Submitted URL: https://bit.ly/2TcocSV
Effective URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_s...
Submission: On August 30 via api from FI — Scanned from FI

Summary

This website contacted 46 IPs in 5 countries across 38 domains to perform 125 HTTP transactions. The main IP is 140.174.14.102, located in Frankfurt am Main, Germany and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 62739.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 8th 2022. Valid for: a year.
This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 2 44.215.33.123 14618 (AMAZON-AES)
1 18 140.174.14.102 393259 (YOTTAA-AS-1)
2 23.197.153.131 16625 (AKAMAI-AS)
13 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:225... 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
2 173.231.16.76 18450 (WEBNX)
9 151.101.129.21 54113 (FASTLY)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
2 151.101.2.133 54113 (FASTLY)
2 34.98.67.3 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:239... 16509 (AMAZON-02)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
2 4 216.58.206.38 15169 (GOOGLE)
1 54.192.87.248 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a04:4e42:600... 54113 (FASTLY)
5 95.100.135.235 20940 (AKAMAI-ASN1)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:238... 16509 (AMAZON-02)
1 2 37.252.171.21 29990 (ASN-APPNEX)
1 3.33.220.150 16509 (AMAZON-02)
3 192.229.221.25 15133 (EDGECAST)
2 151.101.193.35 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 18.66.97.14 16509 (AMAZON-02)
1 18.66.97.47 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 35.190.43.134 15169 (GOOGLE)
1 151.101.65.140 54113 (FASTLY)
3 151.101.128.84 54113 (FASTLY)
1 3.127.128.19 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
4 18.66.112.128 16509 (AMAZON-02)
1 130.35.192.4 31898 (ORACLE-BM...)
1 52.215.240.223 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
125 46
Apex Domain
Subdomains
Transfer
18 elfcosmetics.com
www.elfcosmetics.com — Cisco Umbrella Rank: 62739
1 MB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 354
167 KB
11 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2726
t.paypal.com — Cisco Umbrella Rank: 3477
234 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
9231397.fls.doubleclick.net — Cisco Umbrella Rank: 539864
10742279.fls.doubleclick.net — Cisco Umbrella Rank: 527149
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
10 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3101
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 100
2 KB
8 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 8853
st.dynamicyield.com — Cisco Umbrella Rank: 8744
async-px.dynamicyield.com — Cisco Umbrella Rank: 8668
216 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 889
1 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 745
134 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 818
1 KB
3 google.rs
www.google.rs — Cisco Umbrella Rank: 34627
671 B
3 google.fi
www.google.fi — Cisco Umbrella Rank: 34396
625 B
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2518
33 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 394
836 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
216 B
2 undertone.com
ads.undertone.com — Cisco Umbrella Rank: 6413
evt.undertone.com — Cisco Umbrella Rank: 6146
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 465
1 KB
2 jebbit.com
js.jebbit.com — Cisco Umbrella Rank: 42311
external-api.jebbit.com — Cisco Umbrella Rank: 43742
96 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
90 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 839
20 KB
2 usehero.com
cdn.usehero.com — Cisco Umbrella Rank: 44320
api.usehero.com — Cisco Umbrella Rank: 41849
29 KB
2 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 7686
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4865
702 B
2 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 4079
454 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2997
448 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
203 KB
2 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 21045
63 KB
2 socialannex.com
s2.socialannex.com
874 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 13525
716 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1553
637 B
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 590
261 B
1 cnnx.link
js.cnnx.link — Cisco Umbrella Rank: 9184
1 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1298
8 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1073
16 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 150
2 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 596
307 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 6257
12 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 7620
15 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6030
381 B
125 38
Domain Requested by
18 www.elfcosmetics.com 1 redirects s2.socialannex.com
www.elfcosmetics.com
13 cdn.cookielaw.org www.elfcosmetics.com
cdn.cookielaw.org
9 www.paypal.com www.elfcosmetics.com
www.paypal.com
www.paypalobjects.com
5 tr.snapchat.com sc-static.net
www.elfcosmetics.com
5 www.google.com 1 redirects www.elfcosmetics.com
5 analytics.tiktok.com s2.socialannex.com
analytics.tiktok.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 async-px.dynamicyield.com cdn.dynamicyield.com
4 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
3 ct.pinterest.com s.pinimg.com
www.elfcosmetics.com
3 www.google.rs www.elfcosmetics.com
3 www.google.fi www.elfcosmetics.com
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 cdn.dynamicyield.com www.elfcosmetics.com
st.dynamicyield.com
2 idsync.rlcdn.com 2 redirects
2 www.facebook.com www.elfcosmetics.com
2 adservice.google.com 9231397.fls.doubleclick.net
10742279.fls.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 t.paypal.com www.elfcosmetics.com
2 secure.adnxs.com 1 redirects www.elfcosmetics.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 10742279.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 9231397.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 sdk.iad-05.braze.com www.elfcosmetics.com
2 api.ipify.org www.elfcosmetics.com
2 www.googletagmanager.com s2.socialannex.com
www.googletagmanager.com
2 static.ordergroove.com www.elfcosmetics.com
static.ordergroove.com
2 s2.socialannex.com 1 redirects
1 tags.rd.linksynergy.com
1 api.usehero.com cdn.usehero.com
1 analytics.pangle-ads.com analytics.tiktok.com
1 external-api.jebbit.com js.jebbit.com
1 alb.reddit.com www.elfcosmetics.com
1 evt.undertone.com 9231397.fls.doubleclick.net
1 ads.undertone.com 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 insight.adsrvr.org www.elfcosmetics.com
1 js.cnnx.link www.googletagmanager.com
1 js.jebbit.com s2.socialannex.com
1 www.redditstatic.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.usehero.com www.googletagmanager.com
1 st.dynamicyield.com s2.socialannex.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 ut.rd.linksynergy.com tag.rmp.rakuten.com
1 websdk.appsflyer.com s2.socialannex.com
1 tag.rmp.rakuten.com s2.socialannex.com
1 bit.ly 1 redirects
125 50
Subject Issuer Validity Valid
*.socialannex.com
Amazon RSA 2048 M01
2023-07-19 -
2024-08-16
a year crt.sh
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-08 -
2023-10-22
a year crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2
2023-08-04 -
2024-08-17
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02
2023-02-28 -
2023-10-17
8 months crt.sh
tag.rmp.rakuten.com
GTS CA 1D4
2023-08-05 -
2023-11-03
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2023-02-07 -
2024-02-18
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-07-21 -
2024-08-20
a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-27 -
2024-07-27
a year crt.sh
*.iad-05.braze.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-07-27 -
2024-08-27
a year crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA
2023-02-13 -
2024-02-13
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
*.usehero.com
Amazon RSA 2048 M02
2023-08-28 -
2024-09-24
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
sc-static.net
Amazon RSA 2048 M02
2023-01-20 -
2024-02-18
a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-07 -
2024-08-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-08 -
2023-09-06
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-25 -
2024-02-21
6 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018
2023-07-14 -
2024-08-13
a year crt.sh
*.jebbit.com
Amazon RSA 2048 M01
2023-05-24 -
2024-06-21
a year crt.sh
js.cnnx.link
Amazon RSA 2048 M02
2023-07-11 -
2024-08-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2022-10-19 -
2023-11-19
a year crt.sh
*.google.fi
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.google.rs
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-12
a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-19 -
2023-10-15
6 months crt.sh
*.pangle-ads.com
GeoTrust TLS RSA CA G1
2023-07-28 -
2024-08-27
a year crt.sh
api.usehero.com
Amazon RSA 2048 M02
2023-02-05 -
2024-03-05
a year crt.sh

This page contains 7 frames:

Primary Page: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Frame ID: D07E25A0562DE32A0770350C8CCB4218
Requests: 109 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Frame ID: 3ABD50E7B55D8A27D63A0C2DC17AC65E
Requests: 4 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV
Frame ID: F5696C3C5E78D0D2B06BBBAECF074B00
Requests: 3 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV
Frame ID: A84D9C997D24BBB71020BF327E1CABFA
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=6bb891a8-2d89-481c-ac71-262e36fb04f8&u_sclid=1fd522bd-2e92-42bf-8f55-6b6ce326325b
Frame ID: EA5B39F0DA715CF246141FDE6CF0A948
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 3DAF7D02F3F6527A69ED24253646F7C0
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: FBB112A6212682B5CEEFDFDAEAA2AE0C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Page Not FoundBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://bit.ly/2TcocSV HTTP 301
    https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=57334... Page URL
  2. https://s2.socialannex.com/v5/service/s2_reedem_reward_crawler.php?siteID=8989981&incentiveID=3291&even... HTTP 302
    https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_re... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Page Statistics

125
Requests

94 %
HTTPS

44 %
IPv6

38
Domains

50
Subdomains

46
IPs

5
Countries

2541 kB
Transfer

9222 kB
Size

72
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2TcocSV HTTP 301
    https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175 Page URL
  2. https://s2.socialannex.com/v5/service/s2_reedem_reward_crawler.php?siteID=8989981&incentiveID=3291&eventID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175&websiteurl= HTTP 302
    https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2TcocSV HTTP 301
  • https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Request Chain 20
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=oTzgpBQJcCRa7Ruz7N8i1JYCmYIYXw4QOTloZbptpJY HTTP 303
  • https://www.elfcosmetics.com/callback?usid=32c0a82c-a132-4bab-99a5-de19885970e0&code=GzsuG3oA0glck9QnO1286nTwfWqHHtaBDp7BCtztLcA
Request Chain 34
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV HTTP 302
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV
Request Chain 35
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV
Request Chain 46
  • https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&value=0&auid=1057677244.1693382851&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=w_juZOKdLcSB7_UPme-_-A8&sscte=1&crd=CKK4sQI&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW7okfOr57eMiG4u7gyFijLt1fsz1V3NljQ&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhQVFB2U1NxRHJqeUE1OF9ZNURXbi1lOWVFYmlBUWZpcmRDazhSX2pycE5wOVEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEtVdGk1QUpFUWIwVXVlc3VnejFZMHFTUnh2RDNGdjYzQWMzR2MzTl9ZWDRhbklfa1B6eWdaY1YiEwiii-Pa9oOBAxXEwLsIHZn3D_8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&value=0&auid=1057677244.1693382851&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhQVFB2U1NxRHJqeUE1OF9ZNURXbi1lOWVFYmlBUWZpcmRDazhSX2pycE5wOVEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEtVdGk1QUpFUWIwVXVlc3VnejFZMHFTUnh2RDNGdjYzQWMzR2MzTl9ZWDRhbklfa1B6eWdaY1YiEwiii-Pa9oOBAxXEwLsIHZn3D_8&is_vtc=1&ocp_id=w_juZOKdLcSB7_UPme-_-A8&cid=CAQSKQBpAlJW8Oxy4Lcu2gbu8Z1uVUxGr1KbC8UsUmB9DohC6b0tthgYPIrr&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW-fKd_J0RLjgWXowqlMqqTcjup_cJtTNeg&random=3010884481 HTTP 302
  • https://www.google.fi/pagead/1p-conversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&value=0&auid=1057677244.1693382851&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhQVFB2U1NxRHJqeUE1OF9ZNURXbi1lOWVFYmlBUWZpcmRDazhSX2pycE5wOVEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEtVdGk1QUpFUWIwVXVlc3VnejFZMHFTUnh2RDNGdjYzQWMzR2MzTl9ZWDRhbklfa1B6eWdaY1YiEwiii-Pa9oOBAxXEwLsIHZn3D_8&is_vtc=1&ocp_id=w_juZOKdLcSB7_UPme-_-A8&cid=CAQSKQBpAlJW8Oxy4Lcu2gbu8Z1uVUxGr1KbC8UsUmB9DohC6b0tthgYPIrr&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW-fKd_J0RLjgWXowqlMqqTcjup_cJtTNeg&random=3010884481&ipr=y
Request Chain 67
  • https://ads.undertone.com/t?trackerid=7729&cb=210376229 HTTP 307
  • https://evt.undertone.com/t?trackerid=7729&cb=210376229
Request Chain 124
  • https://idsync.rlcdn.com/458359.gif?partner_uid=dbfe878d-d20b-44ab-adc8-ee9456010e52 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGRiZmU4NzhkLWQyMGItNDRhYi1hZGM4LWVlOTQ1NjAxMGU1MhAAGg0IxvG7pwYSBQjoBxAAQgBKAA HTTP 307
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=f5422aa0dc83c177edf5a0a75cfcac24110acc7176facdaf8ca74d8b17a769a66ac34734d8e453ee

