cc-elf-us-dev.elfcosmetics.com Open in urlscan Pro
104.16.136.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cc-elf-us-dev.elfcosmetics.com/
Submission: On June 25 via api (June 25th 2024, 12:17:29 am UTC) from US — Scanned from US

Summary HTTP 200 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 64 IPs in 2 countries across 48 domains to perform 200 HTTP transactions. The main IP is 104.16.136.35, located in and belongs to CLOUDFLARENET, US. The main domain is cc-elf-us-dev.elfcosmetics.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.

This is the only time cc-elf-us-dev.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	104.16.136.35 104.16.136.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	204.141.88.95 204.141.88.95	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
3	2600:9000:21d... 2600:9000:21dd:8c00:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.106.40 108.138.106.40	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.187.31 104.18.187.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.130.168 18.164.130.168	16509 (AMAZON-02) (AMAZON-02)
1	34.117.233.127 34.117.233.127	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:24f... 2600:9000:24f1:2a00:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.238.80.5 18.238.80.5	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	192.225.157.157 192.225.157.157	30286 (THM) (THM)
6	18.238.80.118 18.238.80.118	16509 (AMAZON-02) (AMAZON-02)
1 1	44.215.32.16 44.215.32.16	14618 (AMAZON-AES) (AMAZON-AES)
1	3.214.83.230 3.214.83.230	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	34.193.203.33 34.193.203.33	14618 (AMAZON-AES) (AMAZON-AES)
1 3	142.251.40.132 142.251.40.132	15169 (GOOGLE) (GOOGLE)
1 2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c21::9a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:251... 2600:9000:2511:f600:d:274d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6813:b0d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:1c0... 2600:141b:1c00:30::1739:5a65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.20.196.93 52.20.196.93	14618 (AMAZON-AES) (AMAZON-AES)
1	44.214.85.195 44.214.85.195	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
2	142.250.65.232 142.250.65.232	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:46::84 2a04:4e42:46::84	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	23.44.111.16 23.44.111.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:24f... 2600:9000:24f1:c400:a:7914:b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:23c... 2600:9000:23cb:1600:11:85b0:d600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.49.124.132 34.49.124.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	67.202.8.105 67.202.8.105	14618 (AMAZON-AES) (AMAZON-AES)
1	18.238.80.94 18.238.80.94	16509 (AMAZON-02) (AMAZON-02)
2 3	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1 1	69.173.146.5 69.173.146.5	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.80.46 142.250.80.46	15169 (GOOGLE) (GOOGLE)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2 4	142.251.35.166 142.251.35.166	15169 (GOOGLE) (GOOGLE)
2	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	34.195.40.121 34.195.40.121	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	104.18.9.17 104.18.9.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	192.225.158.1 192.225.158.1	30286 (THM) (THM)
1	2620:f3:0:14:... 2620:f3:0:14:b401:8ee8:4321:ad82	30286 (THM) (THM)
1	192.225.158.3 192.225.158.3	30286 (THM) (THM)
10	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1	34.98.106.171 34.98.106.171	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.165.197 35.244.165.197	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.117.101.205 34.117.101.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:5... 2600:1901:0:56e0::	15169 (GOOGLE) (GOOGLE)
2	34.149.130.207 34.149.130.207	15169 (GOOGLE) (GOOGLE)
6	34.111.8.32 34.111.8.32	() ()
1 2	34.149.254.212 34.149.254.212	() ()
1 1	107.178.254.65 107.178.254.65	() ()
200	64

21 104.16.136.35 (None, )

ASN13335 (CLOUDFLARENET, US)

cc-elf-us-dev.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 204.141.88.95 (United States)

