www.elfcosmetics.com Open in urlscan Pro
140.174.14.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eyeslipsface.com/
Effective URL:
https://www.elfcosmetics.com/
Submission Tags: tranco_l324
Submission: On November 27 via api (November 27th 2021, 6:01:55 am UTC) from DE — Scanned from DE

Summary HTTP 129 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 44 domains to perform 129 HTTP transactions. The main IP is 140.174.14.104, located in Frankfurt am Main, Germany and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 22nd 2021. Valid for: a year.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.45.83.226 96.45.83.226	16552 (TIGGEE) (TIGGEE)
13	140.174.14.104 140.174.14.104	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
31	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
3	2600:9000:205... 2600:9000:2057:b200:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.21.156 13.32.21.156	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:5800:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3 9	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1 29	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
14	52.45.39.231 52.45.39.231	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	52.86.69.130 52.86.69.130	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.125.86.125 3.125.86.125	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.142.87 18.185.142.87	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.149.87 18.198.149.87	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.90.12 3.125.90.12	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:c62f:533:271f:3e7e	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	143.204.201.234 143.204.201.234	16509 (AMAZON-02) (AMAZON-02)
2	52.43.99.216 52.43.99.216	16509 (AMAZON-02) (AMAZON-02)
1	52.7.69.238 52.7.69.238	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.86.239.241 52.86.239.241	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.30.224.0 52.30.224.0	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	52.28.77.219 52.28.77.219	16509 (AMAZON-02) (AMAZON-02)
1 1	18.214.152.153 18.214.152.153	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	52.206.55.189 52.206.55.189	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
129	24

1 96.45.83.226 (United States) 1 redirects

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com

eyeslipsface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 140.174.14.104 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn-fsly.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:b200:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-156.fra56.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5800:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

10265292.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10742279.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 209.54.180.144 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.45.39.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-39-231.compute-1.amazonaws.com

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cookies.onetrust.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.69.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-69-130.compute-1.amazonaws.com

px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.86.125 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-86-125.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.142.87 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.149.87 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-149-87.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.90.12 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-90-12.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:c62f:533:271f:3e7e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.234 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-234.fra53.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.43.99.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-99-216.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.69.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-69-238.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.239.241 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-239-241.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.224.0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-224-0.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.77.219 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-77-219.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.152.153 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-152-153.compute-1.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.55.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-55-189.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Ballerup Municipality, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.216 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	yottaa.net cdn-fsly.yottaa.net	2 MB
29	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	22 KB
20	dynamicyield.com cdn.dynamicyield.com st.dynamicyield.com async-px.dynamicyield.com px.dynamicyield.com	252 KB
13	elfcosmetics.com www.elfcosmetics.com	1 MB
11	doubleclick.net 5 redirects 10265292.fls.doubleclick.net 10742279.fls.doubleclick.net cm.g.doubleclick.net	3 KB
9	cookielaw.org cdn.cookielaw.org	178 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	1 KB
4	jsdelivr.net cdn.jsdelivr.net	18 KB
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	835 B
3	google.com adservice.google.com	708 B
2	pubmatic.com 2 redirects image6.pubmatic.com	530 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	740 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	777 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	998 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com token.rubiconproject.com	673 B
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	660 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
1	taboola.com 1 redirects sync.taboola.com	299 B
1	ispot.tv 1 redirects pi.ispot.tv	344 B
1	exelator.com loadus.exelator.com	324 B
1	openx.net us-u.openx.net	306 B
1	mookie1.com 1 redirects odr.mookie1.com	600 B
1	samba.tv 1 redirects ads.samba.tv	292 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	902 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	763 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	bluekai.com 1 redirects tags.bluekai.com	672 B
1	agkn.com 1 redirects aa.agkn.com	337 B
1	consensu.org cookies.onetrust.mgr.consensu.org	1 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	onetrust.com geolocation.onetrust.com	399 B
1	googletagmanager.com www.googletagmanager.com	96 KB
1	cquotient.com cdn.cquotient.com	12 KB
1	eyeslipsface.com 1 redirects eyeslipsface.com	181 B
0	ninthdecimal.com Failed lciapi.ninthdecimal.com Failed
0	survata.com Failed px.surveywall-api.survata.com Failed
129	44

	Domain	Requested by
31	cdn-fsly.yottaa.net	www.elfcosmetics.com cdn-fsly.yottaa.net
29	s.amazon-adsystem.com	1 redirects www.elfcosmetics.com s.amazon-adsystem.com
14	async-px.dynamicyield.com	cdn.dynamicyield.com
13	www.elfcosmetics.com	cdn-fsly.yottaa.net www.elfcosmetics.com
9	cdn.cookielaw.org	www.elfcosmetics.com cdn.cookielaw.org
6	10742279.fls.doubleclick.net	2 redirects www.googletagmanager.com www.elfcosmetics.com
4	ups.analytics.yahoo.com	4 redirects
4	cdn.jsdelivr.net	www.elfcosmetics.com
3	adservice.google.com	10742279.fls.doubleclick.net 10265292.fls.doubleclick.net
3	10265292.fls.doubleclick.net	1 redirects www.googletagmanager.com www.elfcosmetics.com
3	cdn.dynamicyield.com	www.elfcosmetics.com
2	image6.pubmatic.com	2 redirects
2	ib.adnxs.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	beacon.krxd.net	s.amazon-adsystem.com
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	px.dynamicyield.com	cdn.dynamicyield.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	us-u.openx.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	cookies.onetrust.mgr.consensu.org	www.elfcosmetics.com
1	www.google-analytics.com	www.elfcosmetics.com
1	geolocation.onetrust.com	www.elfcosmetics.com
1	www.googletagmanager.com	www.elfcosmetics.com
1	st.dynamicyield.com	www.elfcosmetics.com
1	cdn.cquotient.com	www.elfcosmetics.com
1	eyeslipsface.com	1 redirects
0	lciapi.ninthdecimal.com Failed	s.amazon-adsystem.com
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
129	53

This site contains links to these domains. Also see Links.

Domain
instagram.com
www.facebook.com
www.youtube.com
www.pinterest.com
twitter.com
www.snapchat.com
www.linkedin.com
www.tiktok.com
blog.elfcosmetics.com
www.elfbeauty.com
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
tcf.cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-22` - `2022-11-22`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2020-08-03` - `2022-10-03`	2 years	crt.sh
*.dynamicyield.com Amazon	`2021-09-29` - `2022-10-28`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.cquotient.com Amazon	`2021-06-04` - `2022-07-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
snic232gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-03-01` - `2022-03-31`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: 45300247B092920A121C784BEE9D3DBA
Requests: 87 HTTP requests in this frame

Frame: https://10265292.fls.doubleclick.net/activityi;dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 46976138DD4519EBAE25D660EB2A1901
Requests: 2 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: B6EB142B5BC44042FADC46B7262C57FC
Requests: 2 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: F64653E7C4A380A2D815B6B55F46FC8A
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=913235941130103700&dcc=t
Frame ID: 4116B8C8DD7174AFAA33DAABAB3D1AEF
Requests: 1 HTTP requests in this frame

Frame: https://cookies.onetrust.mgr.consensu.org/?name=euconsent-v2&value=&expire=0&isFirstRequest=true
Frame ID: 990320675464450386FA244D1DA90F63
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Frame ID: 1706D9F1B81A9C76AA136DE49A8AFFAD
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Affordable Drugstore Makeup & Skincare Products | e.l.f. Cosmeticsbinocularsunlockgiftshopping baggoogle-elfSign InBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://eyeslipsface.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Page Statistics

129
Requests

78 %
HTTPS

22 %
IPv6

44
Domains

53
Subdomains

24
IPs

6
Countries

3697 kB
Transfer

7310 kB
Size

72
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-cosmetics/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: http://blog.elfcosmetics.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/41508589-2ea0-4f6f-a103-922358595624/4d9f0146-ffb8-404e-9f05-73841fe03610.html
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new window

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eyeslipsface.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://10265292.fls.doubleclick.net/activityi;dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 51

https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://10742279.fls.doubleclick.net/activityi;dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 52

https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://10742279.fls.doubleclick.net/activityi;dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 53

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=913235941130103700 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=913235941130103700&dcc=t

Request Chain 85

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=164971003983000039412&ex=neustar.biz

Request Chain 86

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=42b83d2e2d87c75d64a6fbe71b178a50

Request Chain 87

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 88

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=fhi870fHT36q23jvCHeF2A HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=fhi870fHT36q23jvCHeF2A&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=fhi870fHT36q23jvCHeF2A

Request Chain 89

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP8377c6e6-4f47-11ec-8d6b-064b2a596d3a HTTP 302
https://s.amazon-adsystem.com/ecm3?id=a455b9d3d5f2be43204b531344fcc3aa3a6e8f0a&ex=aoldisplay.com

Request Chain 90

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56d6838-b2ad-4ac4-81b8-63381d08b9bb

Request Chain 94

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=c438eea3ff45ae5c7bf5eaac40729eb2&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 95

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 98

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e8538b374c8d58d5

Request Chain 99

https://pixel.rubiconproject.com/tap.php?v=1053074&nid=2179&put=OA-JKwdZT-6OmbFzePafIw&next=https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT

Request Chain 100

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=bzpGaePZQLi4rSgrjAVY9w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=bzpGaePZQLi4rSgrjAVY9w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28192684375916061233144925236944600852

Request Chain 101

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=IZycIkqCTzW0BYZThCQP1g HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811453856735886981&gdpr=&gdpr_consent=

Request Chain 103

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5508123615336936465

Request Chain 104

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=83b57c24-4f47-11ec-b483-155da6fd0106 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=83b57be6-4f47-11ec-b483-155da6fd0106

Request Chain 105

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22096a0f90-edb5-41cc-996c-0e2bf904981d%22,%22Time%22:%2220211127T010151.247814%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=096a0f90-edb5-41cc-996c-0e2bf904981d

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEG9RDzPTcWLq711ssbQiVTo&google_cver=1

Request Chain 107

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 108

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3dec8efaa58c56740edc14cc83f4cfa2

Request Chain 110

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KPP-_xy6E99bYIBRDB6xyjc4dMA4ZgAC

Request Chain 111

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=69C626B61AC8CD7A

Request Chain 112

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8984056146705041727&ex=appnexus.com

Request Chain 113

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=gwRiGrg9rJVyl1F8y_FSlMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=bhngCkzJTGSkoNVtbkLp9g& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 117

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-yAmy0Pd1l2PMTAqsy1FvlCfmeWmU_8I-

Request Chain 118

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9b97f11e5cd935cda601241815ee8b7a57ce46f8d355c2dd5494c33795a02cf7

Request Chain 119

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=21AF0298-45CF-42E3-8FF3-336C1B9B819C

Request Chain 120

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=3abcc7dc-27b6-4a50-bcab-8f249b1648e9-tuct89b4f4f

129 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elfcosmetics.com/
Redirect Chain

http://eyeslipsface.com/
https://www.elfcosmetics.com/

350 KB
85 KB

1219ms
735ms

Document
text/html

140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: de065165586f53c2ba9d4f64608cdd951d6c97787a51130594666f6e7c44c80b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-type: text/html;charset=UTF-8
content-length: 85760
accept-ranges: bytes
x-dw-request-base-id: nKGj-aKioGEBAAB_
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
vary: accept-encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b4924df5f1c1f55-FRA
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-yottaa-optimizations: ob/1000000100001000 si/36D18cae0e68-1637779846-4005659433 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-encoding: gzip
age: 0
x-yottaa-metrics: 36218cae0e3c/[678,614,-] 36D18cae0e68/[-,719.086]

Redirect headers

Date: Sat, 27 Nov 2021 06:01:48 GMT
Content-Length: 0
Connection: close
Location: https://www.elfcosmetics.com
Server: DNSME HTTP Redirection