125 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
s2_reedem_reward.php
s2.socialannex.com/v5/service/
Redirect Chain
  • https://bit.ly/2TcocSV
  • https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
250 B
341 B
Document
General
Full URL
https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.33.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-33-123.compute-1.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

content-length
250
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 08:07:22 GMT
server
Apache

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
272
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 08:07:21 GMT
location
https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
referrer-policy
unsafe-url
server
nginx
via
1.1 google
Primary Request ReferAfriend-ShowRafunlock
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/
Redirect Chain
  • https://s2.socialannex.com/v5/service/s2_reedem_reward_crawler.php?siteID=8989981&incentiveID=3291&eventID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175&websiteurl=
  • https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&co...
653 KB
159 KB
Document
General
Full URL
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Requested by
Host: s2.socialannex.com
URL: https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
94f4a42738c018d286e0f89f1abee84a372d2ade4a47f73a3a9d4a16faf20812

Request headers

Referer
https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
0
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 08:07:26 GMT
etag
W/"a329f-xzUHLtWxzZ2ORKmteKO8orG7oEM"
vary
Accept-Encoding
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-apigw-id
KdvNgE-bCYcFx9Q=
x-amz-cf-id
E-O4GvbkZkfiWXcgXbnH9UzbgPzymgoMdaAoj8tsS-W0__BcZbYVLQ==
x-amz-cf-pop
FRA56-P7
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
668319
x-amzn-remapped-date
Wed, 30 Aug 2023 08:07:25 GMT
x-amzn-requestid
d0329e07-f181-4e4e-9d67-a8e6df4d91d6
x-amzn-trace-id
Root=1-64eef8bc-3d1b09893a1bcc8b2462c936;Sampled=0;lineage=2b75b0e9:0
x-cache
Error from cloudfront
x-yottaa-metrics
36218cae0e31/[1831,1830,-] 36D18cae0e66/[-,1832.714]
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393076 tts/1692120030872 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os
404

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 08:07:23 GMT
location
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage= &ipm=0&inviteCode=2TcocSV
p3p
CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"
server
Apache
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a2b3b5ecaa7d5c67e5e28f9712ebcf28a592c7191e24bcde25cc5bb374cbf7b

Request headers

Referer
Origin
https://www.elfcosmetics.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a33177a1b1a44698bc85bc710dfd4a6aba8bbe329db64dbb0622c894a1c05cbd

Request headers

Referer
Origin
https://www.elfcosmetics.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
us.svg
www.elfcosmetics.com/mobify/bundle/9686/static/img/flag-icons/
9 KB
1 KB
Image
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/9686/static/img/flag-icons/us.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
2bc88bfdd5ee4cf0e7abb733a08af838fae31df3eb4a374df2e8d981e2ed93a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:26 GMT
x-amz-version-id
53PiuwkbTWkLeymGqnO3e8NRU5jYwLMj
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
119846
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/36D18cae0e66-1693259387-4293398695 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
541952
content-length
652
x-amz-meta-bundle
9686
x-yottaa-forcecache
true, true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
36218cae0e29/[439,437,-] 36D18cae0e66/[hit]
x-amz-cf-id
tawym5a7S3wNl9qxeTNZN5-tI0-FR6qrhBfgq9egs2aR2SEhVpMxnQ==
download-on-the-app-store-badge.png
www.elfcosmetics.com/mobify/bundle/9686/static/img/global/
7 KB
8 KB
Image
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/9686/static/img/global/download-on-the-app-store-badge.png
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
3ebf89e1d97e200a74d3d601875d13d715e3f13b33facf24fee5aa451012772f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:26 GMT
x-amz-version-id
XNR_JS5Z6s6.qXfD9s2hPY_TzKDRT0B2
via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
118415
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/101 si/36D18cae0e66-1693259387-4293430001 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
541952
content-length
7267
x-amz-meta-bundle
9686
x-yottaa-forcecache
true
content-type
image/png
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e46/[3,-,1693262978841] 36D18cae0e66/[hit]
x-amz-cf-id
hXqcM0KR0x6A0aHBBx1-E1fLKYJT6YcQYPY7rk6CF9gaNR-VbDklEg==
google-play-badge.png
www.elfcosmetics.com/mobify/bundle/9686/static/img/global/
6 KB
7 KB
Image
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/9686/static/img/global/google-play-badge.png
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
ecbe4874e1fffc1b68bdde370b903049a04348a826b580029690120cd771a4cd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:26 GMT
x-amz-version-id
L3omPQO23BuNGB9hI5.ig7_doPpuM2q0
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
118415
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/101 si/36D18cae0e66-1693259387-4293430002 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
541952
content-length
6569
x-amz-meta-bundle
9686
x-yottaa-forcecache
true
content-type
image/png
cache-control
public, max-age=31104000
x-yottaa-metrics
36218cae0e47/[2,-,1693262978839] 36D18cae0e66/[hit]
x-amz-cf-id
djddJLNEDeSwg5178bdS9W46zpJAPVpBNQZC1QB3WwjM7V4docCtkA==
vendor.js
www.elfcosmetics.com/mobify/bundle/9686/
2 MB
608 KB
Script
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e5e3349bfcd6a733ddb88abfe5deceec5fe31d74089b4bd0d9f840f31dfb812b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:26 GMT
x-amz-version-id
AGm.IAEgYH7nGYokQx.LgnOzFFsn7PsR
via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
117371
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/36D18cae0e66-1693259387-4293447639 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
541952
content-length
621115
x-amz-meta-bundle
9686
x-yottaa-forcecache
true
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
36218cae0e38/[36,9,-] 36D18cae0e66/[hit]
x-amz-cf-id
JLS8jzJvxmvD07wbN8Dte65avciHUqcOFBa3Z1p3E1Hy9aScCaAfzQ==
main.js
www.elfcosmetics.com/mobify/bundle/9686/
1 MB
335 KB
Script
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/9686/main.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
d6714f069164daab6d2be9ebf0fba5b12ae182501413e3bc167da85bc5099c9b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:26 GMT
x-amz-version-id
7r8.hS7iXDsRaf3xrpRo9ttUPLWjdp.N
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
117371
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/36D18cae0e66-1693259387-4293447640 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Hit from cloudfront
x-amz-meta-deploy
541952
content-length
342222
x-amz-meta-bundle
9686
x-yottaa-forcecache
true
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
36218cae0e39/[25,9,-] 36D18cae0e66/[hit]
x-amz-cf-id
2iFaWuwyw2mF1Qz0zUKnwkb1bh6AQZ3bpILyINShEyrT-XMwj9YwQg==
pages-product-list-product-list-page.js
www.elfcosmetics.com/mobify/bundle/9686/
35 KB
10 KB
Script
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/9686/pages-product-list-product-list-page.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
d2646d7880bccff2455a93e1462178ffc4f595ead98d154364633c36eae7579d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:26 GMT
x-amz-version-id
R5ukT.iaoZml.ArducPgv5JfxzRqUMAS
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
119848
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/36D18cae0e66-1693259387-4293398650 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
541952
content-length
9944
x-amz-meta-bundle
9686
x-yottaa-forcecache
true
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
36218cae0e3d/[582,579,-] 36D18cae0e66/[hit]
x-amz-cf-id
7oMPNe64M1zEL-Y9uMn-ZxWW-GmTJ_s7a20y831rUs5tSYWgDOhHQw==
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/
272 KB
57 KB
Script
General
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.153.131 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-153-131.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8dea6b2240fed7b9dccb7a71b05a27a2b41908306b12c498c2c718856568a3cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Date
Wed, 30 Aug 2023 08:07:29 GMT
Last-Modified
Mon, 22 May 2023 13:58:04 GMT
Server
Apache
ETag
"22004f-4412b-5fc48a8e49847"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57612
Expires
Wed, 30 Aug 2023 08:22:29 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/
0
0
Script
General
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7EncTFplbWDUpOxlbB9/Qg==
age
46398
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6836
x-ms-lease-status
unlocked
last-modified
Mon, 28 Aug 2023 19:30:25 GMT
server
cloudflare
etag
0x8DBA7FD3A50FE01
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
29feed4b-201e-0007-53e8-d955e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a585f1cd93b-HEL
gtm.js
www.googletagmanager.com/
405 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: s2.socialannex.com
URL: https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47ab68f07ace08d9a98d9f2b29f16f6937798527cc3570e68ea89f7fe1225813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117845
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Aug 2023 08:07:29 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/
301 KB
33 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
20c737940f47a9ac58a71de37031670b56c08413070b2a57481c26e5783ae051

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:29 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 20:53:21 GMT
server
DYCDN
age
8
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
etag
W/"d3a2e89f189463160025a77b7a87d940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
B9eJ7rLlzX5R-zznMQ4MM9EAtu9B07U_qa9ipSBc1s33dGHgv-DNHQ==
api_static.js
cdn.dynamicyield.com/api/8772046/
385 KB
111 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
6681fd5a24d9b33773e77e7f88ccfc03814f3b6807b31d344e7b2ebb65fef29d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 20:53:29 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 20:53:21 GMT
server
DYCDN
age
40441
x-amz-cf-pop
FRA60-P3
etag
W/"9292b00af3db65f59349d565c9cc51f3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
UXyRdip_aud1qT4tHXLN6IRslVnMZ7u-0v_CbCXHCI2zQmiNKTNK8w==
110221.ct.js
tag.rmp.rakuten.com/
47 KB
15 KB
Script
General
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: s2.socialannex.com
URL: https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
365198500356db69bb799e6a10daf8fe1ba5de48233828ea52640251645d647f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:29 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 30 Aug 2023 08:07:29 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
api.ipify.org/
24 B
224 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-16-76.static.webnx.com
Software
nginx/1.25.1 /
Resource Hash
16b3bc9a4dd707509fc30676fa5acb68812865a5388f973938ab744b6faae5a4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 08:07:29 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
24
Vary
Origin
Content-Type
application/json
/
api.ipify.org/
24 B
224 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-16-76.static.webnx.com
Software
nginx/1.25.1 /
Resource Hash
16b3bc9a4dd707509fc30676fa5acb68812865a5388f973938ab744b6faae5a4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 08:07:29 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
24
Vary
Origin
Content-Type
application/json
js
www.paypal.com/sdk/
385 KB
109 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a59bdcff4113cac6e36a9d4a538c2d69b69dd54ef617f96c4d512292168185f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 08:07:29 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
3488
x-cache
MISS, HIT
p3p
true
paypal-debug-id
f696959ebff9b
server-timing
"traceparent;desc="00-0000000000000000000f696959ebff9b-6d2398e61967db91-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
109708
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230089-FRA, cache-hel1410023-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f696959ebff9b-0cc07a96de79695c-01
x-timer
S1693382849.392585,VS0,VE3
etag
W/"1ac8c-GuZKzOwiiY9xvCcAX+lpQIERtok"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 1
/
websdk.appsflyer.com/
38 KB
12 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: s2.socialannex.com
URL: https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a481 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
YNGC7PCXVN28Z00Q
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=478
Accept-Ranges
bytes
X-DataStream-Cache-Status
1
Expires
Wed, 30 Aug 2023 08:15:27 GMT
callback
www.elfcosmetics.com/
Redirect Chain
  • https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
  • https://www.elfcosmetics.com/callback?usid=32c0a82c-a132-4bab-99a5-de19885970e0&code=GzsuG3oA0glck9QnO1286nTwfWqHHtaBDp7BCtztLcA
0
0
Fetch
General
Full URL
https://www.elfcosmetics.com/callback?usid=32c0a82c-a132-4bab-99a5-de19885970e0&code=GzsuG3oA0glck9QnO1286nTwfWqHHtaBDp7BCtztLcA
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:31 GMT
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
FRA56-P7
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
cc2fefcf-829c-4cb3-bfd6-e05ebb38bf19
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393159 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
KdvOkHsBiYcFT_g=
content-length
0
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-64eef8c3-1151d637478fa6057f2ba100;Sampled=0;lineage=2b75b0e9:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
36218cae0e2b/[283,279,-] 36D18cae0e66/[-,283.767]
x-amzn-remapped-date
Wed, 30 Aug 2023 08:07:31 GMT
x-amz-cf-id
ugf4ZC2gfxKR3a9vckcJynQnY4ZnPv9SiN9qd43Os0awXMrMkaP6gw==