ASN393259 (YOTTAA-AS-1, US)

development.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21dd:8c00:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.106.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-40.jfk50.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.187.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.130.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-130-168.jfk50.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.233.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.233.117.34.bc.googleusercontent.com

elfco11111.pcapredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:2a00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.80.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-5.jfk52.r.cloudfront.net

plugins-media.perfectcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.225.157.157 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.238.80.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-118.jfk52.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.32.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-32-16.compute-1.amazonaws.com

elfcosmetics.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.83.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-83-230.compute-1.amazonaws.com

elfcosmetics.my.salesforce-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.203.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-203-33.compute-1.amazonaws.com

e.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.132 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2511:f600:d:274d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

apps.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:b0d3 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.sandbox.afterpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7809 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:30::1739:5a65 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.196.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-196-93.compute-1.amazonaws.com

stg.api.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.214.85.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-85-195.compute-1.amazonaws.com

network-stg-a.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:46::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.44.111.16 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-111-16.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f1:c400:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:1600:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.cnnx.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com

sgtm.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.8.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-8-105.compute-1.amazonaws.com

pixel.pointmediatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.80.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-94.jfk52.r.cloudfront.net

cdn.blisspointmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.87 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.162 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.146.5 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.46 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.35.166 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f6.1e100.net

9231397.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10742279.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.38 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.40.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-40-121.compute-1.amazonaws.com

external-api.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.9.17 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn8.eu.inside.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www8.eu.inside.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.1 (United States)

ASN30286 (THM, US)

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.3 (United States)

ASN30286 (THM, US)

w2txo5aasxpdjdhd2rneukpze5v4vgokaoq2scdv950ab00c8b3fab78sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.162 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.106.171 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.106.98.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.165.197 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 197.165.244.35.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.101.205 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.101.117.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com

pd.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idr.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.8.32 (None, )

ASN- ()

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.254.212 (None, ) 1 redirects

ASN- ()

pix.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (None, ) 1 redirects

ASN- ()

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	elfcosmetics.com cc-elf-us-dev.elfcosmetics.com development.elfcosmetics.com sgtm.elfcosmetics.com — Cisco Umbrella Rank: 250639	4 MB
16	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8738 imgs.signifyd.com — Cisco Umbrella Rank: 7238	75 KB
11	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2825 api.bounceexchange.com	182 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	169 KB
10	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 cm.g.doubleclick.net — Cisco Umbrella Rank: 274 9231397.fls.doubleclick.net — Cisco Umbrella Rank: 314306 ad.doubleclick.net — Cisco Umbrella Rank: 164 10742279.fls.doubleclick.net — Cisco Umbrella Rank: 312768	3 KB
10	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 9513 st.dynamicyield.com — Cisco Umbrella Rank: 8959 async-px.dynamicyield.com — Cisco Umbrella Rank: 9234	265 KB
9	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	243 KB
8	inside.chat cdn8.eu.inside.chat — Cisco Umbrella Rank: 377763 www8.eu.inside.chat — Cisco Umbrella Rank: 503573	101 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 913	5 KB
6	bazaarvoice.com apps.bazaarvoice.com — Cisco Umbrella Rank: 4268 stg.api.bazaarvoice.com — Cisco Umbrella Rank: 159044 network-stg-a.bazaarvoice.com — Cisco Umbrella Rank: 143468	49 KB
5	bouncex.net events.bouncex.net	594 B
5	cdnwidget.com 1 redirects ids.cdnwidget.com — Cisco Umbrella Rank: 4517 pd.cdnwidget.com — Cisco Umbrella Rank: 4397 pix.cdnwidget.com idr.cdnwidget.com	2 KB
4	adsrvr.org 4 redirects insight.adsrvr.org — Cisco Umbrella Rank: 1062 match.adsrvr.org — Cisco Umbrella Rank: 405	2 KB
4	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 9655 tags.rd.linksynergy.com — Cisco Umbrella Rank: 5952	15 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	397 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	19 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 6004 page.cdnbasket.net — Cisco Umbrella Rank: 6019 view.cdnbasket.net — Cisco Umbrella Rank: 6008	1014 B
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2940 h64.online-metrix.net — Cisco Umbrella Rank: 2088 w2txo5aasxpdjdhd2rneukpze5v4vgokaoq2scdv950ab00c8b3fab78sac.d.aa.online-metrix.net	795 B
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 527 ib.adnxs.com — Cisco Umbrella Rank: 279	3 KB
3	jebbit.com js.jebbit.com — Cisco Umbrella Rank: 60847 external-api.jebbit.com — Cisco Umbrella Rank: 61619	61 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	151 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2076 alb.reddit.com — Cisco Umbrella Rank: 1406	761 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 682	2 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1200	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	74 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1130	22 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 495	838 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	10 KB
2	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 7386 e.cquotient.com — Cisco Umbrella Rank: 12750	19 KB
1	pippio.com 1 redirects pippio.com	576 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 133	23 B
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4085	6 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 432	915 B
1	blisspointmedia.com cdn.blisspointmedia.com — Cisco Umbrella Rank: 9872	1 KB
1	pointmediatracker.com 1 redirects pixel.pointmediatracker.com — Cisco Umbrella Rank: 10148	430 B
1	cnnx.link js.cnnx.link — Cisco Umbrella Rank: 10517	1 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 5461	12 KB
1	appboycdn.com js.appboycdn.com — Cisco Umbrella Rank: 4436	56 KB
1	afterpay.com portal.sandbox.afterpay.com — Cisco Umbrella Rank: 650460	81 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 8585	15 KB
1	salesforce-sites.com elfcosmetics.my.salesforce-sites.com	2 KB
1	force.com 1 redirects elfcosmetics.secure.force.com	609 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 653	306 B
1	perfectcorp.com plugins-media.perfectcorp.com — Cisco Umbrella Rank: 278751	118 KB
1	pcapredict.com elfco11111.pcapredict.com	15 KB
200	48

