2 MB	156ms 54ms	Media video/mp4	2606:4700:4400::ac40:952f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 2606:4700:4400::ac40:952f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 21 Jun 2024 02:06:21 GMT x-amz-version-id null cf-cache-status HIT x-amz-request-id WK7JGXRMTM1QX0K9 age 1503891 Content-Range bytes 0-2539191/2539192 Content-Length 2539192 x-amz-id-2 QoqrERDaiDLpqRrvBdBEZnFsPwrG2Sbd5QwBRjjNFWh/qO0BwsVMQ7wjkfox1874OVCWJnxysVk= last-modified Mon, 06 May 2024 23:46:56 GMT server cloudflare etag "f9cd69df864aaabae94e683234b307a4" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD access-control-allow-origin * content-type video/mp4 cf-ray 897070571cd8bbc2-FRA Redirect headers date Fri, 21 Jun 2024 02:06:21 GMT cf-cache-status HIT age 2033 x-amp-srv CF edge-cache-tag AqiZhoyyM,l4p5bDg2e,lTTxSknl0 x-amp-cf-worker true edge-control max-age=86400 alt-svc h3=":443"; ma=86400 content-length 0 x-xss-protection 1; mode=block server cloudflare x-frame-options DENY vary Accept-Encoding content-type text/html; charset=UTF-8 location https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4 access-control-allow-origin * cache-control s-maxage=86400, max-age=1800 cf-ray 89707055f8ee18f9-FRA
GET H2	206	b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4 cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ Redirect Chain https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080 https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4	2 MB 2 MB	133ms 32ms	Media video/mp4	2606:4700:4400::ac40:952f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 2606:4700:4400::ac40:952f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 21 Jun 2024 02:06:21 GMT x-amz-version-id null cf-cache-status HIT x-amz-request-id 72S8M9WFNVBMDANZ age 899726 Content-Range bytes 0-1946953/1946954 Content-Length 1946954 x-amz-id-2 +ZJFo6UfGnYgEhecAv8v8KQSyVX4T9PtCTtMeYhA0R2buDIQ9wMjjCq7j/mBC/WBcTZgTN6sxhQ= last-modified Wed, 05 Jun 2024 19:29:19 GMT server cloudflare etag "bb4f3cb26295704a9279f0ebaaaca661" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, HEAD access-control-allow-origin * content-type video/mp4 cf-ray 897070571cdabbc2-FRA Redirect headers date Fri, 21 Jun 2024 02:06:21 GMT cf-cache-status HIT age 6076 x-amp-srv CF edge-cache-tag Az92eY8A2,l4p5bDg2e,X_K2lO9lh x-amp-cf-worker true edge-control max-age=86400 alt-svc h3=":443"; ma=86400 content-length 0 x-xss-protection 1; mode=block server cloudflare x-frame-options DENY vary Accept-Encoding content-type text/html; charset=UTF-8 location https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4 access-control-allow-origin * cache-control s-maxage=86400, max-age=1800 cf-ray 89707055f8ef18f9-FRA
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	92ms 32ms	Script application/javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/main.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:23 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ceCldLDyZN6bSQL6yyKLMg== age 19569 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 06:41:38 GMT server cloudflare etag 0x8DC90F409A634BD vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id cf0ce842-101e-00df-502c-c3c2de000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 897070623ad26967-FRA expires Fri, 21 Jun 2024 20:40:14 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	532 KB 141 KB	141ms 66ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7e4d8da80b099c28b00443c5b5f2362166acc5225336045134a54cf15cc2ed57 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:23 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 143669 x-xss-protection 0 last-modified Fri, 21 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Jun 2024 02:06:23 GMT
GET H2	200	api_dynamic.js Show response cdn.dynamicyield.com/api/8772046/	738 KB 71 KB	554ms 464ms	Script application/javascript	2600:9000:275d:2000:a:b89d:a6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_dynamic.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275d:2000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software DYCDN / Resource Hash 5d9602a6027baaf129b6de860eb8b78840a98d45df4eafa189c89c211bc76049 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:24 GMT content-encoding gzip via 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront) last-modified Thu, 20 Jun 2024 19:33:26 GMT server DYCDN x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 etag W/"a66c54cf16ab0aab27c6ca1722b3bbca" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=30 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id aFWryBgBGkfBnN2GPQVUOElqRWBY3dJW2rGPvF2VXsVQNOi47MGV-Q==
GET H2	200	api_static.js Show response cdn.dynamicyield.com/api/8772046/	388 KB 114 KB	116ms 27ms	Script application/javascript	2600:9000:275d:2000:a:b89d:a6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_static.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275d:2000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software DYCDN / Resource Hash 498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 23:33:36 GMT content-encoding gzip via 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront) last-modified Wed, 19 Jun 2024 17:07:44 GMT server DYCDN age 9168 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 etag W/"64e0187feba0c97d38f8aabb6e6d66cd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=86400 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id 3yfJYZovySlhYIdbCGKtuuWkRARzaGxOCa-sqF7mFCj0CX0G8cviTw==
GET H2	200	/ Show response api.ipify.org/	22 B 155 B	193ms 112ms	XHR application/json	104.26.12.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:23 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 89707062ce644d68-FRA content-length 22
GET H2	200	/ Show response api.ipify.org/	22 B 74 B	301ms 107ms	XHR application/json	104.26.12.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:23 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 897070637ef54d68-FRA content-length 22
POST H2	201	/ Show response sdk.iad-05.braze.com/api/v3/data/	554 B 649 B	370ms 369ms	XHR application/json	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42a841cad03c8b0c03c9a5a2288ba8146c025bcf45d02873a3f59b31d0f69d65 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" X-Braze-Api-Key 609afcb2-1dc3-41ef-a771-0a9aaf10bf57 X-Braze-TriggersRequest true X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/json X-Braze-Last-Req-Ms-Ago 7200000 Referer https://elfcosmetics.metricly.workers.dev/ X-Requested-With XMLHttpRequest Accept-Language nl-NL,nl;q=0.9;q=0.9 X-Braze-Req-Attempt 1 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:24 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id df40b641-23a3-4752-b0f5-a95e3eca7859 x-runtime 0.161664 server cloudflare etag W/"42a841cad03c8b0c03c9a5a2288ba814" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1718935587 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 8970706688ea6987-FRA x-ratelimit-remaining 488.0
OPTIONS H2	200	/ sdk.iad-05.braze.com/api/v3/data/ Frame	0 0	315ms 207ms	Preflight	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with Access-Control-Request-Method POST Origin https://elfcosmetics.metricly.workers.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 89707065384b6987-FRA content-encoding gzip date Fri, 21 Jun 2024 02:06:23 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H3	410	authorize Show response elfcosmetics.metricly.workers.dev/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/	217 KB 219 KB	1365ms 1334ms	Fetch text/html	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=-VHKwFOGxPGFRyhxKhUX_xCI1tXOVEa6CTiVZab9MSQ Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb37a9d3792d803d41012d2fc2051175d63d0d7cb3bdcbf8095b7a24954bf1ab Request headers c_x-pwa-request true sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:25 GMT via 1.1 a3e4fc96eb3662731567c2fe42feda9a.cloudfront.net (CloudFront) cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 0 x-amz-cf-pop LHR62-C3 x-yottaa-optimizations ob/1000 si/34D1a5fe3863-1718903340-7591651989 tts/1716499759185 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-cache Error from cloudfront x-mobify-proxy-response-error No x-mobify-proxypath header found in request alt-svc h3=":443"; ma=86400 pragma no-cache server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSMRLAstVq1%2FN7PMuCQUA1RXKdo8Eg5urWhZdk7lF6A3gV4ckP2FPhqPi8xAFJCLuStiPS5DkQLQWk3nc%2FugLwYen5hC%2FjFH8VxV8oFBnrS%2F0JCSdYK9M2YB79Uc5wxs9v2bJQezz7vmgLZ1tikIXYxStRs%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 access-control-allow-origin * cache-control no-store access-control-allow-credentials true x-yottaa-metrics 3421a5fe382b/[992,988,-] 34D1a5fe3863/[-,995.532] x-yottaa-os 410 cf-ray 89707066aa104d6e-FRA x-dw-request-base-id 8zMGDiDgdGYBAAB_ x-amz-cf-id GCLjs02FS8PQsSqvJ8Ndh0lnC3b9UfPq8jUO6UtKlphyv9imjpbfxA== expires Thu, 01 Dec 1994 16:00:00 GMT
POST H2	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	600 B 664 B	228ms 223ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash d9fecebeba707fa3c480b62f6c0b4dcff0520817b015c6c09d4267657a9f12c6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 21 Jun 2024 02:06:23 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 600
GET H2	200	6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/	6 KB 2 KB	175ms 133ms	XHR application/x-javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 j7e7fSdncC8T3SCV/IpUig== content-length 1740 x-ms-lease-status unlocked last-modified Mon, 08 Apr 2024 18:41:03 GMT server cloudflare etag 0x8DC57FB71838BE4 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9773fb6d-901e-0002-638d-c19170000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89707067fed12ba2-FRA expires Sat, 22 Jun 2024 02:06:24 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	602ms 22ms	XHR application/json	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" accept application/json Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 8970706d1af81db0-FRA access-control-allow-headers Content-Type
POST H2	201	sync Show response sdk.iad-05.braze.com/api/v3/content_cards/	85 B 228 B	222ms 219ms	XHR application/json	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 057e17e7969ae7180a2372fc87512cbd1d7b285dcc52cc34217b4e633d6060d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" X-Braze-Req-Tokens-Remaining 29 X-Braze-Api-Key 609afcb2-1dc3-41ef-a771-0a9aaf10bf57 X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/json X-Braze-Last-Req-Ms-Ago 7200000 BRAZE-SYNC-RETRY-COUNT 0 X-Requested-With XMLHttpRequest Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ X-Braze-Req-Attempt 1 X-Braze-ContentCardsRequest true sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:24 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id 2c49d182-c637-4698-a0e1-baeb3367d334 x-runtime 0.045452 server cloudflare etag W/"057e17e7969ae7180a2372fc87512cbd" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1718935587 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 8970706b3b046987-FRA x-ratelimit-remaining 494.0