Redirect headers

date
Wed, 30 Aug 2023 08:07:30 GMT
x-correlation-id
7feb8a5e3d6c90ef
via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
0
x-yottaa-optimizations
ob/0 si/36D18cae0e66-1693318191-9549393154 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
23736, 835113
x-ratelimit-1m-reset
29652, 29651
x-ratelimit-1m-limit
24000, 850000
vary
Accept-Encoding
location
https://www.elfcosmetics.com/callback?usid=32c0a82c-a132-4bab-99a5-de19885970e0&code=GzsuG3oA0glck9QnO1286nTwfWqHHtaBDp7BCtztLcA
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=oTzgpBQJcCRa7Ruz7N8i1JYCmYIYXw4QOTloZbptpJY
x-yottaa-metrics
36218cae0e49/[194,193,-] 36D18cae0e66/[-,195.372]
cf-ray
7feb8a5e3d6c90ef-FRA
x-amz-cf-id
rXUR0LEUDldABhmb1bbBQ5d25QrQU0M4jSKfVqGUFbKbomE7uIgPkw==
/
sdk.iad-05.braze.com/api/v3/data/
323 B
454 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
feaed7d61395f2ed0c2a6e3db3747fa5c0a97143003efeb38032ac87440a71cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type
application/json
Referer
https://www.elfcosmetics.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 30 Aug 2023 08:07:30 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
26d19602-5bca-495a-95cb-7074f880c2ec
x-served-by
cache-hel1410028-HEL
x-runtime
0.182877
etag
W/"feaed7d61395f2ed0c2a6e3db3747fa5"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
/
sdk.iad-05.braze.com/api/v3/data/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Wed, 30 Aug 2023 08:07:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hel1410028-HEL
en-us.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/
61 KB
7 KB
Script
General
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/en-us.js
Requested by
Host: static.ordergroove.com
URL: https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.153.131 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-153-131.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dfc983293c9baf693a719da3c69be679cbe8aea18c8f35a7abfef41f14800e9c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Date
Wed, 30 Aug 2023 08:07:30 GMT
Last-Modified
Mon, 22 May 2023 13:58:04 GMT
Server
Apache
ETag
"220100-f346-5fc48a8e4a017"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6295
Expires
Wed, 30 Aug 2023 08:22:30 GMT
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6b9bcb74c91a5bc3e65d864afbb35e9dfbc5d73559a7e4570177055153a189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
48066
content-md5
1+wgFCvRTUxG+08PxGwSrw==
content-length
1717
x-ms-lease-status
unlocked
last-modified
Thu, 22 Jun 2023 20:41:20 GMT
server
cloudflare
etag
0x8DB7361092FA5A0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1f67bb28-701e-008c-33a4-ca518d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a5fbd49d947-HEL
expires
Thu, 31 Aug 2023 08:07:30 GMT
jsp
ut.rd.linksynergy.com/
148 B
400 B
Script
General
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/110221.ct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
ae5d6c879dad852044f9b09b19ff5255dfdf6d00c03421a3192db405cf79549f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Wed, 30 Aug 2023 08:07:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
local
www.paypal.com/credit-presentment/experiments/ Frame 3ABD
5 KB
2 KB
Document
General
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c5c2508c58db09238de8dec40871ba8502b533d61b3497d80e2f6d7b0ab9f6ea
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
58825
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1523
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-rv/dzGq+AtXohIRdYGvIMVViq5Tmm5n1EpTlPiFO05w=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 08:07:31 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1481-22d7U60wnd3xzqoPzbI5O757IDg"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f333022885a84
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f333022885a84-9dd7b9b63cd0c654-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f333022885a84-9da030c54039ddaa-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
103, 10837
x-served-by
cache-fra-eddf8230105-FRA, cache-hel1410023-HEL
x-timer
S1693382851.159420,VS0,VE1
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/
13 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.394&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc93b6ea479232042c1f081fbfd4681eaa17820334da010312dbbe8ea28ec033
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6yCuZPtgZ/5l5vM/p3ePUPOZo/JUpQViQUIulQJDvv8/l5So' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6yCuZPtgZ/5l5vM/p3ePUPOZo/JUpQViQUIulQJDvv8/l5So' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 08:07:31 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
36660
x-cache
HIT, HIT
paypal-debug-id
f391670a7c281
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4786
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220025-FRA, cache-hel1410023-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f391670a7c281-2c932fe532c21588-01
x-timer
S1693382851.161476,VS0,VE3
etag
W/"359f-WcGsNq01/4ZPvN5sueO81rToUzw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
322, 8
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
68 B
307 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7feb8a64caa9d90e-HEL
access-control-allow-headers
Content-Type
st
st.dynamicyield.com/
114 KB
10 KB
Script
General
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=ppdbnu9fy2r5ldtj5lds1bccv6nwp8re&ref=https%3A%2F%2Fs2.socialannex.com%2F&scriptVersion=1.201.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22OTHER%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: s2.socialannex.com
URL: https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
deaf8031cae0816e146583dcde4398cb95625fb279ecd6a99cbf5bfb7f4338ac

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
gzip
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
uiACHSzYaYQC4dayQKZkdRwGedy-GOU0I1QMX6Pmi_daqVuqszu8GA==
expires
Wed, 30 Aug 2023 08:07:30 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 07:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1388
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 30 Aug 2023 09:44:23 GMT
loader.js
cdn.usehero.com/
98 KB
28 KB
Script
General
Full URL
https://cdn.usehero.com/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:bc00:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65b729622512d3c24c30cbd1a03cab9997e925a28eae9a1b8303401e5bd4fcc0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:24:21 GMT
content-encoding
gzip
via
1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 08:29:36 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
2591
x-amz-server-side-encryption
AES256
etag
W/"e88d96f6c8cb9dad9681652a8853e551"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Wh83tyCoWpdKoKOUkNkbdwmU5L2FiM3y1J3egJqAu5fOrlvZ21tISQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/?random=1693382851495&cv=11&fst=1693382851495&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&auid=1057677244.1693382851&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a28848c68b83ebf55199ff21873948f325b86f86df2431129a1991a09482dd12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1498
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/698270988/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/698270988/?random=1693382851500&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&value=0&bttype=purchase&auid=1057677244.1693382851&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3a5bc5c9313cabc248ae9083a8943e9a1ecf4a15845c63ed9f214e2f8974e641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1815
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfrien...
9231397.fls.doubleclick.net/ Frame F569
Redirect Chain
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfri...
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSit...
970 B
850 B
Document
General
Full URL
https://9231397.fls.doubleclick.net/activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
8188f66aa98862c6f92b2d5a83f74701ce9c8d275e5c5137ce2189d8435e12d5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
512
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 08:07:31 GMT
expires
Wed, 30 Aug 2023 08:07:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 08:07:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9231397.fls.doubleclick.net/activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSite...
10742279.fls.doubleclick.net/ Frame A84D
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FS...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmeti...
1 KB
783 B
Document
General
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
a21f953d768553d47f4a23aa6608f6e0bc7a6aa88619eb2ad01c9587e058dfbf
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
443
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 08:07:31 GMT
expires
Wed, 30 Aug 2023 08:07:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 08:07:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/?random=1693382851551&cv=11&fst=1693382851551&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&auid=1057677244.1693382851&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
650421fa3310d691c3511c9d52a61d7711b5d433d221fde1a129312287dc6343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1523
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1693382851552&cv=11&fst=1693382851552&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&auid=1057677244.1693382851&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff869c847a28fa62d99e79d3d6cc86a623ae92c632ddb212f06c4010fbdfafbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1525
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
scevent.min.js
sc-static.net/
37 KB
16 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.87.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-87-248.ams50.r.cloudfront.net
Software
CloudFront /
Resource Hash
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
gzip
via
1.1 52102486f97ad6ff39f81538f01349aa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16388
x-amz-cf-id
JW4ruCxU6adlV-MpVRQZE_d6kgDskfxVK87u9D-Kn4eIeRZuEfRL4A==
core.js
s.pinimg.com/ct/
3 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8b998ceafb18daf4b9c2e9e31e014ec2e1ea49b716a1cf389b98e7d826b6b3fb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"441fc4ff1b1b99cbd1fc8db8b5bfe454"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1470
fbevents.js
connect.facebook.net/en_US/
193 KB
52 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 08:07:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
vWqHsDWAOIV3GUz+mMLwG+aYLHs/adcCDVB1O5zBkcxjfWaCeT7ce7AsWGW7/p8vFAiA+ZXXybAG9iPlBRoXqw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/
23 KB
8 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
events.js
analytics.tiktok.com/i18n/pixel/
4 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by
Host: s2.socialannex.com
URL: https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2283cf9e8800418e59682f1cfcf8113f389e96378855b44bed1c60e670e1114

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id
309d9f20.3995ab7
date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a95-100-135-231.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
92,95.100.135.231
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=3
content-length
1635
pragma
no-cache
server
nginx
x-tt-logid
2023083008073264724CDBBADAF2E44052
x-cache-remote
TCP_MISS from a23-220-105-133.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.220.105.133
x-tt-trace-host
0113d5755b2469e7ac79ab19311967c582591e3af1787ef6fead516634cf2209e0ea6043799204388bed6d71b27abd289988061df2963a538bda3f04f9c3366d49d89d4227addcc5d38cd1aab31d64086d7920b8493779b084501f07c6d8da77613d0ccd029006b204507fc6ee7a22b510
expires
Wed, 30 Aug 2023 08:07:32 GMT
widget.js
js.jebbit.com/companion/v1/
95 KB
96 KB
Script
General
Full URL
https://js.jebbit.com/companion/v1/widget.js
Requested by
Host: s2.socialannex.com
URL: https://s2.socialannex.com/v5/service/s2_reedem_reward.php?siteID=8989981&incentiveID=3291&userID=5733432&statID=50512285&serviceID=2&socialType=14&puID=14074175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfe3336c47d7719ee457546aafc04eb7650b20339b80df5d45828707c4e03da2