	Domain	Requested by
23	development.elfcosmetics.com	cc-elf-us-dev.elfcosmetics.com
21	cc-elf-us-dev.elfcosmetics.com	cc-elf-us-dev.elfcosmetics.com
14	imgs.signifyd.com	cdn-scripts.signifyd.com imgs.signifyd.com
11	cdn.cookielaw.org	cc-elf-us-dev.elfcosmetics.com cdn.cookielaw.org
10	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
9	analytics.tiktok.com	cc-elf-us-dev.elfcosmetics.com analytics.tiktok.com
6	ct.pinterest.com	s.pinimg.com
6	async-px.dynamicyield.com	cdn.dynamicyield.com
5	events.bouncex.net
4	www8.eu.inside.chat	analytics.tiktok.com
4	cdn8.eu.inside.chat	cc-elf-us-dev.elfcosmetics.com cdn8.eu.inside.chat
4	apps.bazaarvoice.com	cdn.cookielaw.org apps.bazaarvoice.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	cc-elf-us-dev.elfcosmetics.com www.googletagmanager.com
4	cdn.jsdelivr.net	cc-elf-us-dev.elfcosmetics.com
3	match.adsrvr.org	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	tags.rd.linksynergy.com	tag.rmp.rakuten.com cc-elf-us-dev.elfcosmetics.com tags.rd.linksynergy.com
3	www.google.com	1 redirects cc-elf-us-dev.elfcosmetics.com
3	cdn.dynamicyield.com	cc-elf-us-dev.elfcosmetics.com st.dynamicyield.com
2	pix.cdnwidget.com	1 redirects
2	www.facebook.com
2	10742279.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ad.doubleclick.net
2	9231397.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dsum-sec.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	sgtm.elfcosmetics.com	www.googletagmanager.com
2	js.jebbit.com	cc-elf-us-dev.elfcosmetics.com js.jebbit.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	idsync.rlcdn.com	2 redirects
2	googleads.g.doubleclick.net	1 redirects cc-elf-us-dev.elfcosmetics.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	cdn-scripts.signifyd.com	cc-elf-us-dev.elfcosmetics.com cdn-scripts.signifyd.com
1	idr.cdnwidget.com
1	pippio.com	1 redirects
1	api.bounceexchange.com	assets.bounceexchange.com
1	pd.cdnwidget.com	analytics.tiktok.com
1	ids.cdnwidget.com	analytics.tiktok.com
1	view.cdnbasket.net	analytics.tiktok.com
1	page.cdnbasket.net	analytics.tiktok.com
1	data.cdnbasket.net	analytics.tiktok.com
1	www.googleadservices.com	1 redirects
1	w2txo5aasxpdjdhd2rneukpze5v4vgokaoq2scdv950ab00c8b3fab78sac.d.aa.online-metrix.net
1	h64.online-metrix.net	imgs.signifyd.com
1	h.online-metrix.net	imgs.signifyd.com
1	tag.wknd.ai	cc-elf-us-dev.elfcosmetics.com
1	external-api.jebbit.com	js.jebbit.com
1	alb.reddit.com
1	pixel-config.reddit.com	www.redditstatic.com
1	pixel.rubiconproject.com	1 redirects
1	ib.adnxs.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	insight.adsrvr.org	1 redirects
1	cdn.blisspointmedia.com
1	pixel.pointmediatracker.com	1 redirects
1	js.cnnx.link	www.googletagmanager.com
1	network-stg-a.bazaarvoice.com	cc-elf-us-dev.elfcosmetics.com
1	stg.api.bazaarvoice.com	apps.bazaarvoice.com
1	ut.rd.linksynergy.com	tag.rmp.rakuten.com
1	websdk.appsflyer.com	cc-elf-us-dev.elfcosmetics.com
1	js.appboycdn.com	cc-elf-us-dev.elfcosmetics.com
1	portal.sandbox.afterpay.com	cdn.cookielaw.org
1	tag.rmp.rakuten.com	cc-elf-us-dev.elfcosmetics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	e.cquotient.com	cdn.cquotient.com
1	elfcosmetics.my.salesforce-sites.com	cc-elf-us-dev.elfcosmetics.com
1	elfcosmetics.secure.force.com	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	plugins-media.perfectcorp.com	cc-elf-us-dev.elfcosmetics.com
1	st.dynamicyield.com	cc-elf-us-dev.elfcosmetics.com
1	elfco11111.pcapredict.com	cc-elf-us-dev.elfcosmetics.com
1	cdn.cquotient.com	cc-elf-us-dev.elfcosmetics.com
200	75