GET
H2 200 AssistantRegular.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4de7574d/fonts/ 16 KB
17 KB 42ms
8ms Font
font/woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4de7574d/fonts/AssistantRegular.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1399502
x-yottaa-optimizations: ob/0 si/33118cae0c64-1628617431-685780113 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16488
x-served-by: cache-hhn4052-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.476190,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: font/woff2
access-control-allow-origin: *
expires: Fri, 10 Dec 2021 13:50:56 GMT
x-yottaa-metrics: 33218cae0c76/[27,24,-] 33118cae0c64/[-,31.434]
accept-ranges: bytes
cf-ray: 6ac3ad5ce844ec25-ATL
x-dw-request-base-id: Y9TZzpbdiGEBAAB_
x-cache-hits: 3

GET
H2 200 AssistantBold.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw82d4e320/fonts/ 16 KB
17 KB 47ms
13ms Font
font/woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw82d4e320/fonts/AssistantBold.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 627161
x-yottaa-optimizations: ob/0 si/2611cc028371-1628657068-2328628985 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16748
x-served-by: cache-hhn4052-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.476319,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 19 Dec 2021 13:45:26 GMT
x-yottaa-metrics: 2621cc02303b/[15,14,-] 2611cc028371/[-,16.665]
accept-ranges: bytes
cf-ray: 6b0d5553cf1062d0-ORD
x-dw-request-base-id: Y9SLvtq2kmEBAAB_
x-cache-hits: 2

GET
H2 200 fontawesome-webfont.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw00716dd6/fonts/ 55 KB
56 KB 48ms
15ms Font
font/woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw00716dd6/fonts/fontawesome-webfont.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 795655
x-yottaa-optimizations: ob/0 si/36118cae0e20-1630416238-1872124302 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 56780
x-served-by: cache-hhn4052-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.476369,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: font/woff2
access-control-allow-origin: *
expires: Fri, 17 Dec 2021 20:00:58 GMT
x-yottaa-metrics: 36218cae0e2d/[18,18,-] 36118cae0e20/[-,20.442]
accept-ranges: bytes
cf-ray: 6afd43b9bcdb2b95-FRA
x-dw-request-base-id: 1qYCLyjbk2EBAAB_
x-cache-hits: 2

GET
H2 200 jquery-2.1.1.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/jquery/ 82 KB
29 KB 60ms
27ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/jquery/jquery-2.1.1.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75774
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1000 si/36118cae0e1f-1633249883-1925290867 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29492
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.476196,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:31 GMT
x-yottaa-metrics: 36218cae0e47/[487,481,-] 36118cae0e1f/[-,501.014]
accept-ranges: bytes
cf-ray: 6b41eaeea83a3233-FRA
x-dw-request-base-id: nKEn47ehoGEBAAB_
x-cache-hits: 1

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 661 KB
82 KB 79ms
24ms Script
application/javascript 2600:9000:2057:b200:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b200:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 3729954d37fd0ec1bd9931040ccb05b4701814543d09935fd7df676ce7d18245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 04:18:07 GMT
server: DYCDN
x-amz-cf-pop: FRA6-C1
etag: W/"b168b6cbfd9d41123c270396c1c01074"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: t1Htp_O9yrMQQo03-SJIGVt2ZgNW7f1TwaR0spJW14e8wEoFpWQ03w==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 348 KB
99 KB 67ms
11ms Script
application/javascript 2600:9000:2057:b200:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b200:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: f2ca16184a18e96701a6bfe86b5233d7702c64f0594ca7d184c06bd79164ded4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 19:35:30 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 04:18:08 GMT
server: DYCDN
age: 44403
etag: W/"74ecaf92420431bcde8b4e99c6af632a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: OTi9hvGdpe_duGbce0y1N5cYffdQxisLJBgDF-z0SYCdKl4FEOvsHg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 69ms
27ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Lh0CEVPkmGuwf4KyqdKdhw==
age: 12073
vary: Accept-Encoding
content-length: 6403
x-ms-lease-status: unlocked
last-modified: Mon, 22 Nov 2021 20:32:32 GMT
server: cloudflare
etag: 0x8D9ADF735C33F25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0a3eadc1-801e-006e-3cf1-df71cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924e44bf50e16-MXP

GET
H2 200 style.min.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/ 776 KB
134 KB 40ms
8ms Stylesheet
text/css 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/style.min.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3518663cd0fca8dcca20fc762b1ebd8d1456c0b55663b50dd7ba3893f75a1aa4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75801
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/100011001 si/2511cc02853e-1633624441-1906816209 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 136791
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.475797,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:28 GMT
x-yottaa-metrics: 2521cc028a8b/[328,21,-] 2511cc02853e/[hit]
accept-ranges: bytes
cf-ray: 6b41ea46bb01252d-SJC
x-dw-request-base-id: Y9TkT7ChoGEBAAB_
x-cache-hits: 1

GET
H2 200 EswHooks.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/ 9 KB
3 KB 21ms
17ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/EswHooks.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d61e8bb73709467c15046eed340cb59608271f3d1f2f4bd994b3788d53775c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75791
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1001 si/2511cc028a74-1628617520-1876929657 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2749
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621518,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:37 GMT
x-yottaa-metrics: 2521cc028536/[15,13,-] 2511cc028a74/[hit]
accept-ranges: bytes
cf-ray: 6b41ea86f8e12542-SJC
x-dw-request-base-id: Y9S2T66hoGEBAAB_
x-cache-hits: 1

GET
H2 200 EswCss.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/ 8 KB
2 KB 59ms
26ms Stylesheet
text/css 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/EswCss.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d54e4838c792b821f3e49b6e6943b18ca5012e9c89929e35fe77d171bac0092

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75774
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/11000 si/36118cae0e21-1630416259-92906696 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1805
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.475887,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:55 GMT
x-yottaa-metrics: 36218cae0e42/[17,15,-] 36118cae0e21/[-,19.863]
accept-ranges: bytes
cf-ray: 6b41eaf15ace4a6e-FRA
x-dw-request-base-id: Y9TuT7ChoGEBAAB_
x-cache-hits: 1

GET
H2 200 global.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1637917101260/css/ 30 KB
5 KB 58ms
26ms Stylesheet
text/css 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1637917101260/css/global.css?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75774
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/11000 si/36118cae0e22-1630416279-1797508952 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4444
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.476032,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:39 GMT
x-yottaa-metrics: 36218cae0e41/[378,374,-] 36118cae0e22/[-,382.330]
accept-ranges: bytes
cf-ray: 6b41eaf14e1a68eb-FRA
x-dw-request-base-id: 1qbNXb-hoGEBAAB_
x-cache-hits: 1

GET
H2 200 changeUp.css
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/ 11 KB
3 KB 33ms
7ms Stylesheet
text/css 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/changeUp.css?yocs=F_J_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e67c769154825939a745f7d9c858f77c5b82cb606e2b09d49251f75bc3f47a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75773
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/100011000 si/36118cae0e1f-1633249883-1925290872 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2145
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992909.476114,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:24 GMT
x-yottaa-metrics: 36218cae0e29/[377,372,-] 36118cae0e1f/[-,380.076]
accept-ranges: bytes
cf-ray: 6b41eaf159534aa4-FRA
x-dw-request-base-id: 1qYWXLGhoGEBAAB_
x-cache-hits: 2

GET
H2 200 changeUp.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/ 3 KB
1 KB 21ms
17ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/changeUp.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75769
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1000 si/36118cae0e23-1630416300-1068200165 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 994
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621584,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:38 GMT
x-yottaa-metrics: 36218cae0e3a/[379,378,-] 36118cae0e23/[-,382.387]
accept-ranges: bytes
cf-ray: 6b41eb0ccd0a3260-FRA
x-dw-request-base-id: nKH3476hoGEBAAB_
x-cache-hits: 1

GET
H2 200 splide.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/ 4 KB
2 KB 65ms
24ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/splide.min.css

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2798069
x-jsd-version: 2.4.21
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-mxp6924-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"102c-M7+BfeLRxTmUwlsz98mdry3uV50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b4924e458083756-MXP

GET
H2 200 splide.min.js Show response
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/ 28 KB
11 KB 70ms
29ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/splide.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2798096
x-jsd-version: 2.4.21
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19155-FRA, cache-mxp6936-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"7170-eq1ZE4HBpvEGZCwKn41rAbub2NI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b4924e458093756-MXP

GET
H2 200 HP_black-friday_D.gif
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0a41eb5d/homepage/2021/11/ 195 KB
195 KB 25ms
22ms Image
image/gif 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0a41eb5d/homepage/2021/11/HP_black-friday_D.gif?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d2b2b16ae39edf7177cf2cbe12214897873e33bf6c0bb0133f8a23791c9ec0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 424814
x-yottaa-optimizations: ob/0 si/36118cae0e22-1630416279-1796246714 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 199341
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621635,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/gif
expires: Wed, 22 Dec 2021 00:03:36 GMT
x-yottaa-metrics: 36218cae0e30/[565,564,-] 36118cae0e22/[-,567.094]
accept-ranges: bytes
cf-ray: 6b20a16f5fbf2bf2-FRA
x-dw-request-base-id: 1qbdiVjemmEBAAB_
x-cache-hits: 1

GET
H2 200 _HP_HOLIDAY_D_A_V2_short.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw1d143d6a/homepage/2021/10/holiday/HP/ 394 KB
394 KB 29ms
26ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw1d143d6a/homepage/2021/10/holiday/HP/_HP_HOLIDAY_D_A_V2_short.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165ae13cc6bbc1c15cb98369c10a65cc54d040cd18b4928d9f1fecccb91d5581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1404608
x-yottaa-optimizations: ob/100 si/33118cae0c60-1628617366-2376805378 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 403043
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621673,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Fri, 10 Dec 2021 09:33:20 GMT
x-yottaa-metrics: 33218cae0c8a/[31,-,1636578007426] 33118cae0c60/[-,34.386]
accept-ranges: bytes
cf-ray: 6ac235623bdc1041-ATL
x-dw-request-base-id: 1qadkJPLiGEBAAB_
x-cache-hits: 1

GET
H2 200 HP_HOLIDAY_D_1.jpeg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw981f948d/homepage/2021/10/holiday/HP/ 52 KB
53 KB 30ms
27ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw981f948d/homepage/2021/10/holiday/HP/HP_HOLIDAY_D_1.jpeg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5846e05e8d46e767ba38455f994b0db4e465847f9aa24fe590aebaa7c82fc86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1401545
x-yottaa-optimizations: ob/100 si/3211a5fec6ec-1632928829-2196825672 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 53475
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621725,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Fri, 10 Dec 2021 20:56:28 GMT
x-yottaa-metrics: 3221a5fec66f/[525,-,1636578046575] 3211a5fec6ec/[-,527.942]
accept-ranges: bytes
cf-ray: 6ac23656eb34287f-DFW
x-dw-request-base-id: nKEE1NKmgWEBAAB_
x-cache-hits: 1

GET
H2 200 HP_HOLIDAY_D_2.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw7f43bf32/homepage/2021/10/holiday/HP/ 102 KB
102 KB 24ms
21ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw7f43bf32/homepage/2021/10/holiday/HP/HP_HOLIDAY_D_2.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779f01423743a212aeaf28410cb5b96651c7efdf7ad67cec26cdb698f640475c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1404609
x-yottaa-optimizations: ob/100 si/33118cae0c60-1628617366-2376805370 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 104056
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621774,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Fri, 10 Dec 2021 09:41:06 GMT
x-yottaa-metrics: 33218cae0c82/[22,-,1636578007421] 33118cae0c60/[-,24.935]
accept-ranges: bytes
cf-ray: 6ac2356238cbe396-ATL
x-dw-request-base-id: nKEPJUA-imEBAAB_
x-cache-hits: 1