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 19:42:02 GMT
x-amz-version-id
J2wzRvCGTqFD_0yijOeEXxmM6TccdwDt
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jul 2023 16:37:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
44731
etag
"b834f59b90c341a5fcabe34f783c85c0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
97712
x-amz-cf-id
71VbkQXuCMxCqL8XHF-zMJHQtmCxNoSG-FGuWbtuF1Ltqbum413QdQ==
cnxtag-min.js
js.cnnx.link/roi/
2 KB
1 KB
Script
General
Full URL
https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:3600:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:58:03 GMT
via
1.1 google, 1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
AMS1-P1
age
569
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=600
x-amz-cf-id
aS3GEgq7sYex1VeIGKye7sqYl9a1xg-A43gZEuNxDs34u0D5TIVrcw==
js
www.googletagmanager.com/gtag/
265 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
358e89cc24998de189516aa6b29ed7cf75f32603798d1b3984a57ac474a9b4dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89578
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 08:07:31 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
43 B
844 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
an-x-request-uuid
05b210c4-ca42-4602-9ab6-3780cb141dd2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.212.149.206; 185.212.149.206; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:31 GMT
an-x-request-uuid
326717e9-f66c-478b-9213-9e48e5cd9cc8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
185.212.149.206; 185.212.149.206; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
js
www.paypal.com/sdk/ Frame 3ABD
385 KB
108 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a59bdcff4113cac6e36a9d4a538c2d69b69dd54ef617f96c4d512292168185f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vfQVJuBqNlcNkESOO6K5dVudhJ8D0+na6K0OGXqth9rmZmoi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 08:07:31 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
3490
x-cache
MISS, HIT
p3p
true
paypal-debug-id
f696959ebff9b
server-timing
"traceparent;desc="00-0000000000000000000f696959ebff9b-6d2398e61967db91-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
109708
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230089-FRA, cache-hel1410023-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f696959ebff9b-0cc07a96de79695c-01
x-timer
S1693382852.631410,VS0,VE1
etag
W/"1ac8c-GuZKzOwiiY9xvCcAX+lpQIERtok"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 2
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202306.1.0/
404 KB
98 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XJk1ZZTljtwHFT3qcIJg+w==
age
55813
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99599
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:36 GMT
server
cloudflare
etag
0x8DB82A15D413626
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7a75efb1-601e-0081-6c94-b47ab1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a66c9a0d93b-HEL
muse.js
www.paypalobjects.com/muse/
55 KB
17 KB
Script
General
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.394&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6AB) /
Resource Hash
a809a1bbc7930fd08bb2bec3444442b2b2b90b2e9667626258c94ae674d1e362
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
8f2e7fa11dc39
dc
ccg11-origin-www-1.paypal.com
content-length
16532
last-modified
Thu, 17 Aug 2023 18:18:25 GMT
server
ECAcc (ska/F6AB)
traceparent
00-00000000000000000008f2e7fa11dc39-0e92e47921548e43-01
etag
"64de6471-dad6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 30 Aug 2023 09:07:32 GMT
ts
t.paypal.com/
42 B
845 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Page%20Not%20Found&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1693382851639&g=-180&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ru=https%3A%2F%2Fs2.socialannex.com%2F
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Wed, 30 Aug 2023 08:07:32 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
c11fa73771fd0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230059-FRA, cache-hel1410022-HEL
pragma
no-cache
correlation-id
c11fa73771fd0
traceparent
00-0000000000000000000c11fa73771fd0-ca55ae5dd166f218-01
x-timer
S1693382852.987778,VS0,VE176
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 08:07:32 GMT
token
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/
2 KB
2 KB
Fetch
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
3307b5d4260d36fc13f1f0610cdd2be5ad8bd44dcd3c48fcfddba0830277fa21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
accept-language
fi-FI,fi;q=0.9
x-pwa-request
true
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-correlation-id
7feb8a677e039954
cf-cache-status
DYNAMIC
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
0
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393164 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
pragma
no-cache
x-ratelimit-1m-remaining
23719, 834348
x-ratelimit-1m-reset
27992, 27992
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
24000, 850000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics
36218cae0e2e/[371,370,-] 36D18cae0e66/[-,372.609]
cf-ray
7feb8a677e039954-FRA
x-amz-cf-id
IJzvJdNAUMSpVxGsY_RSXZMpM7PJYgjhJoH4B-bN00uec1n9BBoyhQ==
hash
www.paypal.com/credit-presentment/experiments/ Frame 3ABD
40 B
2 KB
Fetch
General
Full URL
https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_dd2c2d0c9d_mdg6mdc6mze
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa2f78b0791f4ce292aa0ee0e8bddb6c6d33b2aab2b025cf950b3180ecacbfd0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=false&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.46.1&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS, MISS
paypal-debug-id
f334015ceb4aa
server-timing
"traceparent;desc="00-0000000000000000000f334015ceb4aa-c8629f2fa5f50046-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
58
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230055-FRA, cache-hel1410023-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f334015ceb4aa-e49c08f02e464d94-01
x-timer
S1693382852.823515,VS0,VE221
etag
W/"28-yMFojxi3MjQc0bTTU4Sm1TCfOq0"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
collect
region1.analytics.google.com/g/
0
248 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je38s0&_p=1290356702&_gaz=1&cid=554918221.1693382852&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693382851&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&dr=https%3A%2F%2Fs2.socialannex.com%2F&dt=Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZLYXLXNDL8&cid=554918221.1693382852&gtm=45je38s0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/
42 B
408 B
Image
General
Full URL
https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZLYXLXNDL8&cid=554918221.1693382852&gtm=45je38s0&aip=1&z=511566055
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b2d27d23-fa7f-4410-9fdc-6365e7c0c74f/
183 KB
31 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b2d27d23-fa7f-4410-9fdc-6365e7c0c74f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd48a88ce5fbe99c8bfd145666d73c97bccb433812d328232a99ec867e33012d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
48067
content-md5
8biA3+fGcq863HYjw1RKrg==
content-length
31934
x-ms-lease-status
unlocked
last-modified
Thu, 22 Jun 2023 20:41:20 GMT
server
cloudflare
etag
0x8DB73610964DE9B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
19bd2d4f-801e-0021-1ca4-ca1df8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a68bf34d947-HEL
expires
Thu, 31 Aug 2023 08:07:31 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame 3ABD
0
0

/
www.google.com/pagead/1p-user-list/10812184462/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10812184462/?random=1693382851495&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&frm=0&tiba=Page%20Not%20Found&fmt=3&is_vtc=1&random=2186957078&rmt_tld=0&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.rs/pagead/1p-user-list/10812184462/
42 B
108 B
Image
General
Full URL
https://www.google.rs/pagead/1p-user-list/10812184462/?random=1693382851495&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&frm=0&tiba=Page%20Not%20Found&fmt=3&is_vtc=1&random=2186957078&rmt_tld=1&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1290356702&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&dr=https%3A%2F%2Fs2.socialannex.com%2F&dp=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ul=en-us&de=UTF-8&dt=Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACgAI~&jid=732431671&gjid=698741081&cid=554918221.1693382852&tid=UA-432816-1&_gid=716126161.1693382852&_r=1&_slc=1&gtm=45He38s0n81WL3STMX&z=2144562816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/698270988/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/698270988/?random=1693382851552&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&frm=0&tiba=Page%20Not%20Found&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&random=4011856654&rmt_tld=0&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.rs/pagead/1p-user-list/698270988/
42 B
455 B
Image
General
Full URL
https://www.google.rs/pagead/1p-user-list/698270988/?random=1693382851552&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&frm=0&tiba=Page%20Not%20Found&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&random=4011856654&rmt_tld=1&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/865242110/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/865242110/?random=1693382851551&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&frm=0&tiba=Page%20Not%20Found&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&random=3048875138&rmt_tld=0&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.rs/pagead/1p-user-list/865242110/
42 B
108 B
Image
General
Full URL
https://www.google.rs/pagead/1p-user-list/865242110/?random=1693382851551&cv=11&fst=1693382400000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&frm=0&tiba=Page%20Not%20Found&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&random=3048875138&rmt_tld=1&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fi/pagead/1p-conversion/698270988/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon...
  • https://www.google.fi/pagead/1p-conversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%...
42 B
154 B
Image
General
Full URL
https://www.google.fi/pagead/1p-conversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&value=0&auid=1057677244.1693382851&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhQVFB2U1NxRHJqeUE1OF9ZNURXbi1lOWVFYmlBUWZpcmRDazhSX2pycE5wOVEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEtVdGk1QUpFUWIwVXVlc3VnejFZMHFTUnh2RDNGdjYzQWMzR2MzTl9ZWDRhbklfa1B6eWdaY1YiEwiii-Pa9oOBAxXEwLsIHZn3D_8&is_vtc=1&ocp_id=w_juZOKdLcSB7_UPme-_-A8&cid=CAQSKQBpAlJW8Oxy4Lcu2gbu8Z1uVUxGr1KbC8UsUmB9DohC6b0tthgYPIrr&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW-fKd_J0RLjgWXowqlMqqTcjup_cJtTNeg&random=3010884481&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.fi/pagead/1p-conversion/698270988/?random=1497058584&cv=11&fst=1693382851500&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ref=https%3A%2F%2Fs2.socialannex.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found&value=0&auid=1057677244.1693382851&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhQVFB2U1NxRHJqeUE1OF9ZNURXbi1lOWVFYmlBUWZpcmRDazhSX2pycE5wOVEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEtVdGk1QUpFUWIwVXVlc3VnejFZMHFTUnh2RDNGdjYzQWMzR2MzTl9ZWDRhbklfa1B6eWdaY1YiEwiii-Pa9oOBAxXEwLsIHZn3D_8&is_vtc=1&ocp_id=w_juZOKdLcSB7_UPme-_-A8&cid=CAQSKQBpAlJW8Oxy4Lcu2gbu8Z1uVUxGr1KbC8UsUmB9DohC6b0tthgYPIrr&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW-fKd_J0RLjgWXowqlMqqTcjup_cJtTNeg&random=3010884481&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
evt.undertone.com/ Frame F569
Redirect Chain
  • https://ads.undertone.com/t?trackerid=7729&cb=210376229
  • https://evt.undertone.com/t?trackerid=7729&cb=210376229
0
698 B
Image
General
Full URL
https://evt.undertone.com/t?trackerid=7729&cb=210376229
Requested by
Host: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV?
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9231397.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:33 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://9231397.fls.doubleclick.net/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
zYvpSubVF5P6SXtCY3UwOmChwd99BvoFedvd0MQzg6NHXiUmddKMEA==
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 08:07:31 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
location
https://evt.undertone.com/t?trackerid=7729&cb=210376229
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
enhbbe4pSvC7S8zx8gwfpAsK9FkgCkSeLVLLQvyzrv6lOyZBV-T1KA==
dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=*;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;...
adservice.google.com/ddm/fls/z/ Frame F569
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=*;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV
Requested by
Host: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;dc_pre=CKny5Nr2g4EDFThHHgIdMXACLA;src=9231397;type=retarget;cat=globa0;ord=5817176466142;auiddc=1057677244.1693382851;u6=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock;u10=undefined;u12=undefined;u8=undefined;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9231397.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.916e7af4.js
s.pinimg.com/ct/lib/
63 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.916e7af4.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f09d5b3a086fb5870fae1bdcbba5f967c882a91d3181131e85f5dcfa5cf462ce

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"a9e98da758811a7fd437314975ab9534"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18185
c69c204f-fba0-4685-aea8-ad32f799fa5d.js
tr.snapchat.com/config/com/
173 B
453 B
Script
General
Full URL
https://tr.snapchat.com/config/com/c69c204f-fba0-4685-aea8-ad32f799fa5d.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
a60abbed8fd8f8ee509654796918b2200e134397c46f3a7ea4854c443d997bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
Origin
https://www.elfcosmetics.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://www.elfcosmetics.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
i
tr.snapchat.com/cm/ Frame EA5B
0
201 B
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=6bb891a8-2d89-481c-ac71-262e36fb04f8&u_sclid=1fd522bd-2e92-42bf-8f55-6b6ce326325b
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 30 Aug 2023 08:07:32 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
1638306756445368
connect.facebook.net/signals/config/
148 KB
38 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1638306756445368?v=2.9.125&r=stable&domain=www.elfcosmetics.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5fb91b1c7d8892b0f3d8b699885ca8201e08761edd3b16b0f1ea11891477eaf7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 08:07:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Xq8IQ3wE40386d5PvKHZniGnp5IfcXoYE5GjbkROpqV9X6dnQYalUW30DAl6wv8OgSGQ5JQ/FDME1/K28pkhWA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
dy-coll-min.js
cdn.dynamicyield.com/scripts/1.201.0/
199 KB
62 KB
Script
General
Full URL
https://cdn.dynamicyield.com/scripts/1.201.0/dy-coll-min.js
Requested by
Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=ppdbnu9fy2r5ldtj5lds1bccv6nwp8re&ref=https%3A%2F%2Fs2.socialannex.com%2F&scriptVersion=1.201.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22OTHER%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
9ae88938b6da3a03908b7def279f7245fb73a060224661f35014e19913b30c14