This site contains links to these domains. Also see Links.

Domain
development.elfcosmetics.com
shadefinder.elfcosmetics.com
www.elfcosmetics.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-25` - `2024-10-25`	a year	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-09-03` - `2024-10-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M02	`2024-06-02` - `2025-06-30`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.cquotient.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-02`	a year	crt.sh
*.pcapredict.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-08-13`	a year	crt.sh
*.perfectcorp.com Thawte TLS RSA CA G1	`2024-02-26` - `2025-03-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2023-10-20` - `2024-11-20`	a year	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.bazaarvoice.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-05` - `2025-05-06`	a year	crt.sh
tag.rmp.rakuten.com WR3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
afterpay.com GTS CA 1P5	`2024-06-02` - `2024-09-01`	3 months	crt.sh
appboycdn.com E6	`2024-06-10` - `2024-09-08`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2024-01-23` - `2025-01-22`	a year	crt.sh
*.api.bazaarvoice.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-14` - `2025-07-15`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-03` - `2024-07-02`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.jebbit.com Amazon RSA 2048 M02	`2024-04-23` - `2025-05-21`	a year	crt.sh
js.cnnx.link Amazon RSA 2048 M02	`2024-06-09` - `2025-07-08`	a year	crt.sh
sgtm.elfcosmetics.com WR3	`2024-05-14` - `2024-08-13`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
tag.wknd.ai R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
eu.inside.chat GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-03-20` - `2024-10-21`	7 months	crt.sh
assets.bounceexchange.com WR3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
data.cdnbasket.net GTS CA 1D4	`2024-05-04` - `2024-08-02`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2024-05-11` - `2024-08-09`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2024-05-15` - `2024-08-13`	3 months	crt.sh
ids.cdnwidget.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
pd.cdnwidget.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
*.wunderkind.co R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh
idr.cdnwidget.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://cc-elf-us-dev.elfcosmetics.com/
Frame ID: 9C782ABD0910DD45991A25BBF6EA05A5
Requests: 181 HTTP requests in this frame