GET
H2 200 HP_HOLIDAY_D_3.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4ed993a6/homepage/2021/10/holiday/HP/ 97 KB
98 KB 30ms
27ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw4ed993a6/homepage/2021/10/holiday/HP/HP_HOLIDAY_D_3.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce05a24626eff149afa9e83072faa33030363d54ea26c1a70c93dd6d0925563d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1413488
x-yottaa-optimizations: ob/101 si/36118cae0e25-1631247739-1048436825 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 99724
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621815,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Fri, 10 Dec 2021 07:39:03 GMT
x-yottaa-metrics: 36218cae0e2c/[6,-,1636578061002] 36118cae0e25/[hit]
accept-ranges: bytes
cf-ray: 6ac236b12cbf5c85-FRA
x-dw-request-base-id: Y9RKxLL9hWEBAAB_
x-cache-hits: 1

GET
H2 200 HP_HOLIDAY_D_4.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw8e18abd8/homepage/2021/10/holiday/HP/ 84 KB
85 KB 19ms
17ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw8e18abd8/homepage/2021/10/holiday/HP/HP_HOLIDAY_D_4.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 929638561e70c94bfcabf6449bd920541f4e8b4c682e5ac16804270e1499fe12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: MISS
age: 1414848
x-yottaa-optimizations: ob/100 si/2611cc8d5869-1628657141-1673431331 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 86130
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621860,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Fri, 10 Dec 2021 16:42:52 GMT
x-yottaa-metrics: 2621cc8d586f/[18,-,1636578012264] 2611cc8d5869/[-,21.360]
accept-ranges: bytes
cf-ray: 6ac2357fef612d76-ORD
x-dw-request-base-id: Y9Q4XYz2i2EBAAB_
x-cache-hits: 2191

GET
H2 200 HP_HOLIDAY_D_5.jpeg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw362225e2/homepage/2021/10/holiday/HP/ 120 KB
120 KB 29ms
26ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw362225e2/homepage/2021/10/holiday/HP/HP_HOLIDAY_D_5.jpeg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80829113dba6c8956dbe5e04793b276e43fb5c51e978312574892514fd1f3d50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1414623
x-yottaa-optimizations: ob/101 si/36118cae0e1f-1633249883-1921742552 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=kAlEV3t.DocZCCnuK9biEZTziTeHzu3fvSO_TlBE92E-1636578060-0-AQhVKVJRu_iPPk1m4MVqCKcFluF1lkTVWVNW7neMMj9FBZ_VdEqgdK_ronjFZ8zgWA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 122490
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621889,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Fri, 10 Dec 2021 15:00:43 GMT
x-yottaa-metrics: 36218cae0e34/[7,-,1636578061004] 36118cae0e1f/[hit]
accept-ranges: bytes
cf-ray: 6ac236b12d85dfcb-FRA
x-dw-request-base-id: Y9Rcq1Y2imEBAAB_
x-cache-hits: 1

GET
H2 200 HP_HOLIDAY_D_6.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw5679fd95/homepage/2021/10/holiday/HP/ 89 KB
90 KB 29ms
27ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw5679fd95/homepage/2021/10/holiday/HP/HP_HOLIDAY_D_6.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63fb4fb1496109c262bffcb71069a74b6536aa0264cee6eed795cb11b59d895f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1413494
x-yottaa-optimizations: ob/101 si/36118cae0e21-1630416259-89363889 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 91477
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621946,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Fri, 10 Dec 2021 21:01:01 GMT
x-yottaa-metrics: 36218cae0e45/[5,-,1636578061011] 36118cae0e21/[hit]
accept-ranges: bytes
cf-ray: 6ac236b12aed2b1e-FRA
x-dw-request-base-id: Y9TnRiiYh2EBAAB_
x-cache-hits: 1

GET
H2 200 _NOV_NEW_ARRIVALS_D_A.jpg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa26bda9f/homepage/2021/11/ 97 KB
98 KB 29ms
27ms Image
image/jpeg 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa26bda9f/homepage/2021/11/_NOV_NEW_ARRIVALS_D_A.jpg?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f5a1cf09e19f2b16cb9e64d216972580e92a3375f2189f7cb431186703b3ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 679317
x-yottaa-optimizations: ob/100 si/36118cae0e20-1630416238-1872400399 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 99717
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
cf-bgj: h2pri
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.621991,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/jpeg
expires: Sun, 19 Dec 2021 05:24:00 GMT
x-yottaa-metrics: 36218cae0e3e/[6,-,1637308232358] 36118cae0e20/[-,9.266]
accept-ranges: bytes
cf-ray: 6b07d92419f842e1-FRA
x-dw-request-base-id: Y9RXQgnqlmEBAAB_
x-cache-hits: 1

GET
H2 200 bs_revamped_D.gif
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw83322ebf/homepage/2021/11/ 31 KB
31 KB 29ms
27ms Image
image/gif 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw83322ebf/homepage/2021/11/bs_revamped_D.gif?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd207f246332f799f67b42ecd2dfad35976564aee935ab32ec3de19ff66bf59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 1414849
x-yottaa-optimizations: ob/0 si/36118cae0e22-1630416279-1793960884 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=E9RTbVy1r5HoYSuOmIhUUeQZfjz.Y58.raHMIWAughc-1636578061-0-AeZgtHOf2uVSKV_I16Ne-3sQTTntxiBUikQNGIQne_0YzlwExCZDHkqnvmgQSU7k4w
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 31650
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.622028,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/gif
expires: Fri, 10 Dec 2021 10:31:37 GMT
x-yottaa-metrics: 36218cae0e46/[20,19,-] 36118cae0e22/[-,21.621]
accept-ranges: bytes
cf-ray: 6ac236b12a03702b-FRA
x-dw-request-base-id: 1qZOjJY5hmEBAAB_
x-cache-hits: 1

GET
H2 200 intersection-observer.min.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.5.1/ 7 KB
3 KB 22ms
22ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.5.1/intersection-observer.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3a30e9a818e22c8f16792348125f8ef1dd28bc20c1d12e23c163c2cd5be07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2798087
x-jsd-version: 0.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-mxp6978-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1bf9-LLg69WDFPy8EcYnHyvJtDlnbpRc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b4924e4a8653756-MXP

GET
H3 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/ 5 KB
3 KB 26ms
26ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/lazyload.min.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2798095
x-jsd-version: 12.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-mxp6935-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"15d1-IxZ2QckOwVh8MMcWJc7ap/VwGh4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b4924e4cfe3374c-MXP

GET
H2 200 plugins.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/ 283 KB
78 KB 12ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/plugins.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75773
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1000 si/36118cae0e1f-1633249883-1925290871 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 79878
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.620221,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:33 GMT
x-yottaa-metrics: 36218cae0e28/[564,555,-] 36118cae0e1f/[-,616.598]
accept-ranges: bytes
cf-ray: 6b41eaf14b4c6964-FRA
x-dw-request-base-id: nKGK47mhoGEBAAB_
x-cache-hits: 1

GET
H2 200 app.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/ 406 KB
118 KB 28ms
26ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/app.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e822f7595f153f3d581083bb4905405922ff709d5ad2fd41613381cd37350b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75769
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1000 si/36118cae0e23-1630416300-1068200165 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 120201
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.622082,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:25 GMT
x-yottaa-metrics: 36218cae0e39/[687,671,-] 36118cae0e23/[-,745.306]
accept-ranges: bytes
cf-ray: 6b41eb0cf8da5cb6-FRA
x-dw-request-base-id: nKF14rGhoGEBAAB_
x-cache-hits: 1

GET
H2 200 global.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1637917101260/js/ 1 KB
741 B 30ms
28ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1637917101260/js/global.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75805
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1001 si/2511cc028a75-1628617537-582017527 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 509
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.622491,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:24 GMT
x-yottaa-metrics: 2521cc028538/[269,269,-] 2511cc028a75/[hit]
accept-ranges: bytes
cf-ray: 6b41ea2c689f6462-SJC
x-dw-request-base-id: 1qYAXLChoGEBAAB_
x-cache-hits: 1

GET
H2 200 rangetouch.min.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/ 2 KB
1 KB 30ms
28ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/rangetouch.min.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75769
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1010 si/2511cc02853f-1628617503-1106225452 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1045
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.622546,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:24 GMT
x-yottaa-metrics: 2521cc02859f/[1,-,1637917104343] 2511cc02853f/[-,3.772]
accept-ranges: bytes
cf-ray: 6b41ea2c6d9d3b39-SJC
x-dw-request-base-id: nKFL4rChoGEBAAB_
x-cache-hits: 1

GET
H2 200 dwanalytics-21.9.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/internal/jscript/ 6 KB
3 KB 65ms
63ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/internal/jscript/dwanalytics-21.9.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70e9ab1b549587e35b22baeff17c9ecea3072edae5840119d15b159954f9bd53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75768
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1000 si/36118cae0e22-1630416279-1797508982 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2648
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.628297,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:26 GMT
x-yottaa-metrics: 36218cae0e3b/[372,369,-] 36118cae0e22/[-,374.632]
accept-ranges: bytes
cf-ray: 6b41eb12586c4ea9-FRA
x-dw-request-base-id: nKGV4rKhoGEBAAB_
x-cache-hits: 1

GET
H2 200 dwac-21.7.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/internal/jscript/ 5 KB
2 KB 65ms
63ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/internal/jscript/dwac-21.7.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36c44bc84b94a5ae0dd5fe6fc014df9fa5ad4c0e4ce2ef8d818f18853ab9b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: MISS
age: 75768
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1000 si/36118cae0e26-1630416363-287602569 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=NH.kWKboJjWF3KTNRfhlALKm208h26Wx9Sg3sERPVSY-1637917141-0-AV5_dihROkAUMbLUFeKj5sZL2kbr3vjNBDz0bZ-fuBVCAGFcYnbvr4620m72RaOX1Q
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1914
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.628365,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:58:24 GMT
x-yottaa-metrics: 36218cae0e33/[380,378,-] 36118cae0e26/[-,383.632]
accept-ranges: bytes
cf-ray: 6b41eb126d224e8c-FRA
x-dw-request-base-id: nKFG4rChoGEBAAB_
x-cache-hits: 1

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 36 KB
12 KB 57ms
13ms Script
application/javascript 13.32.21.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 05:11:30 GMT
content-encoding: gzip
etag: W/"4fdd1834cd022d3113e766921bac1ba4"
last-modified: Wed, 27 Oct 2021 16:27:15 GMT
server: AmazonS3
age: 3020
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: OI3vxelXjJbJX9yXlH_MWceg6gdvUXit_4NGJNN-55Dy89FX9tns-Q==

GET
H2 200 applepay.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/internal/jscript/ 14 KB
4 KB 63ms
61ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/internal/jscript/applepay.js?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9320fb9cf32f0763c597acec29a63ffb220d538acd75e75b47e2029258c4471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75769
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
x-yottaa-optimizations: ob/1000 si/2511cc02853f-1628617503-1106225481 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3919
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.628400,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
expires: Sun, 26 Dec 2021 08:59:00 GMT
x-yottaa-metrics: 2521cc028526/[12,11,-] 2511cc02853f/[-,16.288]
accept-ranges: bytes
cf-ray: 6b41eb12dac770a9-SJC
x-dw-request-base-id: 1qb8W7ChoGEBAAB_
x-cache-hits: 2

GET
H2 200 st Show response
st.dynamicyield.com/ 94 KB
9 KB 172ms
112ms Script
text/javascript 2600:9000:211e:5800:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=82jt9owhs1x33x7k2c3fkgxhxauqjo97&ref=&scriptVersion=1.74.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en_US%22%2C%22data%22%3A%5B%5D%7D
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5800:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e6edf73420e3ec6ff11b42475f398336adc7d2556a4f851d4333c94f77f873a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/javascript; charset=utf-8
x-amz-cf-id: WHKOm05yIyPatVfxzrrDBRhTsDBhrr1Ywb1D8xnn-2TX-yQUsHqL7A==
via: 1.1 d8670b0c6b76371fb58f730881dfe505.cloudfront.net (CloudFront)
expires: Sat, 27 Nov 2021 06:01:48 GMT