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 06:59:44 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified
Tue, 22 Aug 2023 16:37:56 GMT
server
DYCDN
age
263269
x-amz-cf-pop
FRA60-P3
etag
W/"51120bfcadca0ca69ceb7b448176bbd5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
hXyjmLuhbDdX-aaWpJ-O7uK2I7D8B_embdOVFBbub0Up0ppHiRYPMA==
rp.gif
alb.reddit.com/
42 B
637 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1693382852039&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=f8a66269-4566-45db-98e7-5aace82f29f0&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
otFlat.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5mNZducabMgxSDzBo+ZI8w==
age
48068
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:30 GMT
server
cloudflare
etag
0x8DB82A159AF8EA6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4e0f40c1-301e-0056-1146-cac86c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a6988d8d947-HEL
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/
61 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sXFDxCJwbPEMIT/8f5Prwg==
age
48068
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:33 GMT
server
cloudflare
etag
0x8DB82A15AFF8646
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4692622c-401e-0097-60d5-ca6f8e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a6988dad947-HEL
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
v0pzgeeelPwcAOki15i3HA==
age
48068
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1766
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:32 GMT
server
cloudflare
etag
0x8DB82A15AB9FB83
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
59e19058-701e-0078-25a4-ca9a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a6988dbd947-HEL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
48068
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
19fde72f-101e-009a-0146-caa75a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7feb8a6988dcd947-HEL
dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferA...
adservice.google.com/ddm/fls/z/ Frame A84D
42 B
107 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV
Requested by
Host: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;dc_pre=CNik6tr2g4EDFaRIHgIdlEwG9g;src=10742279;type=elf8j0;cat=glo_flap;ord=8677104753405;auiddc=1057677244.1693382851;u1=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://10742279.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-432816-1&cid=554918221.1693382852&jid=732431671&gjid=698741081&_gid=716126161.1693382852&_u=YADAAEAAAAAAACgAI~&z=1749366996
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 30 Aug 2023 08:07:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 3DAF
55 KB
16 KB
Document
General
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F764) /
Resource Hash
6f0c358d27c999e8e496a45ddb195f408565fc8fda4b5810ead872b80abdc76e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16723
content-type
text/html
date
Wed, 30 Aug 2023 08:07:32 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64de6471-da89+gzip"
expires
Wed, 30 Aug 2023 09:07:32 GMT
last-modified
Thu, 17 Aug 2023 18:18:25 GMT
paypal-debug-id
553da9312845c
server
ECAcc (ska/F764)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000553da9312845c-f869846674c1936a-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
/
ct.pinterest.com/user/
562 B
813 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1693382852322&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.916e7af4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1194125037148054
content-length
385
pin-unauth
dWlkPU56ZGtaRFF5WVRZdFpXTmpZaTAwWTJWaExXRTFNekV0TWpWaVkySTFZalJqWkRrdw
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
796d488617a6325824b76ecd1b4e021dc0b90ee8
expires
Sat, 01 Jan 2000 00:00:00 GMT
87d7470d-5eca-40fd-b20b-81f428f76d64
https://www.elfcosmetics.com/
57 KB
0
Stylesheet
General
Full URL
blob:https://www.elfcosmetics.com/87d7470d-5eca-40fd-b20b-81f428f76d64
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b55f781a91080be3aedaf883d0fa79ea703f14c5e1188bddccbb7902ae2d6793

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
58235
Content-Type
text/css
launcher_configs
external-api.jebbit.com/moments/v2/
2 B
448 B
XHR
General
Full URL
https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRm9uJTJGZGVtYW5kd2FyZS5zdG9yZSUyRlNpdGVzLWVsZi11cy1TaXRlJTJGZW5fVVMlMkZSZWZlckFmcmllbmQtU2hvd1JhZnVubG9jayUzRnMyX3Jld2FyZF9jb2RlJTNEcmVmZXJyYWxfc3RhdHVzZXMlMjZzdGF0SUQlM0Q1MDUxMjI4NSUyNnNpdGVJRCUzRDg5ODk5ODElMjZpbmNlbnRpdmVJRCUzRDMyOTElMjZzb2NpYWxUeXBlJTNEMTQlMjZjb3Vwb25Db2RlSW5EaXYlM0QwJTI2bGFuZGluZ3BhZ2UlM0QlMjUyMCUyNmlwbSUzRDAlMjZpbnZpdGVDb2RlJTNEMlRjb2NTVg==&completedLightboxCampaigns=W10=&jebbitCookies=
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.128.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-128-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options
noopen
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
0
noop.js
www.paypalobjects.com/muse/ Frame 3DAF
18 B
209 B
Fetch
General
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7B2F) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
ad506e39ee41a
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (laa/7B2F)
traceparent
00-0000000000000000000ad506e39ee41a-61c598fe497c6937-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 30 Aug 2023 08:07:31 GMT
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
624 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
55823
x-ms-lease-status
unlocked
last-modified
Tue, 29 Aug 2023 02:06:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bef6c8ca-701e-0035-6646-da5597000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7feb8a6b8999d93b-HEL
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
515 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
57120
x-ms-lease-status
unlocked
last-modified
Tue, 29 Aug 2023 02:06:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
212582ad-801e-0043-4257-dadfdf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7feb8a6bbd11d947-HEL
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
66604
content-length
4036
x-ms-lease-status
unlocked
last-modified
Tue, 29 Aug 2023 02:06:08 GMT
server
cloudflare
etag
0x8DBA834827B55C0
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
be66712d-301e-000b-481e-dac2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7feb8a6c2a6dd93b-HEL
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 08:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
38792
x-ms-lease-status
unlocked
last-modified
Tue, 29 Aug 2023 02:06:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
537eabf3-c01e-0020-19a3-da4224000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7feb8a6c2a6fd93b-HEL
main.MTE4Nzk5OTU3MQ.js
analytics.tiktok.com/i18n/pixel/static/
381 KB
100 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
83905d8eee9b97d22596d076c779d85f741275f64542f9def2c9d86027cada5e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id
3995c07
date
Wed, 30 Aug 2023 08:07:32 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202308241301450B5CD7CB1735B6297AA3
vary
Accept-Encoding
x-cache
TCP_HIT from a95-100-135-231.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d22ff31b552dc1a0048b741361282635bbcada0e24e96cb504144b443d38ef7023a28e0546c78943f4b296c4944c94f777a3e06e2586d1aa028aa01768a551e4a9760f81ce72d09aea06a853f3e3a715e530719559bf3a319dfa7d2f580b593d
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
101573
sessions
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/
0
1 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
accept-language
fi-FI,fi;q=0.9
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjMyYzBhODJjLWExMzItNGJhYi05OWE1LWRlMTk4ODU5NzBlMCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MzM4MjgyMiwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrWGhIa2VjMmtLa1J3cmNYa0dZWXdLZEc6OmNoaWQ6ICIsImV4cCI6MTY5MzM4NDY1MiwiaWF0IjoxNjkzMzgyODUyLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTc0NjgxMTYzNTY4NTI3In0.TcLENxtkmPKYjVimJRIQAGl_N0WHCd7BSRrnXbZjma7R1dvQjnKuNrTZ5Gb1FA_XCXgIsWO7g13wryNoofA4_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:32 GMT
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA56-P7
age
0
x-yottaa-optimizations
ob/0 si/36D18cae0e66-1693318191-9549393172 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
36218cae0e33/[170,170,-] 36D18cae0e66/[-,171.509]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges
bytes
cf-ray
7feb8a6cca163615-FRA
x-dw-request-base-id
6-37OMX47mQBAAB_
x-amz-cf-id
Ln5SQ2F3J2bKykpG49U_3zaEcq4Z5AkVNB1-WW8WTA_cx7NtLZJAwQ==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
www.elfcosmetics.com/api/v1/
100 B
996 B
XHR
General
Full URL
https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
eab7c33a15831e1749a466cb95660f0b34a75cbc1cee5f8678f067d5743df582