Frame: https://tags.rd.linksynergy.com/pix/9097?type=pos&pt=home&href=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&_rm_fire3p=true
Frame ID: 7C25EF0AA5B67AF179DB9133FAC751E8
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/Zu74BoNPpwR9OAVJ?660f06ebadfc0699=sUG9NMTbmQ_nXwDsr8f5N5fs-bu-KtodfHoy0daaisP-KXv-mFrKmiodMS8g1RdJIai87sJs-GueXJXZq2tfhupjqvwVaqnlQXV1GWBfKMhyQ1y1pDSGHh90plGdBv6FCG5fMz4776ko1C0Fo_tvLt93FS7BvnP1iFpDsKYHjJIhLRRymZYG69hghfQSHDFUtnH0LXkyq7V-Wha5zx1SopX8KXBNKLi3CvP6qbRHag9hcClipfgGCSpxUx5WiiNpQFdei2JlVFyKCqlV&jb=35312426687b6777355f61646e677d7b24687b6d3f556b6e646d777b27303a3b33246073687d3f436070676d6d2462736a374b687a6565672f323831383c
Frame ID: F37C0A92D436A2789CDE82D3886555F5
Requests: 13 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=CMDfj5S99YYDFYkZ-QAdwZwLTg;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144085566;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F
Frame ID: 876DB93366F7B8298D8F0F05FBA27B4B
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CIHakpS99YYDFQs9-QAdoGgH8w;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1370606683;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F
Frame ID: 02ADF5FB3BAA57DE301A4466926E3F0A
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: CEF19CCDD955AC0AD3510CBE95455267
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/ugnNMf_SfE71CgBF?b22180e98a3488e6=NSepwJldSWsvlMCZTSgMqYdckVyI63GgAJO2p52aMxN0ClTr0u2C7ul_GyOGdkhLjnxWuv2ch0dCRVmezpFCbA401xfCElQcYOein8ZEnMwy6ACbfIN9ryK9b5APoK7srFhJYDsu5GzvS3GiRBWIaAvsY943_9tbsIxHg9pwh_GNjOtNIsQKhLt7cAnTCbPToSZXJNQCx_ZocoX3kTedCUkxI11PzX6oSwMyODOYJTzsbD7c_5yxLoblP4mgJN8_tm-29BkxcfnMjC5rDWs
Frame ID: 98A734E987263C958CA6048A98504C12
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/UJRuUFhoe_2xOydA?b11c8ff092d5fc0e=PYREhXtJ9briMMdnklQjd8a8I-zp3RviC6mW5pQclKa3oSkDlbcVEb-rcQR5nu62JkQF8gZu3WERReHOxak2bXBY6Gqi-aFpPIru9YUJPgbd8tE_vYg60-ckDZPvOI6Mar0Te6acmPN-mGnjR9u4OVIifP-DOJGhiz8de8zNrcqmYZxixaTDnMNhLJ47jXWhXEC9Gjstkx5lIz42X6239BQnTc2KCny2FchqvETlq1PWVFS67FN5oxtMO6lSNvRJ_LPjI8gqKggKcZyVby19
Frame ID: 8DEC4E5A955ED2A45671B4C97EA1BF07
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/rnn4VeFjs1bo1UcS?5fb514d5a8a4dbbe=3vstIBfrE7WH0Yx4HT0zNl45mOKHWLVTCVQYsm5t-xff_oJRzA0oHvy2CI6035HjvNw75vnzR5ohSzFIr5UMc5BDY-TktsrTnVGfL7K4zWPHr9k3s-Izu2lDTJbUrYZGnvvNRgfToqvJnGCc6ka3wO8ALfiuRkyQIA-88rXxq-zeuzwxeUd_324g2mb_BVZDnFMLvxBLebuXjlJdp_4e0zf0kms5N4jGqf6Ap1BnJinUnQBWBfVdkyBe7ntpUwn4QDPDDYZGtGNjFqcaJV71
Frame ID: 3D4D4AED4A0A68509AA290B30F106DB8
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 72F7A0546BA7B07B64658A946D10EFB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Affordable Drugstore Makeup & Skincare Products | e.l.f. Cosmetics

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

200
Requests

94 %
HTTPS

31 %
IPv6

48
Domains

75
Subdomains

64
IPs

2
Countries

6001 kB
Transfer

13886 kB
Size

97
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://development.elfcosmetics.com/account
Title: Sign In

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/register-new-account?refby=Account_Create_Hamburger_Navigation
Title: Register

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/e.l.f.-beauty-squad/?refby=Account_Create_Hamburger_JoinBS_Navigation
Title: Join Beauty Squad and Start Earning Reward points

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/whats-new/
Title: New

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/holy-grail-collections/halo-glow-collection/
Title: Halo Glow Beauty Wands

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/lash-n-roll-mascara/83072.html
Title: Lash N' Roll Mascara

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/spf-skin-care/
Title: Suntouchable SPF Spray & Whoa Glow

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/squeeze-me-lip-balm/300222.html
Title: Squeeze Me Lip Balm

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/virtual-try-on/
Title: Virtual Try On