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 3 KB
2 KB 79ms
37ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd9f94b5a9b5f72ce0369f337890f9cd0c79bd344304b2a33adbab9109219fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: SbPISJRxr5c77B0I0rEwZQ==
age: 6895
vary: Accept-Encoding
content-length: 1199
x-ms-lease-status: unlocked
last-modified: Mon, 08 Mar 2021 18:22:59 GMT
server: cloudflare
etag: 0x8D8E25F33C81EE5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0e03f93a-501e-000a-0816-b6c16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924e57bcb375d-MXP
expires: Sat, 27 Nov 2021 10:01:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 382 KB
96 KB 75ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f09cfad9df9c7f67ef080fec2e2190155328a70eb1d12d2534a1bdb037c800b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97958
x-xss-protection: 0
expires: Sat, 27 Nov 2021 06:01:49 GMT

GET
H2 200 back-to-top.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/images/svg-icons/ 280 B
952 B 38ms
37ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/images/svg-icons/back-to-top.svg?yocs=F_I_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: MISS
age: 75768
x-yottaa-optimizations: ob/0 si/36118cae0e23-1630416300-1068200170 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=KZmERzm77.k9fqVxiBfAuJf2gHHr2J0DakttvTGWEJg-1637917141-0-AYaa5riDzys5B7LAuttwkwp-ylCI90P9W9w2Vucr6rIWipn2gOmW5kS5-0loLOXalw
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 280
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.654005,VS0,VE1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 26 Dec 2021 08:58:32 GMT
x-yottaa-metrics: 36218cae0e3f/[368,367,-] 36118cae0e23/[-,379.663]
accept-ranges: bytes
cf-ray: 6b41eb12b94ec2f4-FRA
x-dw-request-base-id: nKFN47ehoGEBAAB_
x-cache-hits: 1

GET
H2 200 feedback.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/images/svg-icons/ 281 B
563 B 38ms
37ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/images/svg-icons/feedback.svg?yocs=F_I_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 75768
x-yottaa-optimizations: ob/0 si/2511cc028a74-1628617520-1876930597 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 281
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.654129,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 26 Dec 2021 08:59:00 GMT
x-yottaa-metrics: 2521cc028533/[17,16,-] 2511cc028a74/[-,19.821]
accept-ranges: bytes
cf-ray: 6b41eb16b9e23afd-SJC
x-dw-request-base-id: nKHB4rOhoGEBAAB_
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cf5ecbc6fdf0be77cf51c616aab7400551c43efeff3ada55df9a2ae34873ca6

Request headers

Referer
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 282941064f69458a172fd4afde71d175e6052eef6a63affe4c2bd3e924a26712

Request headers

Referer
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
399 B 79ms
29ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b4924e63df5374f-MXP

GET
H2 200 de.svg
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/flag-icon-css/flags/4x3/ 2 KB
2 KB 10ms
10ms Image
image/svg+xml 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/flag-icon-css/flags/4x3/de.svg?yocs=F_I_
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/style.min.css?yocs=F_J_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e63dcd20adcefeea4fbefefe18aefb173cb2305f75cb73e126b4ed2ef6c5454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/css/style.min.css?yocs=F_J_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 75374
x-yottaa-optimizations: ob/0 si/33118cae0c64-1628617431-742567157 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1671
x-served-by: cache-hhn4068-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.789260,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 26 Dec 2021 09:05:35 GMT
x-yottaa-metrics: 33218cae0ca2/[29,26,-] 33118cae0c64/[-,30.834]
accept-ranges: bytes
cf-ray: 6b41f4b5ef765e8c-TPA
x-dw-request-base-id: Y9T3XDOioGEBAAB_
x-cache-hits: 1

GET
H2 200 32F818_11_0.woff2
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa897774b/fonts/ 12 KB
13 KB 8ms
8ms Font
font/woff2 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa897774b/fonts/32F818_11_0.woff2?yocs=F_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08200626ba06885c7a9e4ff3c6ccb778055d293690b5004d3d2862e779d7e9fb

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:49 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 359530
x-yottaa-optimizations: ob/0 si/3211a5fec6ea-1632928796-1451638594 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12570
x-served-by: cache-hhn4052-HHN
x-yottaa-forcecache: true, true
server: cloudflare
cache-control: public, max-age=31104000
x-timer: S1637992910.790085,VS0,VE0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-yottaa-os-host: www.elfcosmetics.com.cdn.cloudflare.net
content-type: font/woff2
access-control-allow-origin: *
expires: Thu, 23 Dec 2021 02:09:39 GMT
x-yottaa-metrics: 3221a5fec639/[55,54,-] 3211a5fec6ea/[-,57.057]
accept-ranges: bytes
cf-ray: 6b26db4e8a1c0c0b-DFW
x-dw-request-base-id: 1qYjLCDMk2EBAAB_
x-cache-hits: 2

GET
H2 200 EShopWorld-GetEswLandingPage Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 10 KB
2 KB 476ms
476ms XHR
text/html 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/EShopWorld-GetEswLandingPage
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/jquery/jquery-2.1.1.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e16ad642fe55e94b61121119ed9f0e915d35846780e4a378c645a4ad3f478e37

Request headers

Accept: */*
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/36D18cae0e68-1637779846-4005659452 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-length: 1670
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/html;charset=UTF-8
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e49/[463,460,-] 36D18cae0e68/[-,466.512]
accept-ranges: bytes
cf-ray: 6b4924e68f110601-FRA
x-dw-request-base-id: nKHkI87JoWEBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CSRF-GetToken Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
782 B 130ms
130ms Fetch
application/json 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/app.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 833e824ec97c5d3d7aa36fd2e740271492ac98942bcbefd1168e09a8f494d222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, must-revalidate
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b4924e74a9f4ab0-FRA
content-type: application/json
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e29/[119,116,-] 36D18cae0e68/[-,120.630]
x-yottaa-optimizations: ob/0 si/36D18cae0e68-1637779846-4005659458 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-dw-request-base-id: 1qZzlM7JoWEBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CSRF-GetToken Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
806 B 134ms
134ms Fetch
application/json 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/js/app.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: cc703ef63566711173aca5dd0de98e7b03343ad6f6f186dc9411aa866311434f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, must-revalidate
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b4924e779a71f31-FRA
content-type: application/json
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e2a/[119,117,-] 36D18cae0e68/[-,120.508]
x-yottaa-optimizations: ob/0 si/36D18cae0e68-1637779846-4005659459 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-dw-request-base-id: 1qZ5lM7JoWEBAAB_
x-dw-trace-id: 1qZ5lM7JoWEBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3643
date: Sat, 27 Nov 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Nov 2021 07:01:07 GMT

GET
H3

200

activityi;dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F Show response
10265292.fls.doubleclick.net/ Frame 4697
Redirect Chain

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
https://10265292.fls.doubleclick.net/activityi;dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F...

402 B
358 B

40ms
24ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10265292.fls.doubleclick.net/activityi;dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

f6f091d06ea2c44a893006d14e7ba93b595545cf62cc15b94d7e0491f0ee937e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Nov 2021 06:01:50 GMT
expires: Sat, 27 Nov 2021 06:01:50 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Nov 2021 06:01:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10265292.fls.doubleclick.net/activityi;dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3... Show response
10742279.fls.doubleclick.net/ Frame B6EB
Redirect Chain

https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=http...
https://10742279.fls.doubleclick.net/activityi;dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.e...

443 B
366 B

38ms
23ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10742279.fls.doubleclick.net/activityi;dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

3e35a9b56a0f90d166e9693fb98901fb0ad543fb15bea84300e3683993552197

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Nov 2021 06:01:50 GMT
expires: Sat, 27 Nov 2021 06:01:50 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Nov 2021 06:01:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10742279.fls.doubleclick.net/activityi;dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%... Show response
10742279.fls.doubleclick.net/ Frame F646
Redirect Chain

https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=htt...
https://10742279.fls.doubleclick.net/activityi;dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww....

444 B
367 B

31ms
25ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10742279.fls.doubleclick.net/activityi;dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

6bf1fe2a02024afbdb74f474146cc1f6c16cabefcc57051101e4d545f53e3743

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Nov 2021 06:01:50 GMT
expires: Sat, 27 Nov 2021 06:01:50 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Nov 2021 06:01:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10742279.fls.doubleclick.net/activityi;dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 4116
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D85783...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D85783...

723 B
2 KB

124ms
124ms

Document
text/html

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=913235941130103700&dcc=t

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

05478889fc005422e50fef4b79f9e5f2709b3ad995180f526664a48f5797a006

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/

Response headers

Server: Server
Date: Sat, 27 Nov 2021 06:01:50 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 723
Connection: keep-alive
x-amz-rid: YA42PSF29APPX7PY4PDE
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Sat, 27 Nov 2021 06:01:50 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: RPZS72CWDHA5GFYX264J
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=913235941130103700&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 activityi;register_conversion=1;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
10265292.fls.doubleclick.net/ 0
0 59ms
15ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10265292.fls.doubleclick.net/activityi;register_conversion=1;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.e...
10742279.fls.doubleclick.net/ 0
0 69ms
26ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10742279.fls.doubleclick.net/activityi;register_conversion=1;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww....
10742279.fls.doubleclick.net/ 0
0 68ms
25ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10742279.fls.doubleclick.net/activityi;register_conversion=1;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/1.74.0/ 187 KB
61 KB 10ms
9ms Script
application/javascript 2600:9000:2057:b200:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b200:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: f965c409829dcdb36c9dfe56b7852bd972c120f200f8dcf404e95515553e7347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 07:09:36 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:42:06 GMT
server: DYCDN
age: 1723935
etag: W/"b83bfa468d2f5657f5785b6207009d81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: YQ4p9MLBLfT_u5QsCE9r3BhJlDtR-1b_zhbuTBaxUSR7r5KsL1Or-Q==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.14.0/ 369 KB
82 KB 37ms
37ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bk+c/8JAdlTEAluR1Sm6dw==
age: 3398027
vary: Accept-Encoding
content-length: 83472
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:15 GMT
server: cloudflare
etag: 0x8D8D8E82BC311EE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4ea4c8a2-601e-0149-5c6c-c4add3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924e898e70e16-MXP