OPTIONS H2	200	sync sdk.iad-05.braze.com/api/v3/content_cards/ Frame	0 0	235ms 234ms	Preflight	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with Access-Control-Request-Method POST Origin https://elfcosmetics.metricly.workers.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 89707069ba626987-FRA content-encoding gzip date Fri, 21 Jun 2024 02:06:24 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	st Show response st.dynamicyield.com/	151 KB 13 KB	507ms 128ms	Script text/javascript	2600:9000:2250:a600:15:ad21:c740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=7smsszqh160hu5mjwykgxgcgtrfi1d2g&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:a600:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8439d3792bfcaadecb8c935e2d794e77d612f6598d721fee178673c467c36c5a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:25 GMT content-encoding gzip via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS" cache-control no-cache x-amz-cf-id tv10BYWTqPCsPgPHfLCzL763uoRXTPzvHwFcMwEh_w0ByWIV4-4mvQ== expires Fri, 21 Jun 2024 02:06:24 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	309ms 27ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 21 Jun 2024 00:29:07 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5838 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 21 Jun 2024 02:29:07 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202306.1.0/	404 KB 98 KB	77ms 31ms	Script application/javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 XJk1ZZTljtwHFT3qcIJg+w== age 22187 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 99599 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:36 GMT server cloudflare etag 0x8DB82A15D413626 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 80bad15d-801e-006c-2fda-12d214000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89707070ff7c6967-FRA
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2	43 B 1 KB	68ms 26ms	Image image/gif	37.252.171.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:25 GMT an-x-request-uuid 3ff67afb-91c7-4921-bde0-b06421924bce server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 212.7.210.181; 212.7.210.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Jun 2024 02:06:25 GMT an-x-request-uuid b5049255-f285-463f-a94d-58b33f97463d server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 cache-control no-store, no-cache, private x-proxy-origin 212.7.210.181; 212.7.210.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	261ms 31ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:25 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2	43 B 1 KB	55ms 5ms	Image image/gif	37.252.171.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:25 GMT an-x-request-uuid 844bc759-e137-49e2-b4cb-b9daaeb9d332 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 212.7.210.181; 212.7.210.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Jun 2024 02:06:25 GMT an-x-request-uuid b1f609a8-1642-4871-b5f7-cdf2140fb4ce server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 cache-control no-store, no-cache, private x-proxy-origin 212.7.210.181; 212.7.210.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 149 B	259ms 30ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:25 GMT server Kestrel content-length 70 content-type image/gif
POST H3	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	32 B 49 B	141ms 135ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash 19e0ccf5f49d76af8db3bcaa13c7fabc8276dcff286235a30c069da7abec2d8e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 21 Jun 2024 02:06:24 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32
GET H3	200	landing googleads.g.doubleclick.net/pagead/ Redirect Chain https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1008852752.1718935586&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL... https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1008852752.1718935586&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=...	42 B 65 B	648ms 29ms	Ping image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1008852752.1718935586&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1995107937.1718935586 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Jun 2024 02:06:25 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1008852752.1718935586&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1995107937.1718935586 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	2024-06-hptile-newArrivals-hero-D-img2-min cdn.media.amplience.net/i/elfcosmetics/	93 KB 93 KB	142ms 107ms	Image image/avif	172.64.155.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4c63c343ab564468df88e50d95efcc7521db14a063b5876ea43899c333ebeda Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:25 GMT cf-cache-status HIT age 25687 x-amp-srv CF edge-cache-tag 9pxSx_fu2,l4p5bDg2e,EL6uw4EsI,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id PSIxuUY7cN alt-svc h3=":443"; ma=86400 content-length 95265 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Thu, 20 Jun 2024 18:58:18 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 89707072cce918f9-FRA x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	dy-coll-min.js Show response cdn.dynamicyield.com/scripts/2.32.0/	196 KB 65 KB	68ms 60ms	Script text/javascript	2600:9000:275d:2000:a:b89d:a6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275d:2000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software DYCDN / Resource Hash 42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:44:25 GMT content-encoding gzip via 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront) last-modified Tue, 02 Apr 2024 09:13:12 GMT server DYCDN age 2002922 x-amz-cf-pop FRA56-P11 etag W/"65b3e284856fb8d657d1f6a3423618c7" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=31536000 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id q0uZu_iW6GlZ7WGQsw0ho9L4LNzk-RhRT80-ksOw1jNug1biBmatTg==
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 220 B	66ms 30ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1654360352&t=pageview&_s=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=53544815&gjid=1567326073&cid=720305637.1718935586&tid=UA-432816-1&_gid=1478647206.1718935586&_r=1&_slc=1&gtm=45He46j0n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&z=944773487 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	2024-06-hptile-newArrivals-hero-D-img3-min cdn.media.amplience.net/i/elfcosmetics/	21 KB 22 KB	63ms 46ms	Image image/avif	172.64.155.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf0bc04f014f0ba1d65c050fa9d2c49183d65bff457becdd380ced028e97e1c1 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:26 GMT cf-cache-status HIT age 6403 x-amp-srv CF edge-cache-tag qwALGRYRV,l4p5bDg2e,xRMdGFflt,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id BRSEnXG7nR alt-svc h3=":443"; ma=86400 content-length 21815 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Fri, 21 Jun 2024 00:19:43 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070766f7b18f9-FRA x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	en.json Show response cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/	158 KB 34 KB	145ms 128ms	Fetch application/x-javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 9wsMlq8mrfV+OngAz8tXzg== content-length 34664 x-ms-lease-status unlocked last-modified Mon, 08 Apr 2024 18:41:16 GMT server cloudflare etag 0x8DC57FB7975EDF7 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 5941c645-b01e-00b4-47a1-c19f88000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 897070768f2d2ba2-FRA expires Sat, 22 Jun 2024 02:06:26 GMT
POST H2	200	uia Show response async-px.dynamicyield.com/	0 383 B	501ms 125ms	XHR text/plain	13.35.58.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/uia?cnst=1&_=1718935586523 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-129.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT via 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id ENb-R_Vr1jr9vPhLPjAnFMV8honH83ZIZvXZ8_Yhau_c3lQi_dohkQ== expires 0
GET H2	200	cnxtag-min.js Show response js.cnnx.link/roi/	2 KB 1 KB	420ms 161ms	Script text/javascript	2600:9000:20eb:f200:11:85b0:d600:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.cnnx.link/roi/cnxtag-min.js?id=316282 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:f200:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f7e9c4d6427d6379534a8324d46af322f1a7b3aebe482a1e5bdaf2e069714568 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT via 1.1 google, 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA2-C1 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 cache-control max-age=600 x-amz-cf-id hLZTJEYL2SDCNnRtMm_UTabSwm3kiTtm8LFGMLwtRGzZezIQEPwasQ==
GET		kpi pixel.pointmediatracker.com/	0 0
GET H2	200	px secure.adnxs.com/	43 B 1 KB	19ms 18ms	Image image/gif	37.252.171.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT an-x-request-uuid 47092f99-9eb0-453c-84c0-3ea9705bff81 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 212.7.210.181; 212.7.210.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	31ms 31ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:26 GMT server Kestrel content-length 70 content-type image/gif
POST H2	200	batch async-px.dynamicyield.com/	0 383 B	339ms 120ms	Ping text/plain	13.35.58.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/batch?cnst=1&_=1718935586687_809946 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-129.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT via 1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id R9ognk_1MEEBli9W3g7OoEXK6iCkM80O7Lm25tNl5ddrkrOlQfZHeg== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	319ms 123ms	Fetch	13.35.58.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=584426&uid=-7439946329294053343&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=e30ec0df5a5ac9138f5de9fd7d17996c&expSes=56749&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=9089789355642627950&cgtgDecisionId=9089789357624689470&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1718935585709&rri=8724968 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-129.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT via 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id cnqxF3CEqaFuD0t1g_L22InRnWt4Rt7WsYVZMz4P6xtpQYKeFku5ng== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	306ms 121ms	Fetch	13.35.58.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=413948&uid=-7439946329294053343&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=e30ec0df5a5ac9138f5de9fd7d17996c&expSes=56749&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=9089789356307094843&cgtgDecisionId=9089789357840549857&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1718935585718&rri=1864304 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-129.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT via 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id Slpnl2In7QkIZfP7V0XMCk1KJMtBOTH7RA0KKvy6tRt0E3JiO3OWRw== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	301ms 124ms	Fetch	13.35.58.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=266239&uid=-7439946329294053343&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=e30ec0df5a5ac9138f5de9fd7d17996c&expSes=56749&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=9089789356209249268&cgtgDecisionId=9089789354802112076&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1718935585720&rri=5325850 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-129.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:26 GMT via 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id aTWqWZlv21V70IDJzT5264T87gaN58P791eFIcZLC0i08KnPFcWFdQ== expires 0