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care-products/skin-care-finder/
Title: Skin Care Finder Quiz

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/best-sellers/
Title: Best Sellers

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/best-selling-beauty/
Title: Makeup Best Sellers

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care-best-sellers/
Title: Skin Care Best Sellers

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brush-best-sellers/
Title: Brushes & Tools Best Sellers

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/viral/
Title: Top 10 Viral Products

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/best-selling-makeup-and-skincare/best-sellers-under-7/
Title: Under $7

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/best-selling-makeup-and-skincare/best-sellers-under-15/
Title: Under $15

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/camo-collection-1/
Title: Camo Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/powered-by-putty/
Title: Putty Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/holy-hydration-collection/
Title: Holy Hydration! Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/celebrate-pride/
Title: Pride Month Essentials

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/all-over-glow/
Title: All Over Glow Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/no-makeup-makeup-collection/
Title: No Makeup, Makeup

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/collections/award-winning-beauty/
Title: Award-Winners

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/value-and-gift-sets/
Title: Value & Gift Sets

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/travel-sized-products/
Title: Minis & Travel Size

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/featured-makeup-and-skincare-products/promotion-details/
Title: Promotions

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/
Title: Eyes

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/eyeshadow/
Title: Eyeshadow

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/eyebrows/
Title: Eyebrows

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/mascara/
Title: Mascara

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/eyeliner/
Title: Eyeliner

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/eyeshadow-palettes/
Title: Eyeshadow Palettes

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/false-eyelashes/
Title: False Eyelashes

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/eye-primer/
Title: Eye Primer

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/eyes/concealer/
Title: Eye Concealer

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/lips/
Title: Lips

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/lips/lipstick/
Title: Lipstick

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/lips/lip-gloss/
Title: Lip Gloss

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/lips/lip-balms-treatments/
Title: Lip Balms & Treatments

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/lips/lip-liner/
Title: Lip Liner

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/
Title: Face

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/face-primer/
Title: Face Primer

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/foundation/
Title: Foundation

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/concealer/
Title: Concealer

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/blush/
Title: Blush

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/highlighter/
Title: Highlighter

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/powder/
Title: Powder

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/bronzer/
Title: Bronzer

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/setting-spray-powder/
Title: Setting Spray & Powder

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/contour-makeup/
Title: Contour

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/color-correcting-makeup/
Title: Color Correct

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/face/palettes/
Title: Palettes

Search URL Search Domain Scan URL

URL: https://shadefinder.elfcosmetics.com/?utm_source=elf-cosmetics&utm_medium=web&utm_campaign=mime-shade-finder&utm_term=link-global-navigation-face
Title: Foundation Shade Finder

Search URL Search Domain Scan URL

URL: https://www.elfcosmetics.com/face-makeup/primer-finder-1//?utm_source=elf-cosmetics&utm_medium=web&utm_campaign=mime-primer-finder&utm_term=link-global-navigation-face
Title: Primer Finder

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care-products/
Title: e.l.f. Skin

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/face-moisturizers/
Title: Moisturizers

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/treatments/
Title: Treatments & Serums

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/sets/
Title: Sets

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/face-masks/
Title: Masks

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/cleanser/
Title: Cleansers

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/eye-cream-and-treatments/
Title: Eye Care

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/face-mists/
Title: Face Mists

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/makeup-remover/
Title: Makeup Removers

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/face-and-skincare-tools/
Title: Skin Tools

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/minis/
Title: Mini Size

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/shop-by-skincare-concern/dry-skin/
Title: Dry Skin

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/oily-skin-care/
Title: Acne & Blemishes

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/shop-by-skincare-concern/dull-and-uneven-skin-tones/
Title: Dull & Uneven Skin Tone

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/anti-aging-skin-care/
Title: Anti-Aging

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/sensitive-skin-care/
Title: Sensitive Skin

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/blemish-breakthrough-collection/
Title: Blemish Breakthrough

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/holy-grail-collections/pure-skin-collection/
Title: Pure Skin Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/the-supers-collection/
Title: Supers Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/cannabis-sativa-hemp-seed-oil-skin-care/
Title: Cannabis Sativa Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/jellypop/
Title: Jelly Pop Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/new/elf%252b-collection/
Title: Elf+ Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/ingredient-glossary.html
Title: Ingredient Glossary