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 312ms
100ms Fetch 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=738621&msn=webserve-a92e179.use&name=User%20Session&props=undefined&uid=481885419464673741&sec=8772046&cl=dk.w.c.ws.&ses=35fffc9a8d19c94be46f32c6701f1d29&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&svars=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-3819487201830370282%22%2C%222%22%2C%223%22%5D%2C%5B%221006352%22%2C%229328013%22%2C%2224779898%22%2C0%2Cnull%2Cnull%2C%22-3819487202359844489%22%2C%220%22%2C%222%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-3819487200823372250%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-3819487203139616148%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%22-3819487200194949715%22%2C%220%22%2C%222%22%5D%5D&expSes=45868&tsrc=Direct&reqts=1637992910253&rri=5123722&geoData=DE_HE_Frankfurt%20am%20Main
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
227 B 306ms
108ms XHR
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1637992910267
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
adservice.google.com/ddm/fls/z/ Frame B6EB 42 B
494 B 57ms
30ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;dc_pre=CJn9tozvt_QCFRLl5godC74ARA;src=10742279;type=elf8j0;cat=wm_fl0;ord=1791149544815;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10742279.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
adservice.google.com/ddm/fls/z/ Frame 4697 42 B
107 B 158ms
132ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: 10265292.fls.doubleclick.net
URL: https://10265292.fls.doubleclick.net/activityi;dc_pre=CLT7tozvt_QCFTsfBgAdsdgKrA;src=10265292;type=conte0;cat=homep0;ord=4892244644897;gtm=2wgba1;auiddc=1369674498.1637992910;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10265292.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
adservice.google.com/ddm/fls/z/ Frame F646 42 B
107 B 157ms
131ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=*;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;dc_pre=CJzAt4zvt_QCFUweBgAdFswMyw;src=10742279;type=elf8j0;cat=wm_fl00;ord=8881518647003;gtm=2wgba1;auiddc=1369674498.1637992910;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;ps=1;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10742279.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp Show response
async-px.dynamicyield.com/ 0
227 B 291ms
104ms XHR
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/imp?cnst=1&msn=webserve-a92e179.use&id=481885419464673741&sec=8772046&imps%5B0%5D=dy_unit%7Csmart_object_993061%7C%7C0%7C%7C%7C&cl=dk.w.c.ws.&bl=0&l=def&p=1&sd=&rf=&trf=0&sr=1600x1200&ses=35fffc9a8d19c94be46f32c6701f1d29&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&svars=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-3819487201830370282%22%2C%222%22%2C%223%22%5D%2C%5B%221006352%22%2C%229328013%22%2C%2224779898%22%2C0%2Cnull%2Cnull%2C%22-3819487202359844489%22%2C%220%22%2C%222%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-3819487200823372250%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-3819487203139616148%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%22-3819487200194949715%22%2C%220%22%2C%222%22%5D%5D&expSes=45868&reqts=1637992909278&rri=1839110&_=1637992910279
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 288ms
103ms Fetch 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=20656&msn=webserve-a92e179.use&uid=481885419464673741&sec=8772046&t=ri&e=1006352&p=1&ve=9328013&va=%5B24779898%5D&ses=35fffc9a8d19c94be46f32c6701f1d29&expSes=45868&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-3819487202359844489&mech=0&smech=2&eri=1&tsrc=Direct&reqts=1637992909280&rri=9764028
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 imp Show response
async-px.dynamicyield.com/ 0
227 B 285ms
103ms XHR
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/imp?cnst=1&msn=webserve-a92e179.use&id=481885419464673741&sec=8772046&imps%5B0%5D=dy_unit%7Csmart_object_1058632%7C%7C0%7C%7C%7C&cl=dk.w.c.ws.&bl=0&l=def&p=1&sd=&rf=&trf=0&sr=1600x1200&ses=35fffc9a8d19c94be46f32c6701f1d29&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&svars=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-3819487201830370282%22%2C%222%22%2C%223%22%5D%2C%5B%221006352%22%2C%229328013%22%2C%2224779898%22%2C0%2Cnull%2Cnull%2C%22-3819487202359844489%22%2C%220%22%2C%222%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-3819487200823372250%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-3819487203139616148%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%22-3819487200194949715%22%2C%220%22%2C%222%22%5D%5D&expSes=45868&reqts=1637992909283&rri=1574789&_=1637992910283
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 282ms
104ms Fetch 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=684675&msn=webserve-a92e179.use&uid=481885419464673741&sec=8772046&t=ri&e=1071690&p=1&ve=9891223&va=%5B25820092%5D&ses=35fffc9a8d19c94be46f32c6701f1d29&expSes=45868&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-3819487200823372250&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1637992909287&rri=7592132
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 imp Show response
async-px.dynamicyield.com/ 0
227 B 366ms
190ms XHR
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/imp?cnst=1&msn=webserve-a92e179.use&id=481885419464673741&sec=8772046&imps%5B0%5D=dy_unit%7Csmart_object_1108960%7C%7C0%7C%7C%7C&cl=dk.w.c.ws.&bl=0&l=def&p=1&sd=&rf=&trf=0&sr=1600x1200&ses=35fffc9a8d19c94be46f32c6701f1d29&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&svars=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-3819487201830370282%22%2C%222%22%2C%223%22%5D%2C%5B%221006352%22%2C%229328013%22%2C%2224779898%22%2C0%2Cnull%2Cnull%2C%22-3819487202359844489%22%2C%220%22%2C%222%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-3819487200823372250%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-3819487203139616148%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%22-3819487200194949715%22%2C%220%22%2C%222%22%5D%5D&expSes=45868&reqts=1637992909290&rri=6377123&_=1637992910290
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 277ms
102ms Fetch 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=690478&msn=webserve-a92e179.use&uid=481885419464673741&sec=8772046&t=ri&e=1122259&p=1&ve=10259311&va=%5B26195955%5D&ses=35fffc9a8d19c94be46f32c6701f1d29&expSes=45868&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-3819487203139616148&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1637992909291&rri=9591355
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 imp Show response
async-px.dynamicyield.com/ 0
227 B 281ms
109ms XHR
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/imp?cnst=1&msn=webserve-a92e179.use&id=481885419464673741&sec=8772046&imps%5B0%5D=dy_unit%7Csmart_object_897750%7C%7C0%7C%7C%7C&cl=dk.w.c.ws.&bl=0&l=def&p=1&sd=&rf=&trf=0&sr=1600x1200&ses=35fffc9a8d19c94be46f32c6701f1d29&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&svars=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-3819487201830370282%22%2C%222%22%2C%223%22%5D%2C%5B%221006352%22%2C%229328013%22%2C%2224779898%22%2C0%2Cnull%2Cnull%2C%22-3819487202359844489%22%2C%220%22%2C%222%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-3819487200823372250%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-3819487203139616148%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%22-3819487200194949715%22%2C%220%22%2C%222%22%5D%5D&expSes=45868&reqts=1637992909293&rri=7854885&_=1637992910294
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/15917663-f7c3-49a0-b5cc-00e872d30c7d/ 103 KB
19 KB 33ms
32ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/15917663-f7c3-49a0-b5cc-00e872d30c7d/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f716eb167194e7daa9bb7ac317133986edf320a252c6c76ab5a1003788d9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Dp9gppPpisL9jFizFvHFRg==
age: 6141
vary: Accept-Encoding
content-length: 19628
x-ms-lease-status: unlocked
last-modified: Mon, 08 Mar 2021 18:23:07 GMT
server: cloudflare
etag: 0x8D8E25F38EEB060
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 148fa4ed-e01e-005c-4b16-b6291f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924e96979375d-MXP
expires: Sat, 27 Nov 2021 10:01:50 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 268 KB
37 KB 24ms
23ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3059a0e3fa60f9c17944195d96fa02de7702942d81694d8004146124cd04ce2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4uLkxsGWmgwmeZLBspYCPg==
age: 12151
vary: Accept-Encoding
content-length: 37833
x-ms-lease-status: unlocked
last-modified: Sat, 27 Nov 2021 01:00:04 GMT
server: cloudflare
etag: 0x8D9B1413F991742
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 145a6824-401e-0051-0637-e3c613000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924e9697b375d-MXP

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.14.0/ 67 KB
15 KB 24ms
24ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/otTCF.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QpNXwunMaSR9NwzUfpg/MQ==
age: 3398026
vary: Accept-Encoding
content-length: 14815
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:13 GMT
server: cloudflare
etag: 0x8D8D8E82ADA5B30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 85555823-501e-0082-6b6c-c479b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924e969c00e16-MXP

GET
H2 200 EShopWorld-GetDefaultCurrency Show response
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 75 B
728 B 138ms
137ms XHR
application/json 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/EShopWorld-GetDefaultCurrency?country=DE
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42102ae/www.elfcosmetics.com/v~4b.77/on/demandware.static/Sites-elf-us-Site/-/en_US/v1637917101260/lib/jquery/jquery-2.1.1.min.js?yocs=F_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 63f23b78ed5ad32fc941e9270f3a6cc004378205449d47e26ead468221bcec94

Request headers

Accept: */*
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, must-revalidate
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b4924e99df84e37-FRA
content-type: application/json
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e2f/[126,124,-] 36D18cae0e68/[-,127.676]
x-yottaa-optimizations: ob/0 si/36D18cae0e68-1637779846-4005659466 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-dw-request-base-id: Y9Skpc7JoWEBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 / Show response
cookies.onetrust.mgr.consensu.org/ Frame 9903 2 KB
1 KB 152ms
37ms Document
text/html 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.onetrust.mgr.consensu.org/?name=euconsent-v2&value=&expire=0&isFirstRequest=true
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CA5) /
Resource Hash: 2f61046e097d23f9c445ffbdb7cebae9e6d8bab5c8627a911473e4bfe3e3a809

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/

Response headers

content-encoding: gzip
age: 359910
content-type: text/html
date: Sat, 27 Nov 2021 06:01:50 GMT
etag: "603dd66c-908+gzip"
last-modified: Tue, 02 Mar 2021 06:08:44 GMT
server: ECAcc (mil/6CA5)
vary: Accept-Encoding
x-cache: HIT
content-length: 931

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/ 12 KB
3 KB 23ms
22ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BkZngIV1hzEthgbkouRUbA==
age: 3397884
vary: Accept-Encoding
content-length: 2832
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:04 GMT
server: cloudflare
etag: 0x8D8D8E825563082
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 855628d8-501e-0082-2a6c-c479b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924ea1a5d375d-MXP

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/ 47 KB
11 KB 24ms
23ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8jNYupXcL2bcdab+1R7CAg==
age: 3397884
vary: Accept-Encoding
content-length: 11511
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:07 GMT
server: cloudflare
etag: 0x8D8D8E827001198
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5156aaae-801e-00a9-0b6c-c40d0e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924ea1a5f375d-MXP

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/ 5 KB
2 KB 27ms
26ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d12329e0fd65159a22a6e3070ece0bc79825bdcda1357baf388818dc1756a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 27 Nov 2021 06:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W4e7wAC/mX+UZRF6VSXQ5A==
age: 3397884
vary: Accept-Encoding
content-length: 2180
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:06 GMT
server: cloudflare
etag: 0x8D8D8E826A3FDAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 34ed6a2a-301e-0077-166c-c45da7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4924ea1a60375d-MXP

POST
H2 200 batch
async-px.dynamicyield.com/ 0
228 B 314ms
104ms Ping
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1637992910416_283673
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
227 B 395ms
106ms XHR
text/plain 52.86.69.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.69.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-69-130.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
228 B 392ms
104ms XHR
text/plain 52.86.69.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.69.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-69-130.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 1706 5 KB
6 KB 110ms
110ms Document
text/html 209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=913235941130103700&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a643f0a5e11f5d88494390f1e8a8aab5a51c2d51791bcaa5ea715bc4a6746267

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7c47b8bb-e11b-0720-eec5-8b2566f84002%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.elfcosmetics.com/&ex-hargs=v%3D1.0%3Bc%3D8578348900501%3Bp%3D7C47B8BB-E11B-0720-EEC5-8B2566F84002&cb=913235941130103700&dcc=t

Response headers

Server: Server
Date: Sat, 27 Nov 2021 06:01:50 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5215
Connection: keep-alive
x-amz-rid: 0A6X2APWTJSQD79T30N1
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

POST
H2 200 Api-SetTrackingAllowed
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0 403ms
403ms Fetch
text/html 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetTrackingAllowed
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:51 GMT
cf-cache-status: DYNAMIC
age: 0
x-yottaa-optimizations: ob/1000 si/36D18cae0e68-1637779846-4005659476 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=eIhzUb1K3VR6FtxALTHIqQ4piLqFvx6EdtChiW9M31g-1637992911-0-ATY_OKgBwGyFyVWhYpiqrIq9Z-S4bCRGyaibAFz5YMOQctoig-uPcyPHrqfdKFcz2Q
content-length: 0
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e37/[392,390,-] 36D18cae0e68/[-,393.700]
accept-ranges: bytes
cf-ray: 6b4924eb5c930625-FRA
x-dw-request-base-id: nKEBJM7JoWEBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 Api-SetCookieData
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0 150ms
149ms Fetch
text/html 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetCookieData
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, must-revalidate
age: 0
x-yottaa-optimizations: ob/1000 si/36D18cae0e68-1637779846-4005659477 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
x-yottaa-os: 200
x-yottaa-metrics: 36218cae0e38/[139,137,-] 36D18cae0e68/[-,140.107]
accept-ranges: bytes
cf-ray: 6b4924eb5bf62c56-FRA
x-dw-request-base-id: 1qaXlM7JoWEBAAB_
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=164971003983000039412&ex=neustar.biz