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 20ms	Image image/gif	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1654360352&t=event&ni=1&_s=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEDAAEABAAAAACgAIAC~&jid=&gjid=&cid=720305637.1718935586&tid=UA-432816-1&_gid=1478647206.1718935586&gtm=45He46j0n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=homepage&cd19=&cd21=US&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&z=2111816891 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 15:37:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 37738 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	event qoe-1.yottaa.net/log-nt/	3 B 191 B	1071ms 168ms	Ping text/json	204.2.133.193 YOTTAA-AS-1
General Check archive.org Show headers Download Go to Full URL https://qoe-1.yottaa.net/log-nt/event Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.2.133.193 , United States, ASN393259 (YOTTAA-AS-1, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 21 Jun 2024 02:06:27 GMT access-control-expose-headers X-Results-Data-Source access-control-allow-credentials true cache-control no-cache timing-allow-origin * content-type text/json
GET H2	200	var async-px.dynamicyield.com/	0 0	123ms 123ms	Fetch	13.35.58.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=471150&uid=-7439946329294053343&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28646951%5D&ses=e30ec0df5a5ac9138f5de9fd7d17996c&expSes=56749&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=9089789357091772994&cgtgDecisionId=9089789357603807165&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1718935585984&rri=4262842 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-129.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT via 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id rCWBotSyLP2ak_Gha85sQkcMEAp8dmKHWFmaC_g3IUwa5KCT2dIaNA== expires 0
GET H3	200	site.min.js Show response edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/	84 KB 20 KB	481ms 335ms	Script application/javascript	104.18.27.211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.27.211 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT x-amz-version-id .qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr content-encoding br cf-cache-status REVALIDATED x-amz-request-id RPXSJ13M5FXMKBRV x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 x-amz-id-2 6cY9mAMu73SrD7POigB8vFDNHhpy0PMxrmHuYyUnVFLdAd3tw2zS6tzOVGrAiV3dD81fugC1Ni2QKW5l2LshL85b+yLfqRYYVEQTHQBzJhk= last-modified Fri, 07 Jun 2024 18:56:15 GMT server cloudflare etag W/"50d92f85574de50a7d4a214fa4131720" vary Accept-Encoding content-type application/javascript cache-control max-age=1800,s-maxage=1800 cf-ray 8970707bab1c9c07-FRA
POST H2	200	batch async-px.dynamicyield.com/	0 384 B	117ms 116ms	Ping text/plain	13.35.58.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/batch?cnst=1&_=1718935586989_723710 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-129.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT via 1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id djRaKCgZubjXdVUyplY7LyaSXWdIHsYRl4VvKKGJQbd2h78quo4ZzQ== expires 0
GET H2	200	110221.ct.js Show response tag.rmp.rakuten.com/	47 KB 15 KB	271ms 38ms	Script text/javascript	34.102.147.248 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.rmp.rakuten.com/110221.ct.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 248.147.102.34.bc.googleusercontent.com Software / Resource Hash 9b5689532d9b3e869249e031756e25ad9c13f22311116e39523a8252fd3afe86 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000 last-modified Fri, 21 Jun 2024 02:06:27 GMT x-cache hit x-samesite secure content-type text/javascript cache-control max-age=86400 x-dyn 0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	js Show response www.paypal.com/sdk/	424 KB 119 KB	825ms 518ms	Script application/javascript	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8504109b1bce264edc0e1a03488e5a911871fac641ddee2a4ec8c51d2078b5d8 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-5hGD2y0bqN/J/hmyzrlrxJXwB6/JTWZpm2GNiyFfYV5lcee7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-5hGD2y0bqN/J/hmyzrlrxJXwB6/JTWZpm2GNiyFfYV5lcee7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-5hGD2y0bqN/J/hmyzrlrxJXwB6/JTWZpm2GNiyFfYV5lcee7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-5hGD2y0bqN/J/hmyzrlrxJXwB6/JTWZpm2GNiyFfYV5lcee7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff disable-set-cookie true via 1.1 varnish, 1.1 varnish, 1.1 varnish date Fri, 21 Jun 2024 02:06:27 GMT age 0 strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, HIT, MISS p3p true paypal-debug-id f1819737bb670 server-timing "traceparent;desc="00-0000000000000000000f1819737bb670-b046c8a162790f93-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 119481 x-xss-protection 1; mode=block x-served-by cache-lhr-egll1980056-LHR, cache-mad2200141-MAD, cache-mad2200141-MAD accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f1819737bb670-2d4e4b396e5575f8-01 x-timer S1718935587.321298,VS0,VE478 etag W/"1d2b9-bshmImIdV1cxwK1pXAEY6knlyT8" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 0, 0, 0
GET H/1.1	200 OK	main.js Show response static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/	146 KB 43 KB	1086ms 274ms	Script application/javascript	104.69.171.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.69.171.185 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-69-171-185.deploy.static.akamaitechnologies.com Software nginx / Express Resource Hash 2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=15768000 Content-Encoding gzip Date Fri, 21 Jun 2024 02:06:27 GMT Server nginx X-Powered-By Express ETag W/"f3bc9cdcf9c97d0ec2f18fd72203201caef8fea5-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control must-revalidate, max-age=900 Connection keep-alive Content-Length 43361 Expires Fri, 21 Jun 2024 02:21:27 GMT
GET H/1.1	200 OK	/ Show response websdk.appsflyer.com/	38 KB 12 KB	715ms 23ms	Script application/javascript	2a02:26f0:7100::213:c682 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://websdk.appsflyer.com/?st=banners& Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::213:c682 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 21 Jun 2024 02:06:27 GMT Content-Encoding gzip x-amz-request-id YNGC7PCXVN28Z00Q x-amz-server-side-encryption AES256 Connection keep-alive Content-Length 11792 x-amz-id-2 vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU= Last-Modified Wed, 14 Jun 2023 06:58:45 GMT Server AmazonS3 ETag "5a676288bcea03bd05e483bc4ce066ae" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=847 Accept-Ranges bytes X-DataStream-Cache-Status 1 Expires Fri, 21 Jun 2024 02:20:34 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	310 KB 103 KB	179ms 49ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7313ae9561a0a022c40de6ed24161267a2827f1308b1b81eb7e540fe5d346dba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 105185 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 21 Jun 2024 02:06:27 GMT
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	329ms 41ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Fri, 21 Jun 2024 02:06:27 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	213 KB 77 KB	106ms 39ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash edd80f5f4ec2d83140eabe939ed704a8d7b98d582f3610b6db4a7b542a207e86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78267 x-xss-protection 0 last-modified Fri, 21 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Jun 2024 02:06:27 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	213 KB 77 KB	112ms 47ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fbb56eef3612d77f2542d890fe76ad57286c661a1694ff42e3f7a9f14644b8c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78265 x-xss-protection 0 last-modified Fri, 21 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Jun 2024 02:06:27 GMT
GET H2	200	1a8bfa042c9c5.js Show response t.contentsquare.net/uxa/	336 KB 80 KB	185ms 34ms	Script application/javascript	18.244.18.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.contentsquare.net/uxa/1a8bfa042c9c5.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-60.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d841b6859d2469f63df65c0a91d70da822367d82810d4d08900d79b21bdddc19 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 07:38:52 GMT content-encoding br via 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 age 0 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 81626 last-modified Wed, 19 Jun 2024 07:37:38 GMT server AmazonS3 etag "833f870d397c05130b52ad5dd9f75837" vary Origin content-type application/javascript;charset=utf-8 cache-control max-age=900 accept-ranges bytes timing-allow-origin * x-amz-cf-id WSQdX4Ts54J1ML33Ypn3Vwg4GwcU1lN6ze8dlGIxO1Z6ekDTIm5aRA==
GET H2	200	loader.js Show response cdn.usehero.com/	98 KB 28 KB	179ms 31ms	Script application/javascript	2600:9000:2761:e200:13:d6f4:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.usehero.com/loader.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2761:e200:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 01:10:23 GMT content-encoding gzip via 1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront) last-modified Tue, 19 Sep 2023 07:56:38 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 age 3367 x-amz-server-side-encryption AES256 etag W/"fbf714a58cbac38c0deea519667d9044" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id VdjcazZnMbEAHy4GmkQaX6XQE0j75S1FBbhZIiBZV3SBIJ7K891KDg==
GET H2	200	destination Show response www.googletagmanager.com/gtag/	213 KB 77 KB	143ms 81ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 656c9d3250e44033a51b287ac774c1422c47a5de4a53281af674084aa582015e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78292 x-xss-protection 0 last-modified Fri, 21 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Jun 2024 02:06:27 GMT