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
accept-language
fi-FI,fi;q=0.9
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjMyYzBhODJjLWExMzItNGJhYi05OWE1LWRlMTk4ODU5NzBlMCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MzM4MjgyMiwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrWGhIa2VjMmtLa1J3cmNYa0dZWXdLZEc6OmNoaWQ6ICIsImV4cCI6MTY5MzM4NDY1MiwiaWF0IjoxNjkzMzgyODUyLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTc0NjgxMTYzNTY4NTI3In0.TcLENxtkmPKYjVimJRIQAGl_N0WHCd7BSRrnXbZjma7R1dvQjnKuNrTZ5Gb1FA_XCXgIsWO7g13wryNoofA4_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 08:07:33 GMT
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amzn-remapped-content-length
100
x-amz-cf-pop
FRA56-P7
age
0
x-amzn-remapped-connection
close
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393173 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid
c9f765e2-1667-4f38-afce-190da76b232f
x-cache
Miss from cloudfront
x-amz-apigw-id
KdvOzFwpCYcF_Qg=
content-length
104
etag
W/"64-6UjGOIbpLdrZGhopICyZAgvinc0"
x-amzn-trace-id
Root=1-64eef8c4-159b87a05962f862014c93e9;Sampled=0;lineage=2b75b0e9:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
36218cae0e34/[768,766,-] 36D18cae0e66/[-,768.942]
x-amzn-remapped-date
Wed, 30 Aug 2023 08:07:33 GMT
x-amz-cf-id
bmEbbw1be1FDztd8h9vhFHrGZqgVZzbwsUbGfx5yYY1GeNcnnFeGTg==
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/
193 B
1 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=185.212.149.206
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e99702694d172e907e2d62c8b695d3dd9890d174a618910cbe093c0f020ebfa8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
fi-FI,fi;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 08:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
0
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393179 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=185.212.149.206
x-yottaa-metrics
36218cae0e38/[265,264,-] 36D18cae0e66/[-,266.650]
cf-ray
7feb8a6e78525c2c-FRA
x-dw-request-base-id
6-0AOcX47mQBAAB_
x-amz-cf-id
xdL46rJZvmqPHrVyze1-KYWLwqiBi8dnvPWEAzfB_NkMLSTV8ee9oA==
geo-ip
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/
193 B
1 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=185.212.149.206
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
e99702694d172e907e2d62c8b695d3dd9890d174a618910cbe093c0f020ebfa8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
fi-FI,fi;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 08:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
0
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393180 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=185.212.149.206
x-yottaa-metrics
36218cae0e3a/[252,251,-] 36D18cae0e66/[-,253.813]
cf-ray
7feb8a6ea9fa4d7a-FRA
x-dw-request-base-id
8UUTXcX47mQBAAB_
x-amz-cf-id
A0Z1OOEOPcvUtX8lK7I7qp6vbGSe0KibJn-DAX_kR4pUD2URY8FGRA==
baskets
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkXhHkec2kKkRwrcXkGYYwKdG/
16 B
1 KB
Fetch
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkXhHkec2kKkRwrcXkGYYwKdG/baskets?siteId=elf-us
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
45a53939b0fa7df06e02e10297440c1001e71bd0b645a645bb03b414819cb0ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
accept-language
fi-FI,fi;q=0.9
x-pwa-request
true
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjMyYzBhODJjLWExMzItNGJhYi05OWE1LWRlMTk4ODU5NzBlMCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MzM4MjgyMiwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrWGhIa2VjMmtLa1J3cmNYa0dZWXdLZEc6OmNoaWQ6ICIsImV4cCI6MTY5MzM4NDY1MiwiaWF0IjoxNjkzMzgyODUyLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTc0NjgxMTYzNTY4NTI3In0.TcLENxtkmPKYjVimJRIQAGl_N0WHCd7BSRrnXbZjma7R1dvQjnKuNrTZ5Gb1FA_XCXgIsWO7g13wryNoofA4_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
x-correlation-id
7feb8a6e8bac0414
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393181 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
age
0
content-length
42
x-xss-protection
1; mode=block
vary
Accept-Encoding
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
x-frame-options
SAMEORIGIN
x-yottaa-metrics
36218cae0e39/[429,427,-] 36D18cae0e66/[-,430.091]
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abkXhHkec2kKkRwrcXkGYYwKdG/baskets?siteId=elf-us
x-ratelimit-remaining
4591
x-ratelimit-limit
4600
accept-ranges
bytes
cf-ray
7feb8a6e8bac0414-FRA
x-amz-cf-id
MTJKSuDBjh_ShssVkmVYf3zUgvBp6QOeuCGPvwfT36L7Z4_dT3laSQ==
x-yottaa-os
200
/
ct.pinterest.com/v3/
35 B
184 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV%22%2C%22ref%22%3A%22https%3A%2F%2Fs2.socialannex.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22916e7af4%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1693382852788
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
796d488617a6325824b76ecd1b4e021dc0b90ee8
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
8947119662626117
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=554918221.1693382852&jid=732431671&_u=YADAAEAAAAAAACgAI~&z=1573781816
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/
42 B
63 B
Image
General
Full URL
https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=554918221.1693382852&jid=732431671&_u=YADAAEAAAAAAACgAI~&z=1573781816
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&rl=https%3A%2F%2Fs2.socialannex.com%2F&if=false&ts=1693382852868&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1693382852858.2083691840&ic=fbpixel&it=1693382852023&coo=false&tm=1&rqm=GET
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Aug 2023 08:07:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ts
t.paypal.com/
42 B
540 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Page%20Not%20Found&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1693382852902&g=-180&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Wed, 30 Aug 2023 08:07:33 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
d15121cf4190b
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230027-FRA, cache-hel1410022-HEL
pragma
no-cache
correlation-id
d15121cf4190b
traceparent
00-0000000000000000000d15121cf4190b-5e0a9d97c591de2b-01
x-timer
S1693382853.966310,VS0,VE179
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 08:07:33 GMT
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=269725&uid=-1355583241332000573&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=6fc295b1ac629d283b37b61a6381cb5e&expSes=92952&aud=1092373.1167402.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799443&expVisitId=-7937800203335026200&mech=1&smech=null&eri=1&tsrc=Referral&reqts=1693382851966&rri=9201116
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.201.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:33 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
18qMwpGqhXk_--XpBxT0kEiCETe46yQVEnPjzOFNNoDnGHafol0uVA==
expires
0
var
async-px.dynamicyield.com/
0
0
Fetch
General
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=788304&uid=-1355583241332000573&sec=8772046&t=ri&e=1529559&p=1&ve=12422200&va=%5B28047498%5D&ses=6fc295b1ac629d283b37b61a6381cb5e&expSes=92952&aud=1092373.1167402.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799443&expVisitId=-7937800203824233057&mech=1&smech=null&eri=1&tsrc=Referral&reqts=1693382851969&rri=9467294
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.201.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:33 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
WraoSl1CIXS76vamyZ9htBWas3nWKwaYgRLRPD7r_Hzl2AbMJk3jJQ==
expires
0
uia
async-px.dynamicyield.com/
0
383 B
XHR
General
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1693382852976
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.201.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:33 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
AN9GHCK0xHIbCIeE2CZHyw99br1e2RDse5T8hKUawwAL7hK8OzCRKw==
expires
0
p
tr.snapchat.com/
68 B
308 B
Image
General
Full URL
https://tr.snapchat.com/p?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&bt=1d53c387&if=false&d_bvs=%5B%5D&huah=true&m_dcl=4499&m_df=true&m_dv=true&m_fcps=4318&m_pi=4499&m_pl=0&m_pv=2&m_rd=10725&m_sl=0&m_sh=1200&m_sw=1600&rf=https%3A%2F%2Fs2.socialannex.com%2F&trackId=f753e593-3ca4-4416-b5c1-deea932f4a59&ts=1693382853006&u_c1=922a32b2-5862-4fff-a5f4-c857b5fe17e1&u_sclid=1fd522bd-2e92-42bf-8f55-6b6ce326325b&u_scsid=6bb891a8-2d89-481c-ac71-262e36fb04f8&v=3.1.6-2308252137
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
batch
async-px.dynamicyield.com/
0
385 B
Ping
General
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1693382853015_90321
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.201.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-128.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 08:07:33 GMT
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
x-amz-cf-id
7xP0EQOneBnZ6P3ExBNYFPgCNMbl8Mwq0laCBDEPhUlTLr-tNa2NGw==
expires
0
graphql
www.paypal.com/targeting/ Frame 3DAF
435 B
3 KB
Fetch
General
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
affb59fb3ba839c3752ff768318f09f411330a88efa0628d30ff4e4b3586c10b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-eVjH2p/LwvV9CJOOPqqilhbB8ruADKLw/sMCsVA604LJlT1D' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-eVjH2p/LwvV9CJOOPqqilhbB8ruADKLw/sMCsVA604LJlT1D' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 08:07:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f4290268ed556
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220077-FRA, cache-hel1410023-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f4290268ed556-eea82dc5546425c4-01
x-timer
S1693382853.493566,VS0,VE272
etag
W/"1b3-ZzVLyVsODqZ8jh6wmgzGBe4J9OA"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 30 Aug 2023 08:07:33 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f4290263f98f9
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f4290263f98f9-e4de1cb1c1a4cd79-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-eddf8230055-FRA, cache-hel1410025-HEL
x-timer
S1693382853.223710,VS0,VE223
hm
tr.snapchat.com/
68 B
88 B
Ping
General
Full URL
https://tr.snapchat.com/hm
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Aug 2023 08:07:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ Frame
0
0
Preflight
General
Full URL
https://tr.snapchat.com/hm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://www.elfcosmetics.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 30 Aug 2023 08:07:32 GMT
server
API Gateway
via
1.1 google
identify_7de69.js
analytics.tiktok.com/i18n/pixel/static/
114 KB
30 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7de69.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id
3995dcc
date
Wed, 30 Aug 2023 08:07:33 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230824130010A8C34BBF9AC0C20BCCFE
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-135-231.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d99dbdfac0e372c7c9dc73c9f63312f7263e9ae01f9be6b1e9e9027b622ac04b06bb56e1f27e0329dcabb7619157dcbeb22809e60a1f04e059396865b52e6f0c8d7b691dfc96cb5a80e21d5be6ffd1e3d5f3b33b900dd1c8f4e0f56d9c32dfaa
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
30596
pangle_pixel
analytics.pangle-ads.com/api/v2/
0
716 B
Ping
General
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
130.35.192.4 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 30 Aug 2023 08:07:33 GMT
X-Bytefaas-Request-Id
2023083008073361B6A3ED43AF34EFBD84
x-tt-trace-tag
id=00;cdn-cache=miss
Connection
keep-alive
server-timing
inner; dur=4
Content-Length
0
Server
nginx
X-Tt-Logid
2023083008073361B6A3ED43AF34EFBD84
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
*
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
X-Bytefaas-Execution-Duration
3.23
Access-Control-Allow-Credentials
true
x-tt-trace-host
0113d5755b2469e7ac79ab19311967c58203cefe6853d7045340090c375fd2a961d8168851c30be67faa88f6309322fccca746ae8c4b3fa8228c2ce0e8f88e1fda68abdd9643e2b327ebc0261c67fd6f4d
Access-Control-Allow-Headers
*
pixel
analytics.tiktok.com/api/v2/
0
791 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d27fac30.3995e0b
date
Wed, 30 Aug 2023 08:07:33 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a95-100-135-231.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
115,95.100.135.231
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=29, inner; dur=26
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230830080733B14136DE08DC85D4D2A3
x-cache-remote
TCP_MISS from a23-220-105-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
29,23.220.105.137
x-tt-trace-host
0113d5755b2469e7ac79ab19311967c582591e3af1787ef6fead516634cf2209e0619248b2e3724b1f19423a0ade344d50a571ec499925bfd81ae289caf51a633edd388b53ad29116e78bd4283f8e572a4aa50a38642b1f9875546a66a1831afc25a3d78ec6adfaa68baeb9e72a5584c17
access-control-allow-headers
Authorization,*
expires
Wed, 30 Aug 2023 08:07:33 GMT
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=Microdata&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&rl=https%3A%2F%2Fs2.socialannex.com%2F&if=false&ts=1693382853642&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20Not%20Found%22%2C%22meta%3Adescription%22%3A%22e.l.f.%20Cosmetics%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22e.l.f.%20Cosmetics%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1693382852858.2083691840&ic=fbpixel&it=1693382852023&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Aug 2023 08:07:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
act
analytics.tiktok.com/api/v2/pixel/
0
793 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2513e860.3995f27
date
Wed, 30 Aug 2023 08:07:33 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a95-100-135-231.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
104,95.100.135.231
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=16, inner; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230830080733B965AB59164844E21966
x-cache-remote
TCP_MISS from a23-220-105-135.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.220.105.135
x-tt-trace-host
0113d5755b2469e7ac79ab19311967c582591e3af1787ef6fead516634cf2209e0754ab8f453680633da35508eacba540a4f98759991dd6744b8af3453c4788011a9fa4413d3a6b39f59d42523ad8c7dab75c9cfb87dcf0b63a3a0e229a705e3948a3d3413669cbbd31e7e581c3d845087
access-control-allow-headers
Authorization,*
expires
Wed, 30 Aug 2023 08:07:33 GMT
baskets
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/
3 KB
2 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
b41864500efd09ca086aa43be48837c1482e473a96ceb855758bed0600892e89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
x-dw-client-id
f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language
fi-FI,fi;q=0.9
x-pwa-request
true
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmY2YxOTBjOC1kODA1LTQ4MTAtYTcwNS03NWY5ZTRiOWE1ZWIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjMyYzBhODJjLWExMzItNGJhYi05OWE1LWRlMTk4ODU5NzBlMCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTY5MzM4MjgyMiwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJrWGhIa2VjMmtLa1J3cmNYa0dZWXdLZEc6OmNoaWQ6ICIsImV4cCI6MTY5MzM4NDY1MiwiaWF0IjoxNjkzMzgyODUyLCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTc0NjgxMTYzNTY4NTI3In0.TcLENxtkmPKYjVimJRIQAGl_N0WHCd7BSRrnXbZjma7R1dvQjnKuNrTZ5Gb1FA_XCXgIsWO7g13wryNoofA4_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 08:07:34 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
0
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393183 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status
deprecated
x-cache
Miss from cloudfront
content-length
1053
pragma
no-cache
etag
8381de9dcaa2441a82c529d0d54a1fe46dc04c81575b4e4bde2791f6d0a91906
allow
OPTIONS,POST
content-type
application/json;charset=UTF-8
x-dw-resource-state
8381de9dcaa2441a82c529d0d54a1fe46dc04c81575b4e4bde2791f6d0a91906
access-control-allow-origin
https://www.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
36218cae0e3c/[367,365,-] 36D18cae0e66/[-,368.608]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges
bytes
cf-ray
7feb8a73ed122c4a-FRA
x-dw-request-base-id
HiOJm8b47mQBAAB_
x-amz-cf-id
JyBAcAGoA1nbhdBNsIZL962MAPa2E8t94OlUSTv-ZiztPkxS3cxaLg==
x-yottaa-os
200
expires
Thu, 01 Dec 1994 16:00:00 GMT
display
api.usehero.com/webplugin/
189 B
1 KB
XHR
General
Full URL
https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&state=untouched&outboundFeature=
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.240.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-240-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b87ba8954401aa8e84cc2eb847d20e63c3e93b47c39fb922bd6f4dbf8465f3da
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
klarna-correlation-id
38f8112c-78b3-4b24-a5da-13fc84b819b5
cross-origin-resource-policy
same-origin
x-geo-longitude
24.93440
pragma
no-cache
referrer-policy
same-origin
etag
W/"bd-B20ilm7V26qHor3cPfD7oAPRbMU"
x-frame-options
SAMEORIGIN
x-geo-zip
00131
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude
60.17970
x-accuracy
20
expires
0
date
Wed, 30 Aug 2023 08:07:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
x-time-zone
Europe/Helsinki
x-envoy-upstream-service-time
14
content-length
189
x-xss-protection
0
x-request-id
38f8112c-78b3-4b24-a5da-13fc84b819b5
cross-origin-opener-policy
same-origin
x-download-options
noopen
x-country
FI
x-geo-city
Helsinki
ct.html
ct.pinterest.com/ Frame FBB1
565 B
427 B
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.916e7af4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://www.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 08:07:33 GMT
pinterest-version
796d488617a6325824b76ecd1b4e021dc0b90ee8
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
2
x-pinterest-rid
1645030683503072
logger
www.paypal.com/xoplatform/logger/api/
1009 B
2 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f88d7b96987cf48a6f021058059547cb6d9818db99ab8d751830c23af4c00c19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.elfcosmetics.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 08:07:34 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f849900519c4d
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220069-FRA, cache-hel1410025-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f849900519c4d-c298634f743e5fd3-01
x-timer
S1693382854.205383,VS0,VE236
etag
W/"3f1-TJIn4UoCmQGNepywZamQ/l+Ieq4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.elfcosmetics.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Wed, 30 Aug 2023 08:07:34 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f849900384328
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f849900384328-ab59a43abdfc9190-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230075-FRA, cache-hel1410025-HEL
x-timer
S1693382854.943509,VS0,VE220
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1290356702&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&dr=https%3A%2F%2Fs2.socialannex.com%2F&dp=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ul=en-us&de=UTF-8&dt=Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aADAAEABAAAAACgAIAC~&jid=&gjid=&cid=554918221.1693382852&tid=UA-432816-1&_gid=716126161.1693382852&gtm=45He38s0n81WL3STMX&z=1388960930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 02:32:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20120
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1290356702&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&dr=https%3A%2F%2Fs2.socialannex.com%2F&dp=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ul=en-us&de=UTF-8&dt=Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=50%25&_u=aADAAEABAAAAACgAIAC~&jid=&gjid=&cid=554918221.1693382852&tid=UA-432816-1&_gid=716126161.1693382852&gtm=45He38s0n81WL3STMX&z=1939279979
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 02:32:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20120
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1290356702&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&dr=https%3A%2F%2Fs2.socialannex.com%2F&dp=%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&ul=en-us&de=UTF-8&dt=Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=75%25&_u=aADAAEABAAAAACgAIAC~&jid=&gjid=&cid=554918221.1693382852&tid=UA-432816-1&_gid=716126161.1693382852&gtm=45He38s0n81WL3STMX&z=430927895
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 02:32:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20120
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
PWA-UpdateSession
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/
56 B
1 KB
XHR
General
Full URL
https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
accept-language
fi-FI,fi;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:34 GMT
content-encoding
gzip
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA56-P7
age
0
x-yottaa-optimizations
ob/1000 si/36D18cae0e66-1693318191-9549393192 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
pragma
no-cache
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-yottaa-metrics
36218cae0e40/[444,443,-] 36D18cae0e66/[-,445.912]
cf-ray
7feb8a771fa89028-FRA
x-dw-request-base-id
6-0TOcb47mQBAAB_
x-amz-cf-id
5ooNfAD5FS3DGzqdyvQr5ZK-6cZ2OycA8RJnQYt8KQ5mNhEUEN0A5g==
x-dw-trace-id
6-0TOcb47mQBAAB_
expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
tags.rd.linksynergy.com/
Redirect Chain
  • https://idsync.rlcdn.com/458359.gif?partner_uid=dbfe878d-d20b-44ab-adc8-ee9456010e52
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGRiZmU4NzhkLWQyMGItNDRhYi1hZGM4LWVlOTQ1NjAxMGU1MhAAGg0IxvG7pwYSBQjoBxAAQgBKAA
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=f5422aa0dc83c177edf5a0a75cfcac24110acc7176facdaf8ca74d8b17a769a66ac34734d8e453ee
37 B
302 B
Image
General
Full URL
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=f5422aa0dc83c177edf5a0a75cfcac24110acc7176facdaf8ca74d8b17a769a66ac34734d8e453ee
Protocol
H2
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 30 Aug 2023 08:07:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-samesite
secure