43 B
556 B

107ms
107ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=164971003983000039412&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NS3RXJSC1NHAQV1NS97S
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=164971003983000039412&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=42b83d2e2d87c75d64a6fbe71b178a50

43 B
556 B

280ms
109ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=42b83d2e2d87c75d64a6fbe71b178a50

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7M6M5S4CSK6Q5GPJ4C6X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=42b83d2e2d87c75d64a6fbe71b178a50
Date: Sat, 27 Nov 2021 06:01:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
556 B

195ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6V3WNZ2R8GWN2QSG22KX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Date: Sat, 27 Nov 2021 06:01:50 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=fhi870fHT36q23jvCHeF2A
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=fhi870fHT36q23jvCHeF2A&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=fhi870fHT36q23jvCHeF2A

43 B
556 B

302ms
105ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=fhi870fHT36q23jvCHeF2A

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CY03Z0TZEHMCNZWCRWHG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=fhi870fHT36q23jvCHeF2A
date: Sat, 27 Nov 2021 06:01:50 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP8377c6e6-4f47-11ec-8d6b-064b2a596d3a
https://s.amazon-adsystem.com/ecm3?id=a455b9d3d5f2be43204b531344fcc3aa3a6e8f0a&ex=aoldisplay.com

43 B
556 B

312ms
109ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=a455b9d3d5f2be43204b531344fcc3aa3a6e8f0a&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 00YQG2Q12EK8HAPDTTNS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=a455b9d3d5f2be43204b531344fcc3aa3a6e8f0a&ex=aoldisplay.com
date: Sat, 27 Nov 2021 06:01:50 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56d6838-b2ad-4ac4-81b8-63381d08b9bb

43 B
556 B

259ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56d6838-b2ad-4ac4-81b8-63381d08b9bb

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GY4VRAR7365T4YY9JNF8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Sat, 27 Nov 2021 06:01:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56d6838-b2ad-4ac4-81b8-63381d08b9bb

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 1706 43 B
183 B 308ms
97ms Image
image/gif 2600:1f18:612b:4264:c62f:533:271f:3e7e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:c62f:533:271f:3e7e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 1706 0
0 117ms
32ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 1706 731 B
731 B 57ms
35ms Image
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b4924ecb98c43b8-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=c438eea3ff45ae5c7bf5eaac40729eb2&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

151ms
109ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=c438eea3ff45ae5c7bf5eaac40729eb2&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BQ983JEAQ8SKEXS1R3J5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=c438eea3ff45ae5c7bf5eaac40729eb2&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1637992910757055-416
Expires: Sat, 27 Nov 2021 06:01:50 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

171ms
103ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YZHBJKE04Y8ZAJSGV6SX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 27 Nov 2021 06:01:51 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=ZSF1W5Y4J501R6M94N4B:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: ZSF1W5Y4J501R6M94N4B
strict-transport-security: max-age=31536000; includeSubDomains
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-robots-tag: none
x-amz-cf-id: kUTfWd4GFN51liNUPTxNIAN9PFlrjfX6_dBUlsQ81iYzXNW9zsfUbg==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1706 0
338 B 562ms
187ms Image
text/plain 52.43.99.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=cPbG4k1jSdaweb3LUiltfw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.99.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-99-216.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:51 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1637992911
x-served-by: beacon-n013-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 1706 0
263 B 425ms
102ms Image
text/plain 52.7.69.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.69.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-69-238.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e8538b374c8d58d5

43 B
556 B

109ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e8538b374c8d58d5

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CDHRCMZ8786N6NQJ8JR4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e8538b374c8d58d5
date: Sat, 27 Nov 2021 06:01:51 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=1053074&nid=2179&put=OA-JKwdZT-6OmbFzePafIw&next=https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT

43 B
556 B

109ms
109ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XQ5S5WTXNSSBK1875W3D
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=bzpGaePZQLi4rSgrjAVY9w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=bzpGaePZQLi4rSgrjAVY9w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28192684375916061233144925236944600852

43 B
556 B

108ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28192684375916061233144925236944600852

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7XF0FYP4SPJECK2KC4T1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v020-055a54fbe.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: +U/PLhNPS50=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28192684375916061233144925236944600852
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=IZycIkqCTzW0BYZThCQP1g
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811453856735886981&gdpr=&gdpr_consent=

43 B
556 B

107ms
107ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811453856735886981&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T6GEXY4N93MH9V72FQFX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:51 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811453856735886981&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 1706 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5508123615336936465

43 B
556 B

108ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5508123615336936465

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9BKVEZWBNZ0A769FJ6B8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:51 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5508123615336936465
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=83b57c24-4f47-11ec-b483-155da6fd0106
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=83b57be6-4f47-11ec-b483-155da6fd0106

43 B
556 B

107ms
107ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=83b57be6-4f47-11ec-b483-155da6fd0106

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DPNFYCYRX4DVMGRB187B
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 27 Nov 2021 06:01:51 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=83b57be6-4f47-11ec-b483-155da6fd0106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 114
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22096a0f90-edb5-41cc-996c-0e2bf904981d%22,%22Time%22:%2220211127T010151.247814%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=096a0f90-edb5-41cc-996c-0e2bf904981d

43 B
556 B

109ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=096a0f90-edb5-41cc-996c-0e2bf904981d

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H4E03Z0G2AA3126JG7Z0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=096a0f90-edb5-41cc-996c-0e2bf904981d
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEG9RDzPTcWLq711ssbQiVTo&google_cver=1

43 B
556 B

113ms
113ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEG9RDzPTcWLq711ssbQiVTo&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KQ6457G2VMRXFSBXKHJA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEG9RDzPTcWLq711ssbQiVTo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1706
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
337 B

186ms
186ms

Image
text/plain

52.43.99.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: H2
Server: 52.43.99.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-99-216.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:51 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1637992911
x-served-by: beacon-n005-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Sat, 27 Nov 2021 06:01:51 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3dec8efaa58c56740edc14cc83f4cfa2

43 B
556 B

109ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3dec8efaa58c56740edc14cc83f4cfa2

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MEQTGMVYJYR1885YGBGG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 27 Nov 2021 06:01:51 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3dec8efaa58c56740edc14cc83f4cfa2
content-length: 108
x-amz-cf-id: fTu4Y2ESUjRiFjQJRxZ6l61EAPdzeBdjBqRhZYBp035jxHpKqWuhpA==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 1706 43 B
306 B 44ms
24ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:51 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KPP-_xy6E99bYIBRDB6xyjc4dMA4ZgAC

43 B
556 B

109ms
109ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KPP-_xy6E99bYIBRDB6xyjc4dMA4ZgAC

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S5GQRMZ6DZNXZ960DQ0A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KPP-_xy6E99bYIBRDB6xyjc4dMA4ZgAC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Sat, 27 Nov 2021 06:01:51 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=69C626B61AC8CD7A

43 B
556 B

108ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=69C626B61AC8CD7A

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M0NG560G4WQDP7XX45Z5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:50 GMT
frontend-id: 6
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=69C626B61AC8CD7A
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=8984056146705041727&ex=appnexus.com

43 B
556 B

108ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8984056146705041727&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VSABGZJ8S69FJ5ZM9TQ4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
X-Proxy-Origin: 185.232.23.179; 185.232.23.179; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f19494a9-48c7-418b-be56-69cc36d071d7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=8984056146705041727&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=gwRiGrg9rJVyl1F8y_FSlMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
556 B

109ms
109ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=gwRiGrg9rJVyl1F8y_FSlMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: K8FAZ9T61YX70XXZE2P5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=gwRiGrg9rJVyl1F8y_FSlMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=bhngCkzJTGSkoNVtbkLp9g&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

105ms
104ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6EMW0P7HE1MP6PR441MP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 1706 0
324 B 96ms
29ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cPbG4k1jSdaweb3LUiltfw&ex-pl-n-g-hmt=bhngCkzJTGSkoNVtbkLp9g&ep=DvmjCSyxS0N2ecmRSatxTAFgczBSUP7_kjzv7RCQDdjIYcu4n1OW9U1LpdLIVvK4cFiOsFeLbOTx7RUgKbtuF_9AYr1DX_hN2KH9L1LkFvN8YEa8VNM0zVh6nCzg3diFblfetSpSHtf0H_qDgJ37oX6EFGFaLmuHb7hVt1jCUo6BQ0Wpb1B8MexSLbjECFveosQZL0ijj-J-lGpt4S_V-g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:01:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET /
lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/ Frame 1706 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-yAmy0Pd1l2PMTAqsy1FvlCfmeWmU_8I-

43 B
556 B

108ms
108ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-yAmy0Pd1l2PMTAqsy1FvlCfmeWmU_8I-

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SMCMXKK59ZNBZHB0XMWH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-yAmy0Pd1l2PMTAqsy1FvlCfmeWmU_8I-
date: Sat, 27 Nov 2021 06:01:51 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9b97f11e5cd935cda601241815ee8b7a57ce46f8d355c2dd5494c33795a02cf7

43 B
556 B

106ms
105ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9b97f11e5cd935cda601241815ee8b7a57ce46f8d355c2dd5494c33795a02cf7

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 22JN7CCQVJDFHGWQ5N33
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:51 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9b97f11e5cd935cda601241815ee8b7a57ce46f8d355c2dd5494c33795a02cf7
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=21AF0298-45CF-42E3-8FF3-336C1B9B819C

43 B
556 B

110ms
110ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=21AF0298-45CF-42E3-8FF3-336C1B9B819C

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SRVAV9FB0DV4X1FMDRRB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=21AF0298-45CF-42E3-8FF3-336C1B9B819C
date: Sat, 27 Nov 2021 06:01:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1706
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=3abcc7dc-27b6-4a50-bcab-8f249b1648e9-tuct89b4f4f

43 B
556 B

106ms
105ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=3abcc7dc-27b6-4a50-bcab-8f249b1648e9-tuct89b4f4f

Requested by

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:01:51 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2A2H2HQ4PWDF7MCHBERA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=3abcc7dc-27b6-4a50-bcab-8f249b1648e9-tuct89b4f4f
date: Sat, 27 Nov 2021 06:01:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8428

GET
H2 200 _HP_HOLIDAY_D_A_V2_short.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw1d143d6a/homepage/2021/10/holiday/HP/ 394 KB
395 KB 14ms
12ms Image
image/jpeg 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw1d143d6a/homepage/2021/10/holiday/HP/_HP_HOLIDAY_D_A_V2_short.jpg
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 165ae13cc6bbc1c15cb98369c10a65cc54d040cd18b4928d9f1fecccb91d5581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Sat, 27 Nov 2021 06:01:51 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 654643
x-yottaa-optimizations: ob/101 si/36D18cae0e68-1637300056-6545947313 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e40/[12,-,1637332909640] 36D18cae0e68/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 6b0a339cedd16943-FRA
x-dw-request-base-id: Y9R34UrxlmEBAAB_
content-length: 403043
expires: Sun, 19 Dec 2021 00:54:54 GMT

GET
H2 200 _NOV_NEW_ARRIVALS_D_A.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa26bda9f/homepage/2021/11/ 97 KB
98 KB 18ms
17ms Image
image/jpeg 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa26bda9f/homepage/2021/11/_NOV_NEW_ARRIVALS_D_A.jpg
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 75f5a1cf09e19f2b16cb9e64d216972580e92a3375f2189f7cb431186703b3ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Sat, 27 Nov 2021 06:01:51 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 656116
x-yottaa-optimizations: ob/101 si/36D18cae0e68-1637300056-6545937214 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e29/[7,-,1637331731340] 36D18cae0e68/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 6b0a16d8b84a4a68-FRA
x-dw-request-base-id: nKFZQzjplmEBAAB_
content-length: 99717
expires: Sun, 19 Dec 2021 14:19:50 GMT