GET H3	405	favicon.ico elfcosmetics.metricly.workers.dev/	23 B 837 B	336ms 294ms	Other text/plain	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b561af6ac3945ba56eed08a582e1d30b3307d066377d10aad15eaea98a55ce2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT via 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-P7 x-amzn-requestid de7e16a1-c05d-4402-a818-b2aea5dedbc7 x-yottaa-optimizations ob/0 si/36D18cae0e5e-1718903339-4596216280 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 23 x-amz-apigw-id Zsf1kG2dCYcEdmg= server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjLV06xL9rueNoy9bdIbu1O4bdBdsKTcu4e%2BrU0lHhiC83wyPobNnUrtN2lMS%2BEXpeJb7TBB9Otc7HSlIZbMKGRZnrez1O1WuUk7kY3iGvnfymLAHDYkqggutQnboKcwHzzf6g%2FMpVhiQ8r%2FTKB1IQMHzqs%3D"}],"group":"cf-nel","max_age":604800} content-type null x-yottaa-metrics 36218cae0e40/[163,159,-] 36D18cae0e5e/[-,163.504] x-yottaa-os 405 cf-ray 8970707bafc3bbfe-FRA x-amz-cf-id ekbJ75iv0Tyq7obS6pbvvVLwIRSjXuPFJZ7TUDE0-Jb_dMM2gZHkgQ==
GET H2	200	core.js Show response s.pinimg.com/ct/	5 KB 2 KB	187ms 21ms	Script application/javascript	2a04:4e42:8e::84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/core.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding br x-cdn fastly etag "9bc4bd8fd6a7603cc1c91cc83fc17417" x-amz-server-side-encryption AES256 access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-expose-headers X-CDN vary Accept-Encoding, Origin cache-control max-age=7200 alt-svc h3=":443";ma=600 content-length 1878
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	93ms 31ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 21 Jun 2024 02:06:27 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug 3crmJiHlIO0c8wEnMe/5iSegmZyLU7oOWtencr2r0AEuvI409gj3NFdTmWXRP0QDaOTPyfJh/vGOplyf5ix53A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	460ms 52ms	Script application/javascript	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 20 Jun 2024 19:23:03 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "71b328aff914ada8b774bfa8fff542c4" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 12116
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/	13 KB 3 KB	133ms 119ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED content-md5 5mNZducabMgxSDzBo+ZI8w== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3017 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:30 GMT server cloudflare etag 0x8DB82A159AF8EA6 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 1708d0d5-801e-0034-7f8d-c13c22000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8970707c0aac2ba2-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/	61 KB 13 KB	89ms 75ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED content-md5 sXFDxCJwbPEMIT/8f5Prwg== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12544 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:33 GMT server cloudflare etag 0x8DB82A15AFF8646 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 8c3f2d6e-b01e-0073-018d-c1e349000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8970707c0aae2ba2-FRA
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/	5 KB 2 KB	180ms 166ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 v0pzgeeelPwcAOki15i3HA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1766 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:32 GMT server cloudflare etag 0x8DB82A15AB9FB83 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 5ddb9032-a01e-00c6-767f-c3eeb6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8970707c0aaf2ba2-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/	21 KB 4 KB	106ms 93ms	Fetch text/css	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding gzip content-md5 oWkBTLgDDXvrUsd93y/Zxg== x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:41 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 9ac6eb1f-a01e-004e-628d-c1566f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8970707c0ab02ba2-FRA
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	434ms 47ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 21 Jun 2024 02:06:26 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 36164E91A3AB4D658EB9AD1CEEC5EE08 Ref B: DUS30EDGE0309 Ref C: 2024-06-21T02:06:27Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	8 KB 3 KB	564ms 182ms	Script application/javascript	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 24ff37213f15b3408c53f76a09fd7680365fcf1da38ad6b0c649d6baab3882de Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 16094391.78e5f63 date Fri, 21 Jun 2024 02:06:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406210206276CA97A4989CB0EBA9499-19F3F29C57ADA279-00 x-cache TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 142,2.16.119.168 server-timing cdn-cache; desc=MISS, edge; dur=134, origin; dur=9, inner; dur=4 content-length 2361 pragma no-cache server nginx x-tt-logid 202406210206276CA97A4989CB0EBA9499 x-cache-remote TCP_MISS from a23-201-31-190.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 9,23.201.31.190 x-tt-trace-host 015547b42e38dafb745eb0415774d17674301ea32a34b875684c3c47b3884f057b47e2b2fe7729805956842279f02bdb31996244d231cb5813862febfb5d962b7b044dc7d4ac84a3fddb4f7db2ad606466bfdd660b2fdeafebfa34d365879e9882160bc4b87985a91d66ebf47e94717637 expires Fri, 21 Jun 2024 02:06:27 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	7 KB 3 KB	501ms 158ms	Script application/javascript	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash bc40a0e06e31701ad7ef8eef3c68811b6664ed03c94238ced376cf759e9c3dfa Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id ad90d290.78e5f62 date Fri, 21 Jun 2024 02:06:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240621020627E7F598A860E95AB56B65-15760D1EEEB52611-00 x-cache TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 113,2.16.119.168 server-timing cdn-cache; desc=MISS, edge; dur=101, origin; dur=12, inner; dur=5 content-length 2335 pragma no-cache server nginx x-tt-logid 20240621020627E7F598A860E95AB56B65 x-cache-remote TCP_MISS from a23-32-16-72.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 12,23.32.16.72 x-tt-trace-host 015547b42e38dafb745eb0415774d17674301ea32a34b875684c3c47b3884f057ba5dedb64fac281f41c2d28155cb3f762a690add0fb8b6eb778a103cc67325aa3c31d836e4be39517cc157665b0c639db0918fccbb67efcd68375a8ce05469619a6999a092a0009667f79b19575ca33be expires Fri, 21 Jun 2024 02:06:27 GMT
GET H2	200	widget.js Show response js.jebbit.com/companion/v1/	44 KB 45 KB	341ms 29ms	Script text/javascript	2600:9000:206f:ee00:a:7914:b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:ee00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cc9709489aeba0f23cc18fd3d1ff6f2087e1381ba6dbe92e98738228d520fd54 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id j3bLD5VAFZVsHy8WM9iuVjqRLf9F9664 date Thu, 20 Jun 2024 05:32:01 GMT via 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront) last-modified Thu, 02 May 2024 15:04:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 74067 x-amz-server-side-encryption AES256 etag "226557253164387c89ed4612b780f10f" x-cache Hit from cloudfront content-type text/javascript accept-ranges bytes content-length 45245 x-amz-cf-id y8QztsinR17dF_HC9yRsqxPxO99p6HrzDr03NxQzD10eTdyU2kn84w==
POST H3	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	32 B 49 B	130ms 124ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash 19e0ccf5f49d76af8db3bcaa13c7fabc8276dcff286235a30c069da7abec2d8e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 21 Jun 2024 02:06:26 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32
GET H2	200	src=10265292;dc_pre=CPfl5IjO64YDFS9oHgIdoLoU4A;type=conte0;cat=homep0;ord=1898365226751;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=1898365226751;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Ch... https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CPfl5IjO64YDFS9oHgIdoLoU4A;type=conte0;cat=homep0;ord=1898365226751;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromiu...	42 B 107 B	65ms 64ms	Image image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CPfl5IjO64YDFS9oHgIdoLoU4A;type=conte0;cat=homep0;ord=1898365226751;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H2 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CPfl5IjO64YDFS9oHgIdoLoU4A;type=conte0;cat=homep0;ord=1898365226751;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	src=10742279;dc_pre=CMPB5ojO64YDFR1LHgIdgfYGNg;type=elf8j0;cat=glo_flhp;ord=9453414192208;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=9453414192208;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Bra... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMPB5ojO64YDFR1LHgIdgfYGNg;type=elf8j0;cat=glo_flhp;ord=9453414192208;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;...	42 B 107 B	66ms 66ms	Image image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMPB5ojO64YDFR1LHgIdgfYGNg;type=elf8j0;cat=glo_flhp;ord=9453414192208;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H2 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMPB5ojO64YDFR1LHgIdgfYGNg;type=elf8j0;cat=glo_flhp;ord=9453414192208;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	src=10742279;dc_pre=CPbC5ojO64YDFVBpHgIdPb8N4A;type=elf8j0;cat=glo_flap;ord=1156553418964;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=1156553418964;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Bra... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbC5ojO64YDFVBpHgIdPb8N4A;type=elf8j0;cat=glo_flap;ord=1156553418964;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;...	42 B 118 B	63ms 63ms	Image image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbC5ojO64YDFVBpHgIdPb8N4A;type=elf8j0;cat=glo_flap;ord=1156553418964;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H2 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CPbC5ojO64YDFVBpHgIdPb8N4A;type=elf8j0;cat=glo_flap;ord=1156553418964;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	display Show response api.usehero.com/webplugin/	118 B 1 KB	375ms 198ms	XHR application/json	54.77.57.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&state=untouched&outboundFeature= Requested by Host: cdn.usehero.com URL: https://cdn.usehero.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.77.57.236 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-77-57-236.eu-west-1.compute.amazonaws.com Software / Resource Hash c5ad3aa264dcc292b5d88e4c79831a0093e4101c5bfb58897918a0ba3d21dee4 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload x-permitted-cross-domain-policies none cross-origin-embedder-policy require-corp surrogate-control no-store x-dns-prefetch-control off x-time-zone Europe/Amsterdam klarna-correlation-id 70018841-5a35-4fbf-95e9-3ab6c254ed6a x-envoy-upstream-service-time 13 cross-origin-resource-policy same-origin x-geo-longitude 4.89950 content-length 118 x-xss-protection 0 x-request-id 70018841-5a35-4fbf-95e9-3ab6c254ed6a pragma no-cache referrer-policy same-origin cross-origin-opener-policy same-origin etag W/"76-CWmX1SKI0Bw98hD/hdoB+8q21S0" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-geo-latitude 52.38240 x-country NL x-accuracy 100 expires 0