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/hyaluronic-acid/
Title: Hyaluronic Acid

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/vitamin-c/
Title: Vitamin C

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/vitamin-e/
Title: Vitamin E

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/niacinamide/
Title: Niacinamide

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/retinoid/
Title: Retinoid

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/jojoba-oil/
Title: Jojoba Oil

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/rosehip-oil/
Title: Rose Hip Oil

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/peptides/
Title: Peptides

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/salicylic-acid/
Title: Salicylic Acid

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/skin-care/fragrance-free/
Title: Fragrance Free

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes/
Title: Brushes & Tools

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes/brush-sets/
Title: Brush Sets

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes/face-brushes/
Title: Face Brushes

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes/eye-brushes/
Title: Eye Brushes

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes/brush-care/
Title: Brush Care

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes-and-makeup-tools/makeup-sponges-and-applicators/
Title: Sponges & Applicators

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes-and-tools/tools/
Title: Tools

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/brushes/beautifully-precise-brush-collection/
Title: Precision Brush Collection

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/elf-discovery/
Title: e.l.f. Discovery

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/elf-discovery/#tutorials
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/elf-discovery/#lookbooks
Title: Lookbooks

Search URL Search Domain Scan URL

URL: https://development.elfcosmetics.com/elf-discovery/#quick-tips
Title: Quick Tips

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://elfcosmetics.secure.force.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1719274641492 HTTP 301
https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1719274641492

Request Chain 67

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1648855719.1719274642&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dma=0&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1558942984.1719274642 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1648855719.1719274642&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dma=0&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1558942984.1719274642

Request Chain 91

https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dw_dnt=1 HTTP 302
https://development.elfcosmetics.com/404

Request Chain 97

https://idsync.rlcdn.com/458359.gif?partner_uid=24af1589-2b82-4c98-81b9-6b2aff556d3f HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDI0YWYxNTg5LTJiODItNGM5OC04MWI5LTZiMmFmZjU1NmQzZhAAGg0IlJnoswYSBQjoBxAAQgBKAA HTTP 307
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=258bed4b0ad50276d73a4be3334f84348082f05dce8343172ff8a35b09f714c46ac34734d8e453ee

Request Chain 113

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=89006a85-8f5a-4213-905e-c7b636b1fced&user_id=undefined&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=66742060 HTTP 302
https://cdn.blisspointmedia.com/assets/img/pixel.gif

Request Chain 114

https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2

Request Chain 115

https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MGQ4ODcxZjAtZTQwMS00M2E3LWI5NjQtMjVjODQyYTllZjZk&gdpr=0&gdpr_consent=&ttd_tdid=0d8871f0-e401-43a7-b964-25c842a9ef6d HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0d8871f0-e401-43a7-b964-25c842a9ef6d&google_gid=CAESEPABSYt8sh_lSH3_ni6EAM0&google_cver=1 HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=0d8871f0-e401-43a7-b964-25c842a9ef6d HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8446786216128769053&ttd_tdid=0d8871f0-e401-43a7-b964-25c842a9ef6d HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0d8871f0-e401-43a7-b964-25c842a9ef6d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d8871f0-e401-43a7-b964-25c842a9ef6d&expiration=1721866646&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d8871f0-e401-43a7-b964-25c842a9ef6d&expiration=1721866646&gdpr=0&gdpr_consent=&C=1

Request Chain 124

https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144085566;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F HTTP 302
https://9231397.fls.doubleclick.net/activityi;dc_pre=CMDfj5S99YYDFYkZ-QAdwZwLTg;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144085566;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F

Request Chain 126

https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1370606683;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F HTTP 302
https://10742279.fls.doubleclick.net/activityi;dc_pre=CIHakpS99YYDFQs9-QAdoGgH8w;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1370606683;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F

Request Chain 153

https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dw_dnt=1 HTTP 302
https://development.elfcosmetics.com/404