GET
H2 200 _HP_HOLIDAY_D_B_V2_short.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw998d180f/homepage/2021/10/holiday/HP/ 228 KB
229 KB 16ms
15ms Image
image/jpeg 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw998d180f/homepage/2021/10/holiday/HP/_HP_HOLIDAY_D_B_V2_short.jpg
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 450824d7881be931fb7535e7e39051732fbf9c5f1c19c3cd0c4bedf0f00809df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Sat, 27 Nov 2021 06:01:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 660255
x-yottaa-optimizations: ob/11 si/36D18cae0e68-1637300056-6545904158 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e29/[1,-,1637332009413] 36D18cae0e68/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 6b0a1da2ab960625-FRA
x-dw-request-base-id: Y9Tt2sWyl2EBAAB_
content-length: 233486
expires: Sun, 19 Dec 2021 14:25:30 GMT

GET
H2 200 _NOV_NEW_ARRIVALS_D_B.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwc61626db/homepage/2021/11/ 213 KB
214 KB 25ms
25ms Image
image/jpeg 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwc61626db/homepage/2021/11/_NOV_NEW_ARRIVALS_D_B.jpg
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 3a0f3d9a4dcb7c133f687c1ebf91bc9d4a2a44620ff605c754b0f60de9604323

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Sat, 27 Nov 2021 06:01:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 661176
x-yottaa-optimizations: ob/101 si/36D18cae0e68-1637300056-6545870299 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e3b/[3707,-,1637313631595] 36D18cae0e68/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 6b085cf55a4d5cb0-FRA
x-dw-request-base-id: nKGtTsbplmEBAAB_
content-length: 218024
expires: Sun, 19 Dec 2021 09:20:31 GMT

GET
H2 200 _HP_HOLIDAY_D_C_V2_short.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwe029adf5/homepage/2021/10/holiday/HP/ 57 KB
58 KB 12ms
11ms Image
image/jpeg 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwe029adf5/homepage/2021/10/holiday/HP/_HP_HOLIDAY_D_C_V2_short.jpg
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 49e77b068697853822d895931300a2ecd038b9ceb8fa057b234eaae06521c57d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Sat, 27 Nov 2021 06:01:54 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 656116
x-yottaa-optimizations: ob/11 si/36D18cae0e68-1637300056-6545937235 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e3b/[2,-,1637332659888] 36D18cae0e68/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 6b0a2d843fdc5c4a-FRA
x-dw-request-base-id: 1qbQYBizl2EBAAB_
content-length: 58335
expires: Sun, 19 Dec 2021 14:37:39 GMT

GET
H2 200 _NOV_NEW_ARRIVALS_D_C.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwf98ebe03/homepage/2021/11/ 201 KB
202 KB 14ms
14ms Image
image/jpeg 140.174.14.104
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwf98ebe03/homepage/2021/11/_NOV_NEW_ARRIVALS_D_C.jpg
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.174.14.104 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 49eb4df6656af5ebe8e2d247ceab5bcd40508803c2ec88ab7353493cc4ae98e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-yottaa-forcecache: true
date: Sat, 27 Nov 2021 06:01:54 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 661174
x-yottaa-optimizations: ob/101 si/36D18cae0e68-1637300056-6545870546 tts/1636577970943 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 36218cae0e2b/[6208,-,1637309443266] 36D18cae0e68/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 6b07f6b42bf342e1-FRA
x-dw-request-base-id: 1qaxv8jplmEBAAB_
content-length: 206268
expires: Sun, 19 Dec 2021 08:10:43 GMT

GET
H2 200 imp Show response
async-px.dynamicyield.com/ 0
227 B 100ms
100ms XHR
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/imp?cnst=1&msn=webserve-a92e179.use&id=481885419464673741&sec=8772046&imps%5B0%5D=dy_unit%7Csmart_object_773704%7C%7C0%7C%7C%7C&cl=dk.w.c.ws.&bl=0&l=def&p=1&sd=&rf=&trf=0&sr=1600x1200&ses=35fffc9a8d19c94be46f32c6701f1d29&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&svars=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-3819487201830370282%22%2C%222%22%2C%223%22%5D%2C%5B%221006352%22%2C%229328013%22%2C%2224779898%22%2C0%2Cnull%2Cnull%2C%22-3819487202359844489%22%2C%220%22%2C%222%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-3819487200823372250%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-3819487203139616148%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%22-3819487200194949715%22%2C%220%22%2C%222%22%5D%2C%5B%22787993%22%2C%227471619%22%2C%2220117319%22%2C0%2Cnull%2Cnull%2C%22-3819487200760596817%22%2C%221%22%2Cnull%5D%5D&expSes=45868&reqts=1637992913606&rri=8416214&_=1637992914608
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:54 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 dpx
async-px.dynamicyield.com/ 0
0 103ms
102ms Fetch 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/dpx?cnst=1&_=964574&msn=webserve-a92e179.use&name=HP_Visit&props=%7B%7D&uid=481885419464673741&sec=8772046&cl=dk.w.c.ws.&ses=35fffc9a8d19c94be46f32c6701f1d29&l=def&p=1&sd=&rf=&trf=0&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&svars=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&exps=%5B%5B%22670731%22%2C%228988868%22%2C%2218038713%22%2C0%2Cnull%2Cnull%2C%22-3819487201830370282%22%2C%222%22%2C%223%22%5D%2C%5B%221006352%22%2C%229328013%22%2C%2224779898%22%2C0%2Cnull%2Cnull%2C%22-3819487202359844489%22%2C%220%22%2C%222%22%5D%2C%5B%221071690%22%2C%229891223%22%2C%2225820092%22%2C0%2Cnull%2Cnull%2C%22-3819487200823372250%22%2C%221%22%2Cnull%5D%2C%5B%221122259%22%2C%2210259311%22%2C%2226195955%22%2C0%2Cnull%2Cnull%2C%22-3819487203139616148%22%2C%221%22%2Cnull%5D%2C%5B%22912117%22%2C%228373984%22%2C%2222074769%22%2C0%2Cnull%2Cnull%2C%22-3819487200194949715%22%2C%220%22%2C%222%22%5D%2C%5B%22787993%22%2C%227471619%22%2C%2220117319%22%2C0%2Cnull%2Cnull%2C%22-3819487200760596817%22%2C%221%22%2Cnull%5D%5D&expSes=45868&tsrc=Direct&reqts=1637992913641&rri=4334076&geoData=DE_HE_Frankfurt%20am%20Main
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:54 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 100ms
100ms Fetch 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=856616&msn=webserve-a92e179.use&uid=481885419464673741&sec=8772046&t=ri&e=787993&p=1&ve=7471619&va=%5B20117319%5D&ses=35fffc9a8d19c94be46f32c6701f1d29&expSes=45868&aud=1092373.1167402.1232212.1324059.1426804.1443347.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-3819487200760596817&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1637992913646&rri=3691343
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:54 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

POST
H2 200 batch
async-px.dynamicyield.com/ 0
227 B 105ms
105ms Ping
text/plain 52.45.39.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1637992914672_134861
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.74.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.39.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-39-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:01:54 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Domain: lciapi.ninthdecimal.com
URL: https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: c_otZBAbVcd0rrg6X7yemNIVcQCznFsIzFM
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
www.elfcosmetics.com/	1970-01-20 03:19:04	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: abpVEzBTVQh13AyvmYPS7ixdoi
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: abpVEzBTVQh13AyvmYPS7ixdoi
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: DE
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: tEaQtPnJWoSoREMvYNy3sBWpzNBaTlRLELkbjpbgAbcasswqMvVhh4Oc8hbm7BNd3BzhlkhopOX43-lCdAgFHA==
.elfcosmetics.com/	1970-01-19 22:59:54	Name: _dyjsession Value: 82jt9owhs1x33x7k2c3fkgxhxauqjo97
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.elfcosmetics.com
.elfcosmetics.com/	1970-01-19 22:59:55	Name: _dy_csc_ses Value: 82jt9owhs1x33x7k2c3fkgxhxauqjo97
.elfcosmetics.com/	1970-01-19 23:43:04	Name: _dy_c_exps Value:
.dynamicyield.com/	1970-01-20 07:45:28	Name: DYID Value: 481885419464673741
.elfcosmetics.com/	1970-01-20 01:09:28	Name: _gcl_au Value: 1.1.1369674498.1637992910
.elfcosmetics.com/	1970-01-19 23:43:04	Name: _dycnst Value: dg
.doubleclick.net/	1970-01-20 08:21:28	Name: IDE Value: AHWqTUmPxAL7Rae2GLZcFGWrGYtjv14PXqchbKxi60gPWH0P-3Qm3ypl-HTBcvOggms
.elfcosmetics.com/	1970-01-20 16:31:04	Name: _ga Value: GA1.2.1127744505.1637992910
.elfcosmetics.com/	1970-01-19 23:01:19	Name: _gid Value: GA1.2.1359822498.1637992910
.elfcosmetics.com/	1970-01-19 23:43:04	Name: _dyid Value: 481885419464673741
.elfcosmetics.com/	1969-12-31 23:59:59	Name: _dyfs Value: 1637992910238
.elfcosmetics.com/	1970-01-19 23:43:04	Name: _dycst Value: dk.w.c.ws.
.elfcosmetics.com/	1970-01-19 23:43:04	Name: _dy_geo Value: DE.EU.DE_HE.DE_HE_Frankfurt%20am%20Main
.elfcosmetics.com/	1970-01-19 23:43:04	Name: _dy_df_geo Value: Germany..Frankfurt%20am%20Main
.elfcosmetics.com/	1970-01-19 23:43:04	Name: _dy_toffset Value: -1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.Landing.Played Value: true
www.elfcosmetics.com/	1970-01-20 07:45:49	Name: _dyid_server Value: 481885419464673741
.amazon-adsystem.com/	1970-01-20 04:10:55	Name: ad-id Value: A6g9ieqynk8osj7hpxdgEng
.amazon-adsystem.com/	1970-01-21 19:39:43	Name: ad-privacy Value: 0
.elfcosmetics.com/	1970-01-20 07:45:28	Name: OptanonConsent Value: isIABGlobal=true&datestamp=Sat+Nov+27+2021+06%3A01%3A50+GMT%2B0000+(GMT)&version=6.14.0&hosts=&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK42%3A0
.agkn.com/	1970-01-20 07:45:28	Name: ab Value: 0001%3AqxnhSnBR5hcRvHa36oa7giT%2BmgV%2F4pNH
.bidswitch.net/	1970-01-20 07:45:28	Name: tuuid Value: efbfdba1-7729-4ba7-bdb3-b925a86265b0
.bidswitch.net/	1970-01-20 07:45:28	Name: c Value: 1637992910
.bidswitch.net/	1970-01-20 07:45:28	Name: tuuid_lu Value: 1637992910
.advertising.com/	1970-01-20 07:46:55	Name: APID Value: UP8377c6e6-4f47-11ec-8d6b-064b2a596d3a
.yahoo.com/	1970-01-20 07:45:50	Name: A3 Value: d=AQABBM7JoWECEFyOtf37F2s9dRRI-B6nBBAFEgEBAQEbo2GrYQAAAAAA_eMAAA&S=AQAAAtBPcfoVqj8zvYL4HEf2YHA
.zeotap.com/	1970-01-20 07:45:28	Name: zc Value: 1b0374db-ff3a-46d8-4e04-5c1f0910af86
.zeotap.com/	1970-01-19 23:01:19	Name: zsc Value: 7%D5%EC%A9%D1%F1%2A%A8%3F%91%0F%A0%E2Y%5E%AE%23%AAq%7C%0E%94%F9pH.Z+F%11v%25%DE.%21%21%3A%19%B4l%03%A8%EE%A2%13%5Do%B2%21%87Bw%19%23%AA%DF%8C%01%B8e%8BN7SX%2B%EFr9%C8%A8%C2%9E%FEV%E7R%06%B1%A8AA%88%13%96%E7
.myvisualiq.net/	1970-01-20 16:31:04	Name: tuuid Value: f56d6838-b2ad-4ac4-81b8-63381d08b9bb
.myvisualiq.net/	1970-01-20 16:31:04	Name: c Value: 1637992910
.myvisualiq.net/	1970-01-20 16:31:04	Name: tuuid_lu Value: 1637992910
ads.stickyadstv.com/	1970-01-19 23:43:04	Name: UID Value: c438eea3ff45ae5c7bf5eaac40729eb2
ads.stickyadstv.com/	1970-01-19 23:20:02	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: d038eed42a7a6cea13d2ffd6eb9d518
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP8377c6e6-4f47-11ec-8d6b-064b2a596d3a
.yahoo.com/	1970-01-19 23:01:19	Name: APIDTS Value: 1637992910
.mookie1.com/	1970-01-20 08:28:40	Name: id Value: 10811453856735886981
.mookie1.com/	1970-01-20 08:28:40	Name: mdata Value: 1\|10811453856735886981\|1637992911232
.mookie1.com/	1970-01-20 08:28:40	Name: ov Value: c80a3c04e49376d3de420b757f2ff582
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1637974911_1
.serving-sys.com/	1970-01-20 01:09:10	Name: u2 Value: 096a0f90-edb5-41cc-996c-0e2bf904981d4Ee060
.spotxchange.com/	1970-01-20 07:45:32	Name: audience Value: 83b57be6-4f47-11ec-b483-155da6fd0106
.adform.net/	1970-01-19 23:43:04	Name: C Value: 1
.demdex.net/	1970-01-20 03:19:04	Name: demdex Value: 28192684375916061233144925236944600852
.adform.net/	1970-01-20 00:26:16	Name: uid Value: 5508123615336936465
.dpm.demdex.net/	1970-01-20 03:19:04	Name: dpm Value: 28192684375916061233144925236944600852
ads.samba.tv/	1970-01-20 08:28:40	Name: sambapxid Value: e8538b374c8d58d5
.scorecardresearch.com/	1970-01-20 16:16:40	Name: UID Value: 1OSLSBEZGJGX7XHORRKCPZg1637992911
.adnxs.com/	1970-01-20 01:09:28	Name: uuid2 Value: 8984056146705041727
.casalemedia.com/	1970-01-20 07:45:28	Name: CMID Value: YaHJz0yOWacrMsNldXvf-wAA
.casalemedia.com/	1970-01-20 01:09:28	Name: CMPS Value: 5206
.krxd.net/	1970-01-20 03:19:04	Name: _kuid_ Value: OgZuFdj_
.analytics.yahoo.com/	1970-01-20 07:46:55	Name: IDSYNC Value: "17ki~21ri:18zd~21ri"
.casalemedia.com/	1970-01-20 01:09:28	Name: CMPRO Value: 1191
.casalemedia.com/	1970-01-19 23:01:19	Name: CMST Value: YaHJz2Ghyc8A
.ispot.tv/	1970-01-20 16:31:04	Name: pt Value: v2:9b97f11e5cd935cda601241815ee8b7a57ce46f8d355c2dd5494c33795a02cf7\|659054f4a1b6502c7180c62285f9adcc46432f93a8b3bf83016f5dd68bb7be26
.semasio.net/	1970-01-20 07:45:28	Name: SEUNCY Value: 69C626B61AC8CD7A
.pubmatic.com/	1970-01-19 23:01:19	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:09:28	Name: KADUSERCOOKIE Value: 21AF0298-45CF-42E3-8FF3-336C1B9B819C
.taboola.com/	1970-01-20 07:45:28	Name: t_gid Value: 3abcc7dc-27b6-4a50-bcab-8f249b1648e9-tuct89b4f4f
.elfcosmetics.com/	1970-01-20 07:45:28	Name: _dy_soct Value: 523758.993061.1637992909548957.1058632.1637992909574805.1108960.1637992909.82jt9owhs1x33x7k2c3fkgxhxauqjo97388568.656354.1637992909437629.773704.1637992914