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	340ms 281ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1580013394.1718935588&ecid=1745424588&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-GE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1008852752.1718935586&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1718935587&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=pageview&_fv=1&_nsi=1&_ss=1&ep.vendor_id=pinterest&ep.email=&ep.event_id=1718935717812_17189361538949&ep.external_id=&tfd=7479&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 314 B	210ms 160ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1580013394.1718935588&ecid=1745424588&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-GE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1008852752.1718935586&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1718935587&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.page_country=US&_et=3&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=7488&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	302ms 267ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1580013394.1718935588&ecid=1745424588&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-GE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=IA&sst.rnd=1008852752.1718935586&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=3&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1718935587&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&en=view_promotion&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.promotions=%5Bobject%20Object%5D&ep.promotion_name=2024-04-makeupRemoverAcneFocus-tile2%20-%20Banner%20Side%20By%20Side%20(v2)&ep.promotion_id=51900033-4b71-48b7-9139-a1faa2b92b79&ep.creative_name=Banner%20Side-by-Side&_et=2&tfd=7503&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	434ms 401ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1580013394.1718935588&ecid=1745424588&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-GE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1008852752.1718935586&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=4&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1718935587&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.vendor_id=facebook&ep.event_id=1718935717812_171893615389412&ep.email=&ep.phone=&_et=1&tfd=7504&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H3	200	src=9231397;dc_pre=COLX6ojO64YDFTFHHgIdn1oIlQ;type=retarget;cat=globa0;ord=3953454992242;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=3953454992242;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.... https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COLX6ojO64YDFTFHHgIdn1oIlQ;type=retarget;cat=globa0;ord=3953454992242;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab...	42 B 63 B	56ms 55ms	Image image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COLX6ojO64YDFTFHHgIdn1oIlQ;type=retarget;cat=globa0;ord=3953454992242;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Jun 2024 02:06:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COLX6ojO64YDFTFHHgIdn1oIlQ;type=retarget;cat=globa0;ord=3953454992242;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.js Show response tag.wknd.ai/4142/	18 KB 6 KB	129ms 31ms	Script text/plain	34.120.253.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.wknd.ai/4142/i.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.253.120.34.bc.googleusercontent.com Software istio-envoy / Resource Hash fa82f442825e37da450753beffc9ef5169fb2219bbc409c28b19e55000d7285f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 00:01:49 GMT content-encoding gzip x-envoy-decorator-operation tag-router.tag-router.svc.cluster.local:80/* via 1.1 google age 7479 x-envoy-upstream-service-time 0 x-region us-central1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5912 server istio-envoy etag dca4f14476b310 vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control public,max-age=60 timing-allow-origin * link <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
GET H3	200	include.js Show response cdn8.eu.inside.chat/gtm/IN-1011171-EC/	23 KB 6 KB	161ms 74ms	Script application/javascript	104.18.9.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bb5a96a0b8bb188276405893ba46f3dcb643f868258f089870e4ee0edc18bec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT strict-transport-security max-age=31536000; includeSubdomains content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 11 Jun 2024 18:33:40 GMT server cloudflare cf-polished origSize=33893 etag W/"01a48e12dbcda1:0" vary Accept-Encoding content-type application/javascript cache-control public, max-age=3600 cf-ray 897070811cbd194b-FRA alt-svc h3=":443"; ma=86400 expires Fri, 21 Jun 2024 03:06:28 GMT
GET H2	200	main.f74ed22b.js Show response s.pinimg.com/ct/lib/	70 KB 20 KB	22ms 21ms	Script application/javascript	2a04:4e42:8e::84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/lib/main.f74ed22b.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:27 GMT content-encoding br x-cdn fastly etag "446a72b73c00f6022c92a764d3c540bb" x-amz-server-side-encryption AES256 access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-expose-headers X-CDN vary Accept-Encoding, Origin cache-control max-age=1209600 alt-svc h3=":443";ma=600 content-length 20114
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/84314bef/www-widgetapi.vflset/	24 KB 8 KB	25ms 23ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 01:30:04 GMT content-encoding br x-content-type-options nosniff age 2183 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8237 x-xss-protection 0 last-modified Mon, 17 Jun 2024 04:18:28 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 21 Jun 2025 01:30:04 GMT
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 623 B	33ms 30ms	Image image/svg+xml	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 pcXWFGpuVeSg/jVnYCseRg== age 27110 x-ms-lease-status unlocked last-modified Wed, 19 Jun 2024 02:33:18 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id d78e67d0-001e-008f-5bf8-c1ddd6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 89707080bc596967-FRA
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 527 B	71ms 71ms	Fetch image/svg+xml	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status EXPIRED content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 19:47:43 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 681a1291-101e-005c-3d7f-c36273000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 89707080ee232ba2-FRA
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	53ms 51ms	Image image/png	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 E8+sk/ECzKgTUVtDLikiIA== age 37916 content-length 4036 x-ms-lease-status unlocked last-modified Wed, 19 Jun 2024 02:33:19 GMT server cloudflare etag 0x8DC90082E5D1DAE vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id e0ec432e-a01e-00cd-48b1-c2f6c2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 897070814c816967-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	56ms 54ms	Image image/svg+xml	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 21 Jun 2024 02:06:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 6476 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 06:41:41 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 8ccab52c-501e-0097-3945-c3f043000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 897070814c826967-FRA
GET		experience.min.js edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/	0 0
GET H2	200	1638306756445368 Show response connect.facebook.net/signals/config/	71 KB 15 KB	91ms 90ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1638306756445368?v=2.9.158&r=stable&domain=elfcosmetics.metricly.workers.dev&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3c6ad532f6b2681f5bbf520f052c20564518db128d49c4faa8bfde69fff49760 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 21 Jun 2024 02:06:28 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=62, mss=1297, tbw=63550, tp=-1, tpl=-1, uplat=71, ullat=0 pragma public x-fb-debug sRlZqXuRGa45z9RUIPPgO0saJ7Qxl1xQD0FNWcAG9aTGVfXt7YxpVpwUBkOs7ofKLPpiy/quA4KOQXdmQ1cWyA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	2024-06-hptile-newArrivals-hero-D-img4-min cdn.media.amplience.net/i/elfcosmetics/	76 KB 77 KB	35ms 35ms	Image image/avif	172.64.155.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=2460%203x Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26663e70816428e507929d3c42621895551903c5ceab3bedbf1b3d41385bd309 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT cf-cache-status HIT age 56127 x-amp-srv CF edge-cache-tag 161Cnzq2o,l4p5bDg2e,imkN6HLGL,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id c6WEX5VyqL alt-svc h3=":443"; ma=86400 content-length 78301 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Thu, 20 Jun 2024 10:31:01 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 89707081de7018f9-FRA x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_16331p/	3 B 124 B	235ms 43ms	XHR application/json	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_16331p/config Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT content-encoding gzip via 1.1 varnish content-type application/json access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes content-length 27
GET H2	200	t2_16331p_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 699 B	136ms 48ms	XHR application/json	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 97
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	232ms 42ms	Image image/gif	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1718935588173&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=f6f7b635-7838-454d-9dbd-599b3972c7c1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	widget.css js.jebbit.com/companion/v1/	15 KB 16 KB	24ms 23ms	Stylesheet text/css	2600:9000:206f:ee00:a:7914:b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.css Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:ee00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 875ca118023e8741e684a320e73b7f9af4e8eba6c88f1f7e8457f7c0cdda6efb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 5TtP6A3FvksKClCFN7X6r1PsSCc1hWlP date Thu, 20 Jun 2024 04:17:22 GMT via 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront) last-modified Thu, 02 May 2024 15:04:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 78603 x-amz-server-side-encryption AES256 etag "de1b72e797664b9b2c2139e5ccb24844" x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 15521 x-amz-cf-id dA6WNXSG6XVUEoZnK-6AnKJayHDwsWdVesZnd9peK-FHUmMaiLCEDg==