Redirect headers

date
Wed, 30 Aug 2023 08:07:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=f5422aa0dc83c177edf5a0a75cfcac24110acc7176facdaf8ca74d8b17a769a66ac34734d8e453ee
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.svg
www.elfcosmetics.com/mobify/bundle/9686/static/img/flag-icons/
9 KB
1 KB
Image
General
Full URL
https://www.elfcosmetics.com/mobify/bundle/9686/static/img/flag-icons/us.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/9686/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
140.174.14.102 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
2bc88bfdd5ee4cf0e7abb733a08af838fae31df3eb4a374df2e8d981e2ed93a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:07:34 GMT
x-amz-version-id
53PiuwkbTWkLeymGqnO3e8NRU5jYwLMj
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P7
age
119854
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/1001 si/36D18cae0e66-1693259387-4293398695 tts/1691704961837 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache
Miss from cloudfront
x-amz-meta-deploy
541952
content-length
652
x-amz-meta-bundle
9686
x-yottaa-forcecache
true, true
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-os
200
x-yottaa-metrics
36218cae0e29/[439,437,-] 36D18cae0e66/[hit]
x-amz-cf-id
tawym5a7S3wNl9qxeTNZN5-tI0-FR6qrhBfgq9egs2aR2SEhVpMxnQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime function| _ function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| dataLayer boolean| rakutenDataLayer object| DataLayer object| gaViewedIdsForPage object| DY boolean| otSPAPathChange boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper string| AppsFlyerSdkObject function| AF object| ogJsonpFunction object| OG object| OneTrustStub function| ___rmuid object| ___RMCMPW object| DYO object| DYJSON object| _dy_memStore object| history$ object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_1___uid_numhnacfzmymuvpacsidplhppphjzs object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| DYExps object| _uxa object| onetrustActiveGroups function| create_UUID function| createCookie string| GoogleAnalyticsObject function| ga object| HeroWebPluginSettings string| HeroObject function| hero object| GooglebQhCsO function| snaptr function| pintrk function| fbq function| _fbq object| _fbq_gtm_ids function| rdt string| TiktokAnalyticsObject object| ttq object| JebbitObject function| jebbit function| cnxtag object| cnxDataLayer object| AF_cleanupMethods object| AF_SDK string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| paypalDDL string| PaypalOffersObject function| ppq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| DataLayerHelper object| _scPxHelper object| DYWork function| $dy object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| Optanon object| OneTrust object| __post_robot_10_0_44__ object| PAYPAL function| setImmediate function| clearImmediate boolean| otLastAcceptAllValue object| DYCS object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| cti110221