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10265292.fls.doubleclick.net
10742279.fls.doubleclick.net
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
amazon.partners.tremorhub.com
async-px.dynamicyield.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn-fsly.yottaa.net
cdn.cookielaw.org
cdn.cquotient.com
cdn.dynamicyield.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cookies.onetrust.mgr.consensu.org
dpm.demdex.net
eyeslipsface.com
geolocation.onetrust.com
ib.adnxs.com
image6.pubmatic.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
odr.mookie1.com
pi.ispot.tv
pixel.advertising.com
pixel.rubiconproject.com
px.dynamicyield.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
sb.scorecardresearch.com
spl.zeotap.com
ssum-sec.casalemedia.com
st.dynamicyield.com
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
www.elfcosmetics.com
www.google-analytics.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
lciapi.ninthdecimal.com
px.surveywall-api.survata.com
104.111.215.191
13.32.21.156
13.35.253.75
140.174.14.104
141.226.228.48
142.250.184.194
143.204.201.234
151.101.130.132
151.101.130.133
18.185.142.87
18.198.149.87
18.214.152.153
185.33.220.216
185.64.190.78
185.94.180.125
2.18.234.21
2.18.234.233
209.54.180.144
212.82.100.182
216.58.212.166
2600:1f18:612b:4264:c62f:533:271f:3e7e
2600:9000:2057:b200:a:b89d:a6c0:93a1
2600:9000:211e:5800:15:ad21:c740:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b844
2606:4700:10::ac43:db6
2606:4700::6810:5614
2606:4700::6810:9540
2a00:1450:4001:803::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200e
3.125.86.125
3.125.90.12
3.126.56.137
34.254.143.3
34.98.67.61
35.244.159.8
37.157.3.30
52.206.55.189
52.28.77.219
52.30.224.0
52.43.99.216
52.45.39.231
52.7.69.238
52.86.239.241
52.86.69.130
69.173.144.139
69.173.144.165
77.243.60.138
96.45.83.226
020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84
0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca
05478889fc005422e50fef4b79f9e5f2709b3ad995180f526664a48f5797a006
08200626ba06885c7a9e4ff3c6ccb778055d293690b5004d3d2862e779d7e9fb
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
165ae13cc6bbc1c15cb98369c10a65cc54d040cd18b4928d9f1fecccb91d5581
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
282941064f69458a172fd4afde71d175e6052eef6a63affe4c2bd3e924a26712
2d54e4838c792b821f3e49b6e6943b18ca5012e9c89929e35fe77d171bac0092
2f61046e097d23f9c445ffbdb7cebae9e6d8bab5c8627a911473e4bfe3e3a809
3059a0e3fa60f9c17944195d96fa02de7702942d81694d8004146124cd04ce2c
3518663cd0fca8dcca20fc762b1ebd8d1456c0b55663b50dd7ba3893f75a1aa4
3729954d37fd0ec1bd9931040ccb05b4701814543d09935fd7df676ce7d18245
3a0f3d9a4dcb7c133f687c1ebf91bc9d4a2a44620ff605c754b0f60de9604323
3cf5ecbc6fdf0be77cf51c616aab7400551c43efeff3ada55df9a2ae34873ca6
3e35a9b56a0f90d166e9693fb98901fb0ad543fb15bea84300e3683993552197
3e822f7595f153f3d581083bb4905405922ff709d5ad2fd41613381cd37350b0
3f09cfad9df9c7f67ef080fec2e2190155328a70eb1d12d2534a1bdb037c800b
400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b
450824d7881be931fb7535e7e39051732fbf9c5f1c19c3cd0c4bedf0f00809df
49e77b068697853822d895931300a2ecd038b9ceb8fa057b234eaae06521c57d
49eb4df6656af5ebe8e2d247ceab5bcd40508803c2ec88ab7353493cc4ae98e0
4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9
4d12329e0fd65159a22a6e3070ece0bc79825bdcda1357baf388818dc1756a00
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e63dcd20adcefeea4fbefefe18aefb173cb2305f75cb73e126b4ed2ef6c5454
5e67c769154825939a745f7d9c858f77c5b82cb606e2b09d49251f75bc3f47a1
5e6edf73420e3ec6ff11b42475f398336adc7d2556a4f851d4333c94f77f873a
6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf
63f23b78ed5ad32fc941e9270f3a6cc004378205449d47e26ead468221bcec94
63fb4fb1496109c262bffcb71069a74b6536aa0264cee6eed795cb11b59d895f
67f716eb167194e7daa9bb7ac317133986edf320a252c6c76ab5a1003788d9f8
6b6b34e69f08fb2fb269c0affa0b91f979eacc9df506d06fcc670e0601f23784
6bf1fe2a02024afbdb74f474146cc1f6c16cabefcc57051101e4d545f53e3743
70e9ab1b549587e35b22baeff17c9ecea3072edae5840119d15b159954f9bd53
75f5a1cf09e19f2b16cb9e64d216972580e92a3375f2189f7cb431186703b3ba
779f01423743a212aeaf28410cb5b96651c7efdf7ad67cec26cdb698f640475c
80829113dba6c8956dbe5e04793b276e43fb5c51e978312574892514fd1f3d50
833e824ec97c5d3d7aa36fd2e740271492ac98942bcbefd1168e09a8f494d222
84d61e8bb73709467c15046eed340cb59608271f3d1f2f4bd994b3788d53775c
868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
929638561e70c94bfcabf6449bd920541f4e8b4c682e5ac16804270e1499fe12
96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585
9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5846e05e8d46e767ba38455f994b0db4e465847f9aa24fe590aebaa7c82fc86
a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f
a643f0a5e11f5d88494390f1e8a8aab5a51c2d51791bcaa5ea715bc4a6746267
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ad3a30e9a818e22c8f16792348125f8ef1dd28bc20c1d12e23c163c2cd5be07c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfd207f246332f799f67b42ecd2dfad35976564aee935ab32ec3de19ff66bf59
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5
cc703ef63566711173aca5dd0de98e7b03343ad6f6f186dc9411aa866311434f
cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629
cd9f94b5a9b5f72ce0369f337890f9cd0c79bd344304b2a33adbab9109219fc7
ce05a24626eff149afa9e83072faa33030363d54ea26c1a70c93dd6d0925563d
d2d2b2b16ae39edf7177cf2cbe12214897873e33bf6c0bb0133f8a23791c9ec0
de065165586f53c2ba9d4f64608cdd951d6c97787a51130594666f6e7c44c80b
e16ad642fe55e94b61121119ed9f0e915d35846780e4a378c645a4ad3f478e37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa
e9320fb9cf32f0763c597acec29a63ffb220d538acd75e75b47e2029258c4471
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868
f2ca16184a18e96701a6bfe86b5233d7702c64f0594ca7d184c06bd79164ded4
f36c44bc84b94a5ae0dd5fe6fc014df9fa5ad4c0e4ce2ef8d818f18853ab9b4c
f6f091d06ea2c44a893006d14e7ba93b595545cf62cc15b94d7e0491f0ee937e
f965c409829dcdb36c9dfe56b7852bd972c120f200f8dcf404e95515553e7347

www.elfcosmetics.com Open in urlscan Pro 140.174.14.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

129 Requests

78 %HTTPS

22 %IPv6

44 Domains

53 Subdomains

24 IPs

6 Countries

3697 kBTransfer

7310 kBSize

72 Cookies

14 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.elfcosmetics.com Open in urlscan Pro
140.174.14.104 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

78 %
HTTPS

22 %
IPv6

44
Domains

53
Subdomains

24
IPs

6
Countries

3697 kB
Transfer

7310 kB
Size

72
Cookies

129 HTTP transactions
3 data transactions