GET H2	200	launcher_configs Show response external-api.jebbit.com/moments/v2/	2 B 457 B	200ms 25ms	XHR application/json	18.193.239.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZlbGZjb3NtZXRpY3MubWV0cmljbHkud29ya2Vycy5kZXYlMkY=&completedLightboxCampaigns=W10=&jebbitCookies= Requested by Host: js.jebbit.com URL: https://js.jebbit.com/companion/v1/widget.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.239.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-239-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff surrogate-control no-store x-dns-prefetch-control off content-length 2 x-xss-protection 1; mode=block pragma no-cache etag W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w" x-download-options noopen vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-store, no-cache, must-revalidate, proxy-revalidate access-control-allow-credentials true expires 0
GET H2	200	local www.paypal.com/credit-presentment/experiments/ Frame 78BC	0 0	145ms 48ms	Document text/html	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.6&integrationType=SDK Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-expose-headers Server-Timing age 34497 cache-control s-maxage=86400, max-age=0 content-encoding gzip content-length 1524 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com content-type text/html; charset=utf-8 date Fri, 21 Jun 2024 02:06:28 GMT dc ccg11-origin-www-1.paypal.com edge-cache-tag up-treatments-zoid etag W/"1479-D0DQOkSTeXVVSbtO0EcdMH9sEk8" origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f8749963d4417 permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing "traceparent;desc="00-0000000000000000000f8749963d4417-47b04adf10cb8215-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f8749963d4417-1dfbd4272c008aab-01 vary Accept-Encoding via 1.1 varnish, 1.1 varnish, 1.1 varnish x-cache HIT, HIT, MISS x-cache-hits 5, 4473, 0 x-served-by cache-lhr-egll1980075-LHR, cache-mad22044-MAD, cache-mad22044-MAD x-timer S1718935588.463530,VS0,VE7 x-xss-protection 1; mode=block
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 5 KB	396ms 396ms	Script application/x-javascript	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=elfcosmetics.metricly.workers.dev&t=xo&v=5.0.447&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-x+EEvQIw1SfjZzKvcFJlrN5aI0iGNPM+KX1bmhQk+Cvfg/TI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-x+EEvQIw1SfjZzKvcFJlrN5aI0iGNPM+KX1bmhQk+Cvfg/TI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff date Fri, 21 Jun 2024 02:06:28 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload age 0 x-cache MISS, MISS, MISS paypal-debug-id f8970759bcf46 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 4338 x-xss-protection 1; mode=block x-served-by cache-lhr-egll1980028-LHR, cache-mad2200141-MAD, cache-mad2200141-MAD accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f8970759bcf46-9d2a9483a9bdde5c-01 x-timer S1718935588.342335,VS0,VE350 etag W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=3600 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 0, 0, 0
GET H2	200	main.MTU0NDc1MDUxMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	344 KB 99 KB	43ms 43ms	Script application/javascript	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 52960b56e4d4fbf39e5cae2833367131bb2354c69ab5d9eb296d82733f62923d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 78e6158 date Fri, 21 Jun 2024 02:06:28 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024062015140006D84769AF38BF870051 x-tt-trace-id 00-24062015140006D84769AF38BF870051-093E6D1C40D5C17F-00 vary Accept-Encoding x-cache TCP_HIT from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 0146e212852dbb42ffe64e40ec607a904b373a7be93ebd2b029f7222b12640622975509a145d136f090a5cc6081e0f11f334cfd6680782e9f3dfd716ecbcd00866fcfb36de249570d7a6f3de75e33731f9e3e181b62fd49abab3ec604d5c887762 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 101183
GET H2	200	main.MTU0NDc1MDUxMA.js Show response analytics.tiktok.com/i18n/pixel/static/	339 KB 97 KB	106ms 106ms	Script application/javascript	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 78e615f date Fri, 21 Jun 2024 02:06:28 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240620151358935A4F65AB47968E4161 x-tt-trace-id 00-240620151358935A4F65AB47968E4161-6706E27DFFBE1078-00 vary Accept-Encoding x-cache TCP_HIT from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01448be5ec30a2cbcb6372c5efc9deed193427e27ec72166730df19dd3ac5d38a3372142e93c12b2bd6577446285889982c63d43b7a6f5b6ab49cea416b70bf1b7cc4feb470d1ab5c674c7c76861a5d6ec1fc1a0c82020538501776325914bae1f server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 98425
GET H2	204	5013978.js Show response bat.bing.com/p/action/	0 117 B	42ms 42ms	Script text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5013978.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Fri, 21 Jun 2024 02:06:27 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: B70D17C7218C4A5A87AF009FF674E8D0 Ref B: DUS30EDGE0309 Ref C: 2024-06-21T02:06:28Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 287 B	76ms 51ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=0ad7c66e-538a-4543-9440-a25d060c31bd&sid=dede62e02f7211efaff4b9d9c705664e&vid=dedfb9d02f7211efb6fe8bb9d02dccda&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&p=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&r=&lt=6417&evt=pageLoad&sv=1&rn=324323 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 21 Jun 2024 02:06:27 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 789DF14C46CD42B3912983818C8EA467 Ref B: DUS30EDGE0309 Ref C: 2024-06-21T02:06:28Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/	1014 B 927 B	240ms 235ms	XHR application/json	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5f382de69ebbbec972d6d84510bd0b54283ec8bdbb7eada16ce8f7c7972f1dc8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json accept application/json Referer https://elfcosmetics.metricly.workers.dev/ sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS, MISS, MISS paypal-debug-id f319421a5af61 server-timing content-encoding;desc="br",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-lhr-egll1980042-LHR, cache-mad22081-MAD, cache-mad22081-MAD accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f319421a5af61-488b88d900a0aa11-01 x-timer S1718935589.765810,VS0,VE195 etag W/"3f6-so8z2hfHfyH5Bw+k0iebFIj8wHo" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges none x-cache-hits 0, 0, 0
GET H2	200	jsp Show response ut.rd.linksynergy.com/	148 B 405 B	114ms 43ms	Script text/plain	34.98.67.3 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 3.67.98.34.bc.googleusercontent.com Software / Resource Hash 1b2fd89bc70a8dfe920b8ef0f572568648d04290cc66d033c0b24fccb3cb2f43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/plain; charset=utf-8 date Fri, 21 Jun 2024 02:06:28 GMT via 1.1 google strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148 x-samesite secure
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	332ms 240ms	Preflight	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://elfcosmetics.metricly.workers.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control max-age=0, no-cache, no-store, must-revalidate content-length 0 date Fri, 21 Jun 2024 02:06:28 GMT dc ccg11-origin-www-1.paypal.com origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f319421d35e0d permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f319421d35e0d-60d2e8c41958b2cf-01 via 1.1 varnish, 1.1 varnish, 1.1 varnish x-cache MISS, MISS, MISS x-cache-hits 0, 0, 0 x-content-type-options nosniff x-served-by cache-lhr-egll1980058-LHR, cache-mad22081-MAD, cache-mad22081-MAD x-timer S1718935589.520470,VS0,VE197
GET H3	200	ig.js Show response cdn8.eu.inside.chat/	124 KB 42 KB	64ms 60ms	Script text/javascript	104.18.9.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn8.eu.inside.chat/ig.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d13f13f041941770ae11a3ae675276c43cea109b5f4625264388383e2ffec45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT strict-transport-security max-age=31536000; includeSubdomains content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare cf-polished origSize=171336 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 cf-ray 89707083ae8d194b-FRA alt-svc h3=":443"; ma=86400 expires Fri, 21 Jun 2024 03:06:28 GMT
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 645 B	205ms 77ms	XHR application/json	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1718935588412&dep=2%2CPAGE_LOAD Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT content-encoding gzip x-cdn fastly x-envoy-upstream-service-time 0 alt-svc h3=":443";ma=600 x-pinterest-rid 1563127592288893 content-length 186 pin-unauth dWlkPVlUSmhZMlk1T1RndFlqSXlPQzAwTjJZMkxXRmlObUl0TjJWaVpqWXlPVFk1WW1ZMw pragma no-cache referrer-policy origin content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true pinterest-version 275429db13fe9c80de8a863bf33caf35d9136bc7 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 300 B	211ms 85ms	XHR application/json	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221718935717812_171893615389412%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1718935588414&dep=5%2CEVENT_TAGS_ABSENT Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:28 GMT content-encoding gzip x-cdn fastly x-envoy-upstream-service-time 0 alt-svc h3=":443";ma=600 x-pinterest-rid 1011046678166560 content-length 186 pin-unauth dWlkPVlUZ3laakppWmpRdE5HRmlNUzAwT0RnNUxUbGlaakF0T0RjME1qZzFOVGswT0dVMw pragma no-cache referrer-policy origin content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true pinterest-version 275429db13fe9c80de8a863bf33caf35d9136bc7 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 0	187ms 82ms	Fetch image/gif	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1718935588433 Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:28 GMT referrer-policy origin x-cdn fastly content-type image/gif access-control-allow-origin https://elfcosmetics.metricly.workers.dev pinterest-version 275429db13fe9c80de8a863bf33caf35d9136bc7 cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true x-envoy-upstream-service-time 0 alt-svc h3=":443";ma=600 x-pinterest-rid 7289416975965547 content-length 35 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	74ms 25ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&rl=&if=false&ts=1718935588577&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1718935588569.904803788808497184&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1718935588122&coo=false&eid=1718935717812_171893615389412&tm=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 21 Jun 2024 02:06:28 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	359ms 311ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&rl=&if=false&ts=1718935588577&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1718935588569.904803788808497184&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1718935588122&coo=false&eid=1718935717812_171893615389412&tm=1&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa90e50505ca4fe26","source_keys":["1","2"]},{"key_piece":"0x521824ae15b46aad","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 21 Jun 2024 02:06:28 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382772136317967489", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=17, mss=1297, tbw=3138, tp=-1, tpl=-1, uplat=292, ullat=0 pragma no-cache x-fb-debug QtkwM+p0BbXfvMURY1mAJcK0AjH2hFO0U8ml8dd/VUp0f7r6usGqgaeQX+wdai4R2K8nVsZADOyGcNhchXSjiw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382772136317967489"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	45ms 45ms	Script application/javascript	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 78e61cc date Fri, 21 Jun 2024 02:06:28 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240521140000F6EA61DCE730BE4411EC x-tt-trace-id 00-240521140000F6EA61DCE730BE4411EC-2D7B7F7384BCF572-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01ac90f4fca667dcd40480339625fdd61fe23873559f2b4083f970602291e9e24326b4415d96a0c88ccdaa0bc6c0161d69e54c8a40cf3ad3a579705437624bde7cebacb28eaac92deb5d8d5045ee06b3640f125733d2e7e8718dc1f1dbfb3f10de server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 39684