72 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.bit.ly/ Name: _bit
Value: n7u87l-48d75f5ec773b88cad-00J
.socialannex.com/ Name: ELFUS
Value: 7149_50512285_5733432_90_0_3291
.socialannex.com/ Name: ELFUS_SERVICE
Value: 50512285%5E%5E2%5E%5E0
www.elfcosmetics.com/ Name: _pxhd
Value: X3Zd5dSxs84Tu4ZkJFr7ht-QVi0CdWbo4N3wvwmHIIOyBTVj4dWFGzg-JtvOCdmd1hBlPz77VJIH2GFyWOADrA==:Wm5aLuE53c/6en36LHea3dPhXu0JQWai4vXueFgvEmyct-01m0fzQb8M0uCzC0u3up74i/YdVpKDDOewrt7RmWCs6wBwaDzsWkcrsCNOAYE=
www.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: %7B%22g%22%3A%2247b2b330-bfd2-7cf9-1a1d-7bc455bf9be0%22%2C%22e%22%3A1693384649300%2C%22c%22%3A1693382849301%2C%22l%22%3A1693382849301%7D
.elfcosmetics.com/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: %7B%22g%22%3A%22140d8ab7-ee1f-e15f-124d-41d01c1059c0%22%2C%22c%22%3A1693382849314%2C%22l%22%3A1693382849314%7D
.elfcosmetics.com/ Name: og_session_id
Value: 1e72a9589c4f11e9a62ebc764e10b970.267437.1693382850
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.linksynergy.com/ Name: rmuid
Value: dbfe878d-d20b-44ab-adc8-ee9456010e52
.elfcosmetics.com/ Name: _dyjsession
Value: ppdbnu9fy2r5ldtj5lds1bccv6nwp8re
.elfcosmetics.com/ Name: dy_fs_page
Value: www.elfcosmetics.com%2Fon%2Fdemandware.store%2Fsites-elf-us-site%2Fen_us%2Freferafriend-showrafunlock%3Fs2_reward_code%3Dreferral_statuses%26statid%3D50512285%26siteid%3D8989981%26incentiveid%3D3291%26socialtype%3D14%26couponcodeindiv%3D0%26landingpage%3D%2520%26ipm%3D0%26invitecode%3D2tcocsv
.elfcosmetics.com/ Name: _dy_csc_ses
Value: ppdbnu9fy2r5ldtj5lds1bccv6nwp8re
.elfcosmetics.com/ Name: _dy_c_exps
Value:
.elfcosmetics.com/ Name: _dy_soct
Value: 647796.1248068.1693382851.ppdbnu9fy2r5ldtj5lds1bccv6nwp8re*805201.1530825.1693382851
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.1057677244.1693382851
www.elfcosmetics.com/ Name: FPC
Value: 50e7ea37-6657-423d-b8d2-b92a657dd47e
.dynamicyield.com/ Name: DYID
Value: -1355583241332000573
.elfcosmetics.com/ Name: _ga_ZLYXLXNDL8
Value: GS1.1.1693382851.1.0.1693382851.60.0.0
.elfcosmetics.com/ Name: _ga
Value: GA1.2.554918221.1693382852
.elfcosmetics.com/ Name: _gid
Value: GA1.2.716126161.1693382852
.elfcosmetics.com/ Name: _gat_UA-432816-1
Value: 1
.elfcosmetics.com/ Name: _scid
Value: 922a32b2-5862-4fff-a5f4-c857b5fe17e1
.elfcosmetics.com/ Name: _scid_r
Value: 922a32b2-5862-4fff-a5f4-c857b5fe17e1
.elfcosmetics.com/ Name: _dycnst
Value: dg
.adnxs.com/ Name: uuid2
Value: 1100980677217711174
.elfcosmetics.com/ Name: _rdt_uuid
Value: 1693382852038.f8a66269-4566-45db-98e7-5aace82f29f0
.doubleclick.net/ Name: IDE
Value: AHWqTUmEURbuoyEtKNhJYjRRPZM3ry7DNMibT67Wl7uTRyGVBmBfODDWyoF4ymUIC7s
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Hbyv#r(r!@wnf-Te9(>wL5L!!'fH$v/hV
.tiktok.com/ Name: _ttp
Value: 2UhDKH68GQ890hV8s5zgDmlXQru
.paypal.com/ Name: ts_c
Value: vr%3D457bbdf218a0aa5e1136d37dffd09961%26vt%3D457bbdf218a0aa5e1136d37dffd09960
.elfcosmetics.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Aug+30+2023+11%3A07%3A32+GMT%2B0300+(Eastern+European+Summer+Time)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2Fon%2Fdemandware.store%2FSites-elf-us-Site%2Fen_US%2FReferAfriend-ShowRafunlock%3Fs2_reward_code%3Dreferral_statuses%26statID%3D50512285%26siteID%3D8989981%26incentiveID%3D3291%26socialType%3D14%26couponCodeInDiv%3D0%26landingpage%3D%2520%26ipm%3D0%26inviteCode%3D2TcocSV&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.elfcosmetics.com/ Name: _dyid
Value: -1355583241332000573
www.elfcosmetics.com/ Name: dwsid
Value: _zW85mnPBb9UpSS1dLvuICbSoVI3DhHdSwTrgiiBjcJjaSFJ0XsrWJbW0Qr_ulO2wAKLSQUaDxftBI6pQjxZlw==
www.elfcosmetics.com/ Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92
Value: abkXhHkec2kKkRwrcXkGYYwKdG
www.elfcosmetics.com/ Name: __cq_dnt
Value: 1
www.elfcosmetics.com/ Name: dw_dnt
Value: 1
.elfcosmetics.com/ Name: _dyfs
Value: 1693382852801
.elfcosmetics.com/ Name: _dycst
Value: dk.w.c.ws.
.elfcosmetics.com/ Name: _dy_geo
Value: FI.EU.FI_18.FI_18_Helsinki
.elfcosmetics.com/ Name: _dy_df_geo
Value: Finland..Helsinki
.elfcosmetics.com/ Name: _dy_toffset
Value: -1
.elfcosmetics.com/ Name: _fbp
Value: fb.1.1693382852858.2083691840
.pinterest.com/ Name: ar_debug
Value: 1
.elfcosmetics.com/ Name: _pin_unauth
Value: dWlkPU56ZGtaRFF5WVRZdFpXTmpZaTAwWTJWaExXRTFNekV0TWpWaVkySTFZalJqWkRrdw
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiREAMAQAsIncKfWNo9jC8E3emU6qBNQxuMoFnlJQjSSNGeaxezSYnVx48QOb1IyvMgAAAA==
.elfcosmetics.com/ Name: _tt_enable_cookie
Value: 1
.elfcosmetics.com/ Name: _ttp
Value: c17QCEyQglaJqIfQDxCv4mRBng0
.undertone.com/ Name: UTID
Value: 2cec865a54404f439189f194604a8ae3
.undertone.com/ Name: UTID_ENC
Value: 2nquj9fw05grkucrshncjldk3
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: fi_FI%3BFI
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY5MzM4Mjg1MzY2OSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3Ay4XQxFWJHxcAfWkMjBtEFxhvnKYasSht.e3GMYdAtT0sde4B1gIjQ%2B7e4t7NB5ovvowCEzT4P6t0
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypal.com/ Name: ts
Value: vreXpYrS%3D1788077253%26vteXpYrS%3D1693384653%26vr%3D457bbdf218a0aa5e1136d37dffd09961%26vt%3D457bbdf218a0aa5e1136d37dffd09960%26vtyp%3D
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.elfcosmetics.com/ Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a
Value: author=client&expires=1724918854361&visitor=1dd6dbc0-cd7d-4407-bd7f-17db51bdb654
.rlcdn.com/ Name: rlas3
Value: wBmanSACiF50/AVylTOVJMpo+c3w0PytnezLSBk5kvg=
.rlcdn.com/ Name: pxrc
Value: CMbxu6cGEgUI6AcQABIGCOTrARAA
.linksynergy.com/ Name: icts
Value: 2023-08-30T08:07:34Z
www.elfcosmetics.com/ Name: esw.currency
Value: USD
www.elfcosmetics.com/ Name: sid
Value: bxSN0D31pA4f9XZbIIZ7jLbzkGRjNLBsAFQ
www.elfcosmetics.com/ Name: _dyid_server
Value: -1355583241332000573
www.elfcosmetics.com/ Name: esw.InternationalUser
Value: ""
www.elfcosmetics.com/ Name: esw.location
Value: US
www.elfcosmetics.com/ Name: currentLocale
Value: en_US
www.elfcosmetics.com/ Name: esw.sessionid
Value: abkXhHkec2kKkRwrcXkGYYwKdG
www.elfcosmetics.com/ Name: esw.LanguageIsoCode
Value: en_US

2 Console Messages

Source Level URL
Text
network error URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ReferAfriend-ShowRafunlock?s2_reward_code=referral_statuses&statID=50512285&siteID=8989981&incentiveID=3291&socialType=14&couponCodeInDiv=0&landingpage=%20&ipm=0&inviteCode=2TcocSV
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
ads.undertone.com
adservice.google.com
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
api.ipify.org
api.usehero.com
async-px.dynamicyield.com
bit.ly
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.usehero.com
connect.facebook.net
ct.pinterest.com
evt.undertone.com
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
region1.analytics.google.com
s.pinimg.com
s2.socialannex.com
sc-static.net
sdk.iad-05.braze.com
secure.adnxs.com
st.dynamicyield.com
static.ordergroove.com
stats.g.doubleclick.net
t.paypal.com
tag.rmp.rakuten.com
tags.rd.linksynergy.com
tr.snapchat.com
ut.rd.linksynergy.com
websdk.appsflyer.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.google.rs
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
www.paypal.com
130.35.192.4
140.174.14.102
142.250.186.130
151.101.128.84
151.101.129.21
151.101.193.35
151.101.2.133
151.101.65.140
173.231.16.76
18.66.112.128
18.66.97.14
18.66.97.47
192.229.221.25
2001:4860:4802:32::36
216.58.206.38
23.197.153.131
2600:9000:206f:a600:a:7914:b00:93a1
2600:9000:2250:1800:15:ad21:c740:93a1
2600:9000:2251:9600:a:b89d:a6c0:93a1
2600:9000:238d:3600:11:85b0:d600:93a1
2600:9000:2394:bc00:13:d6f4:3240:93a1
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9c
2a02:26f0:3500:88b::1931
2a02:26f0:780::210:a481
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::396
3.127.128.19
3.33.220.150
34.102.147.248
34.98.67.3
35.190.43.134
35.244.174.68
37.252.171.21
44.215.33.123
52.215.240.223
54.192.87.248
67.199.248.11
95.100.135.235
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
16b3bc9a4dd707509fc30676fa5acb68812865a5388f973938ab744b6faae5a4
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
20c737940f47a9ac58a71de37031670b56c08413070b2a57481c26e5783ae051
2a59bdcff4113cac6e36a9d4a538c2d69b69dd54ef617f96c4d512292168185f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bc88bfdd5ee4cf0e7abb733a08af838fae31df3eb4a374df2e8d981e2ed93a0
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3307b5d4260d36fc13f1f0610cdd2be5ad8bd44dcd3c48fcfddba0830277fa21
358e89cc24998de189516aa6b29ed7cf75f32603798d1b3984a57ac474a9b4dc
365198500356db69bb799e6a10daf8fe1ba5de48233828ea52640251645d647f
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a2b3b5ecaa7d5c67e5e28f9712ebcf28a592c7191e24bcde25cc5bb374cbf7b
3a5bc5c9313cabc248ae9083a8943e9a1ecf4a15845c63ed9f214e2f8974e641
3ebf89e1d97e200a74d3d601875d13d715e3f13b33facf24fee5aa451012772f
45a53939b0fa7df06e02e10297440c1001e71bd0b645a645bb03b414819cb0ea
47ab68f07ace08d9a98d9f2b29f16f6937798527cc3570e68ea89f7fe1225813
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb91b1c7d8892b0f3d8b699885ca8201e08761edd3b16b0f1ea11891477eaf7
650421fa3310d691c3511c9d52a61d7711b5d433d221fde1a129312287dc6343
65b729622512d3c24c30cbd1a03cab9997e925a28eae9a1b8303401e5bd4fcc0
6681fd5a24d9b33773e77e7f88ccfc03814f3b6807b31d344e7b2ebb65fef29d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f0c358d27c999e8e496a45ddb195f408565fc8fda4b5810ead872b80abdc76e
7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98
8188f66aa98862c6f92b2d5a83f74701ce9c8d275e5c5137ce2189d8435e12d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83905d8eee9b97d22596d076c779d85f741275f64542f9def2c9d86027cada5e
8b998ceafb18daf4b9c2e9e31e014ec2e1ea49b716a1cf389b98e7d826b6b3fb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dea6b2240fed7b9dccb7a71b05a27a2b41908306b12c498c2c718856568a3cd
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
94f4a42738c018d286e0f89f1abee84a372d2ade4a47f73a3a9d4a16faf20812
9ae88938b6da3a03908b7def279f7245fb73a060224661f35014e19913b30c14
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a21f953d768553d47f4a23aa6608f6e0bc7a6aa88619eb2ad01c9587e058dfbf
a28848c68b83ebf55199ff21873948f325b86f86df2431129a1991a09482dd12
a33177a1b1a44698bc85bc710dfd4a6aba8bbe329db64dbb0622c894a1c05cbd
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a60abbed8fd8f8ee509654796918b2200e134397c46f3a7ea4854c443d997bf5
a809a1bbc7930fd08bb2bec3444442b2b2b90b2e9667626258c94ae674d1e362
aa2f78b0791f4ce292aa0ee0e8bddb6c6d33b2aab2b025cf950b3180ecacbfd0
ae5d6c879dad852044f9b09b19ff5255dfdf6d00c03421a3192db405cf79549f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
affb59fb3ba839c3752ff768318f09f411330a88efa0628d30ff4e4b3586c10b
b2283cf9e8800418e59682f1cfcf8113f389e96378855b44bed1c60e670e1114
b41864500efd09ca086aa43be48837c1482e473a96ceb855758bed0600892e89
b55f781a91080be3aedaf883d0fa79ea703f14c5e1188bddccbb7902ae2d6793
b87ba8954401aa8e84cc2eb847d20e63c3e93b47c39fb922bd6f4dbf8465f3da
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf
c5c2508c58db09238de8dec40871ba8502b533d61b3497d80e2f6d7b0ab9f6ea
cc93b6ea479232042c1f081fbfd4681eaa17820334da010312dbbe8ea28ec033
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d2646d7880bccff2455a93e1462178ffc4f595ead98d154364633c36eae7579d
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d6714f069164daab6d2be9ebf0fba5b12ae182501413e3bc167da85bc5099c9b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deaf8031cae0816e146583dcde4398cb95625fb279ecd6a99cbf5bfb7f4338ac
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
dfc983293c9baf693a719da3c69be679cbe8aea18c8f35a7abfef41f14800e9c
dfe3336c47d7719ee457546aafc04eb7650b20339b80df5d45828707c4e03da2
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e3349bfcd6a733ddb88abfe5deceec5fe31d74089b4bd0d9f840f31dfb812b
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e99702694d172e907e2d62c8b695d3dd9890d174a618910cbe093c0f020ebfa8
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eab7c33a15831e1749a466cb95660f0b34a75cbc1cee5f8678f067d5743df582
ecbe4874e1fffc1b68bdde370b903049a04348a826b580029690120cd771a4cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09d5b3a086fb5870fae1bdcbba5f967c882a91d3181131e85f5dcfa5cf462ce
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f88d7b96987cf48a6f021058059547cb6d9818db99ab8d751830c23af4c00c19
fd48a88ce5fbe99c8bfd145666d73c97bccb433812d328232a99ec867e33012d
feaed7d61395f2ed0c2a6e3db3747fa5c0a97143003efeb38032ac87440a71cf
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616
ff6b9bcb74c91a5bc3e65d864afbb35e9dfbc5d73559a7e4570177055153a189
ff869c847a28fa62d99e79d3d6cc86a623ae92c632ddb212f06c4010fbdfafbd