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 703 B	190ms 190ms	Ping text/plain	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 78e61e4 date Fri, 21 Jun 2024 02:06:28 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240621020628A894B4CCA4984EB5D8FA-613381AC5235B2D6-00 x-cache TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=31, cdn-cache; desc=MISS, edge; dur=23, origin; dur=129 content-length 0 pragma no-cache server nginx x-tt-logid 20240621020628A894B4CCA4984EB5D8FA access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 129,2.16.119.168 x-tt-trace-host 015547b42e38dafb745eb0415774d176744c0105d68b6b03ee086538e94d8b2ba54d5101248ebbfc355a82e3668c739401a912d5e3a5853719545cb5b77de6b37f6b77c2ddef4157b423bcfd2683275cd4fa64da2b85e977275ad634f85e57bcca access-control-allow-headers Authorization,* expires Fri, 21 Jun 2024 02:06:28 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 702 B	198ms 197ms	Ping text/plain	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 78e61fc date Fri, 21 Jun 2024 02:06:28 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240621020628F864249F847480BCDC4C-3396BFA50640C5C0-00 x-cache TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=22, cdn-cache; desc=MISS, edge; dur=7, origin; dur=121 content-length 0 pragma no-cache server nginx x-tt-logid 20240621020628F864249F847480BCDC4C access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 121,2.16.119.168 x-tt-trace-host 015547b42e38dafb745eb0415774d176744c0105d68b6b03ee086538e94d8b2ba583b84ec8a670f2ac6462fe06fe4e4c0f78530d96ece6af8a1775666595917d449002e6b80647f67f1e9c3653b6ebf4f60530456b6136b7afde437575a4a4769b access-control-allow-headers Authorization,* expires Fri, 21 Jun 2024 02:06:28 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 840 B	178ms 177ms	Ping text/plain	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 6b439373.78e61fe date Fri, 21 Jun 2024 02:06:28 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240621020628A98809B54D76F59527F7-770C526BDA5805A7-00 x-cache TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 104,2.16.119.168 server-timing cdn-cache; desc=MISS, edge; dur=91, origin; dur=20, inner; dur=18 content-length 0 pragma no-cache server nginx x-tt-logid 20240621020628A98809B54D76F59527F7 x-cache-remote TCP_MISS from a23-32-16-71.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 20,23.32.16.71 x-tt-trace-host 015547b42e38dafb745eb0415774d17674301ea32a34b875684c3c47b3884f057b82a065f805dc5fd0eff865e66d3753fe6a454b0b376b629f625dc890f4ba570d0563d368bab8fd08abf61017b6fc40d51c5e5cf39754827796d6d27e982583b15c92ec75b987d1ee72d7f5e709ef6599 access-control-allow-headers Authorization,* expires Fri, 21 Jun 2024 02:06:28 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 0	89ms 87ms	Fetch image/gif	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221718935717812_171893615389412%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1718935588724&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22external_id%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPVlUSmhZMlk1T1RndFlqSXlPQzAwTjJZMkxXRmlObUl0TjJWaVpqWXlPVFk1WW1ZMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:28 GMT referrer-policy origin x-cdn fastly content-type image/gif access-control-allow-origin https://elfcosmetics.metricly.workers.dev pinterest-version 275429db13fe9c80de8a863bf33caf35d9136bc7 cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true x-envoy-upstream-service-time 1 alt-svc h3=":443";ma=600 x-pinterest-rid 1036453142638252 content-length 35 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	403	config Show response www8.eu.inside.chat/	4 B 380 B	107ms 61ms	XHR application/json	104.18.9.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev&sid=1&j=1 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Fri, 21 Jun 2024 02:06:28 GMT strict-transport-security max-age=31536000; includeSubdomains cf-cache-status DYNAMIC last-modified Sat, 01 Jan 2000 00:00:00 GMT server cloudflare content-type application/json; charset=UTF-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev p3p CP="insert_p3p_privacy_policy_here" cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true cf-ray 89707085ef559232-FRA alt-svc h3=":443"; ma=86400 content-length 4 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ts t.paypal.com/	42 B 631 B	353ms 226ms	Image image/gif	151.101.129.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1718935588753&g=-120&completeurl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&ru=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.35 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cache-hits 0, 0 date Fri, 21 Jun 2024 02:06:29 GMT via 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, MISS p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 5bdf04ce2dfc2 server-timing "traceparent;desc="00-00000000000000000005bdf04ce2dfc2-53348a8b443da57a-01"";content-encoding;desc="",x-cdn;desc="fastly" x-served-by cache-lhr-egll1980067-LHR, cache-mad2200095-MAD pragma no-cache correlation-id 5bdf04ce2dfc2 traceparent 00-00000000000000000005bdf04ce2dfc2-69027f7271721441-01 x-timer S1718935589.905226,VS0,VE169 vary Accept-Encoding content-type image/gif access-control-expose-headers Server-Timing cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 02:06:28 GMT
GET H2	200	runtime_6459738026535cda4232dc813c61447d.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 2 KB	131ms 64ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 03:41:51 GMT content-encoding br age 2240677 x-guploader-uploadid ABPtcPqIKFqBfm83ijWURD15GNSQLQ2E2zqL2-LaWQGli_090VuvA-iexrc7dQgTDyNSOcX1uIo x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1316 last-modified Thu, 23 May 2024 19:16:48 GMT server UploadServer etag "09512239cb2a22728ca9f8608dfc2181" x-goog-generation 1713883050962681 x-goog-hash crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 1316 accept-ranges bytes content-type text/javascript
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 840 B	189ms 187ms	Ping text/plain	92.123.12.168 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.12.168 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-12-168.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id ad90daac.78e62d2 date Fri, 21 Jun 2024 02:06:29 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406210206297035145B3B58E2BBB0A2-2FF9D72F270C9FEE-00 x-cache TCP_MISS from a2-16-119-168.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 141,2.16.119.168 server-timing cdn-cache; desc=MISS, edge; dur=108, origin; dur=41, inner; dur=33 content-length 0 pragma no-cache server nginx x-tt-logid 202406210206297035145B3B58E2BBB0A2 x-cache-remote TCP_MISS from a23-32-16-72.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 41,23.32.16.72 x-tt-trace-host 015547b42e38dafb745eb0415774d17674301ea32a34b875684c3c47b3884f057ba5dedb64fac281f41c2d28155cb3f762d570c2fdf132b935efd3433bccb968a7dededdc3100001ded45f80e26113939ed5fd554ebf97f33e9c621268f9502a225fb93900378b0b83dd364319295326c1 access-control-allow-headers Authorization,* expires Fri, 21 Jun 2024 02:06:29 GMT
GET H2	200	main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	498 KB 109 KB	20ms 17ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 01bd0485587edbcc45fa110675af95224340155e499316c48351efa913a4b4e6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 14:05:08 GMT content-encoding br age 43281 x-guploader-uploadid ACJd0NrEpMTQBipNyrPSUzBNgXDmPQLQ4vVNXsQzLpWsGwO4hgAvWfIjd8dtEwT7PA5GQGJb8LkY9Ya60w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111326 last-modified Thu, 20 Jun 2024 14:04:53 GMT server UploadServer etag "a3580b440541e883c55099f395aa5926" x-goog-generation 1718892293787562 x-goog-hash crc32c=0MdYbw==, md5=o1gLRAVB6IPFUJnzlapZJg== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 111326 accept-ranges bytes content-type text/javascript
GET H2	200	cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	49 KB 16 KB	53ms 51ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 22:11:14 GMT content-encoding gzip age 1396515 x-guploader-uploadid ABPtcPrQlCqBNqiP7F9pgRmY8x7ykYeFVQdTGe3T4PZUW1y8rcjsNpqQgIdtLlcpWQkewYnqDyTo_sEvpQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15748 last-modified Mon, 22 Apr 2024 20:59:52 GMT server UploadServer etag "1eb885454ea6bef1c9747800702959de" x-goog-generation 1713819592631797 x-goog-hash crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000,no-transform x-goog-stored-content-length 15748 accept-ranges bytes content-type text/javascript; charset=utf-8
GET H3	200	2024-06-hptile-newArrivals-hero-D-img5-min cdn.media.amplience.net/i/elfcosmetics/	31 KB 32 KB	68ms 66ms	Image image/avif	172.64.155.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=2460%203x Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.155.166 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42692dfa6661bd2e7ad2ad4465619ffa9079c20032702dd09e05bfa9fd9bd204 Security Headers Name Value X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:29 GMT cf-cache-status HIT age 6404 x-amp-srv CF edge-cache-tag aMeJeJNAj,l4p5bDg2e,5L0oRZRq0,WepA0szpz x-amp-cf-worker true edge-control max-age=86400 x-req-id FiUzWQ8hW- alt-svc h3=":443"; ma=86400 content-length 32071 x-xss-protection 1; mode=block x-amp-source-height 1040 last-modified Fri, 21 Jun 2024 00:19:45 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type image/avif access-control-allow-origin * x-amp-source-width 1440 cache-control s-maxage=86400, max-age=1800 accept-ranges bytes cf-ray 897070880a2518f9-FRA x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H3	200	token_create.js Show response ct.pinterest.com/static/ct/	4 KB 4 KB	49ms 45ms	Script application/javascript	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/static/ct/token_create.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:29 GMT x-cdn fastly age 6750 etag "19c94b308deaf8fbf050b4fca2fa21b7" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript cache-control max-age=7200 timing-allow-origin https://ct.pinterest.com alt-svc h3=":443";ma=600 content-length 4103
GET H2	200	ct.html ct.pinterest.com/ Frame 9F1A	0 0	166ms 84ms	Document text/html	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/ct.html Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443";ma=600 cache-control max-age=86400 content-encoding gzip content-length 323 content-type text/html; charset=utf-8 date Fri, 21 Jun 2024 02:06:29 GMT pinterest-version 275429db13fe9c80de8a863bf33caf35d9136bc7 referrer-policy origin x-cdn fastly x-envoy-upstream-service-time 0 x-pinterest-rid 1386825847329316
GET H2	200	cs tags.rd.linksynergy.com/ Redirect Chain https://idsync.rlcdn.com/458359.gif?partner_uid=d2d44f6e-3965-4738-82fc-34a1d9b47d2a https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGQyZDQ0ZjZlLTM5NjUtNDczOC04MmZjLTM0YTFkOWI0N2QyYRAAGg0IpsDTswYSBQjoBxAAQgBKAA https://tags.rd.linksynergy.com/cs?ns=lr&uid3=faaf41784b66fc3e158f5daa338b29fb298aab58f849755319f2bc7db5e8bb9a6ac34734d8e453ee	37 B 293 B	79ms 45ms	Image image/gif	34.98.67.3 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tags.rd.linksynergy.com/cs?ns=lr&uid3=faaf41784b66fc3e158f5daa338b29fb298aab58f849755319f2bc7db5e8bb9a6ac34734d8e453ee Protocol H2 Server 34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 3.67.98.34.bc.googleusercontent.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type image/gif date Fri, 21 Jun 2024 02:06:30 GMT via 1.1 google strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37 x-samesite secure Redirect headers date Fri, 21 Jun 2024 02:06:30 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://tags.rd.linksynergy.com/cs?ns=lr&uid3=faaf41784b66fc3e158f5daa338b29fb298aab58f849755319f2bc7db5e8bb9a6ac34734d8e453ee cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	17 KB 5 KB	16ms 15ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 16:07:15 GMT content-encoding br age 1936754 x-guploader-uploadid ABPtcPqzXTfrO2Gj4m23JDf_ZjnqDOp_v0pq7Mwv9LFMNVrx-GiWcGOFq5IUorTLW2s_nXqqBRfVdnDcSA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5089 last-modified Wed, 29 May 2024 15:57:03 GMT server UploadServer etag "2a4c802d3ec2dfc292cc9bb15ef5f45d" x-goog-generation 1714406829637644 x-goog-hash crc32c=PRHjLA==, md5=KkyALT7C38KSzJuxXvX0XQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 5089 accept-ranges bytes content-type text/javascript
GET H3	200	sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 1 KB	17ms 16ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 09:17:10 GMT content-encoding br age 1097359 x-guploader-uploadid ABPtcPqB0yNjQqfoRPNz5cdK9j8Q_lFMW0DgL1r05JbnKdsTBVh8-LsSJasEW6Goo2V4_jf_PmClUpKg5A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1303 last-modified Thu, 06 Jun 2024 18:53:46 GMT server UploadServer etag "684b816ff7fa85526ab4b729fb5f0c91" x-goog-generation 1715027704071310 x-goog-hash crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 1303 accept-ranges bytes content-type text/javascript
GET H3	200	onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	16 KB 5 KB	17ms 17ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 03:41:52 GMT content-encoding br age 2240677 x-guploader-uploadid ABPtcPp3-bY_bgdEgZmBic8IVZ5U9gJiBLPI7IL9dZHqpogEMPIEtC9oPf_dgmdd2c6ligntjVK9IVG6yg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5003 last-modified Thu, 23 May 2024 19:16:42 GMT server UploadServer etag "7ff99b6f1cea743cef749de91009e764" x-goog-generation 1713883044855037 x-goog-hash crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 5003 accept-ranges bytes content-type text/javascript
GET H/1.1	200 OK	/ Show response data.cdnbasket.net/	14 B 338 B	1632ms 121ms	XHR application/json	35.201.121.164 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://data.cdnbasket.net/ Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 35.201.121.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 164.121.201.35.bc.googleusercontent.com Software / Resource Hash a4b3ba70fe4d9dd147e3febf347153c54c0a756e1664c82b6d43046aa53d8d6a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Fri, 21 Jun 2024 02:06:31 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H/1.1	200 OK	/ Show response page.cdnbasket.net/	14 B 338 B	1699ms 121ms	XHR application/json	34.149.14.182 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://page.cdnbasket.net/ Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.14.182 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 182.14.149.34.bc.googleusercontent.com Software / Resource Hash 1e70bd3712e4b952de8a31d4b4aaeed68ed73b194458c920a10c01e972b4d304 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Fri, 21 Jun 2024 02:06:31 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H/1.1	200 OK	/ Show response view.cdnbasket.net/	14 B 338 B	1700ms 121ms	XHR application/json	35.201.77.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://view.cdnbasket.net/ Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 35.201.77.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.77.201.35.bc.googleusercontent.com Software / Resource Hash ad866638993d4d686f31b165a40d09d62b90906743c1cf36c0b5aec392640d10 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Fri, 21 Jun 2024 02:06:31 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H3	200	jquery-3.7.1.min.js Show response assets.bounceexchange.com/assets/bounce/	85 KB 30 KB	14ms 14ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 20:35:14 GMT content-encoding br age 1315876 x-guploader-uploadid ABPtcPoswj26dAGxHrBrHix8XS4xOY8l8iGVJMfAB7xadu--agrkCAnRiltV5KrEm-p7t9wMmZQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31015 last-modified Wed, 05 Jun 2024 14:18:26 GMT server UploadServer etag W/"2c872dbe60f4ba70fb85356113d8b35e" vary Accept-Encoding x-goog-generation 1717597106792405 x-goog-hash crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 87533 accept-ranges none content-type text/javascript; charset=UTF-8
GET H2	200	local_storage_frame17.min.html assets.bounceexchange.com/assets/bounce/ Frame 16A5	0 0	62ms 13ms	Document text/html	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges none access-control-allow-origin * access-control-expose-headers etag Content-Type age 2105130 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=31536000 content-encoding br content-length 938 content-type text/html; charset=UTF-8 date Mon, 27 May 2024 17:21:01 GMT etag W/"fc893948c3efc689b5b19d8a77958e23" last-modified Thu, 23 May 2024 19:16:17 GMT server UploadServer vary Accept-Encoding x-goog-generation 1716491777356321 x-goog-hash crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 2408 x-guploader-uploadid ABPtcPoZyzve3hHZrk5fDdAnL4HQ52gqSnR7MFbcG35LOI2CIxuUyfGddw0dvegI3SoiSRCTSyE
GET H2	200	c Show response ids.cdnwidget.com/	61 B 244 B	257ms 125ms	XHR application/json	2600:1901:0:56e0:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=178110216&GCS2=MTcyLjE3LjAuMTAsMTAuNS4yMTAuMzgsZmRiZjoxZDM3OmJiZTA6OjkzOjI6OjI2LGZkYmY6MWQzNzpiYmUwOjo5MzoyOjoyNg==&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22xgrfDkGcFkP3EEp%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A75%2C%22IDStageStart%22%3A75%2C%22netComplete%22%3A583%2C%22obsReqdata%22%3A1713%2C%22obsReqpage%22%3A1778%2C%22obsReqview%22%3A1779%2C%22IDStagePrefire%22%3A1779%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A2%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%222548873028729446239%22%2C%22visitid%22%3A%221718935591584393%22%7D Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:56e0:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash a2d26dc3a3a088c69d2495f5e714a6dc97c6bbcaeeb069b23b065092cca8fc79 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:32 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61
GET H2	200	init1.js Show response api.bounceexchange.com/bounce/	36 B 400 B	721ms 71ms	Script text/html	34.111.8.32 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.bounceexchange.com/bounce/init1.js?wklzs=923&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8AOATgGYBWKsgJgBYKzNgAvEKAWnzoAZMAdwCmAIxypgwgPqoAJlAb4GdTACdhOEABs4aDAQBsfPgA9eJ9cJjC1GtVGwBDbdtQIA5tLhrtUABbAwAAOOACkFACCYXQAYjGxwtowSCA4ALbCaEg4AHSZwGqoSNoAnrmCIGoA1rZ5csIAbgmYjagSwNKpINWowlBhhABCMXTawaMR0XR0gSHhdFRRMVRxK3FJKWkFxXkFRSXllTV1uQ3Ni2szMQDCo2qTy9fPdzPCpo+RRKSUhMx8FEIDEGABFsCAen0BsNRnJ5J9RosGCQSH8+HRUXQyAwGIY6MxJnRXnQ2nJPt9yNRaPgqCQmJRbqMLnQpoMRjNtCAPB5hHJZAhPjAXDhhIy3o1bNJOdzefzBcLRUTRkgnGpOgBHYClT58MV0FVq6SNFxwRUsqK6pUzHBwUTpSRSPkYDpmqZC7QivXSnl89yyBoINAwPpk65Rd2eq361WdEXAeUexXEg3xsORCOiwggvVyDyxVBqHDAAAyICcofNkUKptBrVVOAA2t7Ze4ALqwBV1wsNpqS5u+hDtjNdxsp6Sa0rtgTG7tj426YRTkcN4JqEB81fFRcdxPL1fr6QIJyZIedmeNv1FkBIaqn3fnhs2u0O2XOyTb4cP7q9GTpdcuaRV00YRAzvEVl37fl-RAoMQzA4RlzHON4L3ORgmkHBqjgFCvxjHD6xXDRGgwrCcIaGAGznE1t2ncimy5H0oPkGDUGDXkyOsSiYwwrIUO-PppFAEApVVHkd3A0RgigAQsikhsACIU3kgAaRSnCkDwqlKFTFP8YQbxAPQdP8EBMh0-c5DgFAdJFVUkH8eTW0wYJgDwEzMnBdJgjcJxkBkGBtCcDxHEafwnCgIA Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 32.8.111.34.bc.googleusercontent.com Software / Resource Hash fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:33 GMT content-encoding gzip x-envoy-decorator-operation legacy-api-tier1.legacy-api.svc.cluster.local:80/* via 1.1 google content-type text/html; charset=UTF-8 p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" x-envoy-upstream-service-time 16 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	204	cjs-logger e.cdnwidget.com/	0 100 B	775ms 127ms	Image image/png	34.102.193.48 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520NL&cookieID=&deviceID=&BXWID=4142&warpspeed=2%5EHIykD&loadID=xgrfDkGcFkP3EEp&version=1.5.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 48.193.102.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 02:06:33 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/png
POST H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 214 B	671ms 667ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1580013394.1718935588&ecid=1745424588&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL-GE&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1008852752.1718935586&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1718935587&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&_s=5&tfd=12514&richsstsse Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 21 Jun 2024 02:06:33 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn-fsly.yottaa.net

URL

https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/

Domain

pixel.pointmediatracker.com

URL

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=bea211dd-2d55-42b7-956b-092bb23f2a2c&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1009167813

Domain

edge.curalate.com

URL

https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js