Request Chain 163

https://www.googleadservices.com/pagead/conversion/698270988/?random=796195984&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e46j1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&tiba=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&auid=1558942984.1719274642&bttype=purchase&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5&uip=38.132.118.0&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&s3p=1 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1311663869&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e46j1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&tiba=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&auid=1558942984.1719274642&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5&uip=38.132.118.0&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&s3p=1&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&eitems=ChEI8LLkswYQhsbE65jP8t6UARIdAAg1SsMC_CWnMBR9dEeVm8q1ff1N148DhC4RtOc&pscrd=IhMIuo2tlL31hgMVbh3QBB1HLgINMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vY2MtZWxmLXVzLWRldi5lbGZjb3NtZXRpY3MuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/698270988/?random=1311663869&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e46j1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&tiba=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&auid=1558942984.1719274642&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5&uip=38.132.118.0&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&s3p=1&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIuo2tlL31hgMVbh3QBB1HLgINMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vY2MtZWxmLXVzLWRldi5lbGZjb3NtZXRpY3MuY29tLw&is_vtc=1&cid=CAQSKQDaQooLJggKmTKcf29J4bzv93Hu_V9RsBSpbFoiubA4Dwptc8Wqb9-J&eitems=ChEI8LLkswYQhsbE65jP8t6UARIdAAg1SsOdr75FPTobb_f8zrpnw-Rmm1bcpD4bAmo&random=4038515946

Request Chain 190

https://pix.cdnwidget.com/redirect?CID=2iLfC1pQnccOu7Yx9gvzeeOzlWM&DID=2iLfC2zbPaSFUcaxeDgfbDG8K7T&v=&iv=&deviceid=3992864364079718769&visitid=1719274647360316&wsid=4142&apikey=2^HIykD HTTP 302
https://pippio.com/api/sync?pid=5749 HTTP 307
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none

200 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cc-elf-us-dev.elfcosmetics.com/ 281 KB
62 KB 930ms
831ms Document
text/html 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974cc0a61be1d5877ffdc4598bbfa3f33f860a0d91ab1ac21674f9d8e114d4ac

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8990c6246c630a12-MIA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 25 Jun 2024 00:17:20 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
server: cloudflare
vary: accept-encoding
x-dw-request-base-id: _1BGjnf7eGYBAAB_

GET
H2 200 AssistantRegular.woff2
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa81fabb4/fonts/ 16 KB
17 KB 303ms
122ms Font
font/woff2 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa81fabb4/fonts/AssistantRegular.woff2
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Origin: https://cc-elf-us-dev.elfcosmetics.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true, true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: MISS
age: 3988043
x-yottaa-optimizations: ob/1 si/26D1cc8d585f-1715192426-3617152576 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-os: 200
cross-origin-resource-policy: cross-origin
x-yottaa-metrics: 2621cc02303a/[125,122,-] 26D1cc8d585f/[hit]
cf-ray: 881471d71b3de1ef-ORD
x-dw-request-base-id: G3G_6EYyPWYBAAB_
content-length: 16488
expires: Sat, 08 Jun 2024 20:29:58 GMT

GET
H2 200 AssistantBold.woff2
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa4e5031b/fonts/ 16 KB
17 KB 421ms
240ms Font
font/woff2 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwa4e5031b/fonts/AssistantBold.woff2
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Origin: https://cc-elf-us-dev.elfcosmetics.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true, true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: MISS
age: 3988043
x-yottaa-optimizations: ob/1 si/26D1cc8d585f-1715192426-3617152577 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-os: 200
cross-origin-resource-policy: cross-origin
x-yottaa-metrics: 2621cc02303c/[123,122,-] 26D1cc8d585f/[hit]
cf-ray: 881471d71f488139-ORD
x-dw-request-base-id: G3G96EYyPWYBAAB_
content-length: 16748
expires: Sat, 08 Jun 2024 20:29:58 GMT

GET
H2 200 fontawesome-webfont.woff2
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw86f05592/fonts/ 55 KB
56 KB 344ms
164ms Font
font/woff2 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw86f05592/fonts/fontawesome-webfont.woff2
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Origin: https://cc-elf-us-dev.elfcosmetics.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true, true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: MISS
age: 3988043
x-yottaa-optimizations: ob/1 si/26D1cc8d585f-1715192426-3617152578 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-os: 200
cross-origin-resource-policy: cross-origin
x-yottaa-metrics: 2621cc02303b/[145,141,-] 26D1cc8d585f/[hit]
cf-ray: 881471d7192861df-ORD
x-dw-request-base-id: G3G-6EYyPWYBAAB_
content-length: 56780
expires: Sat, 08 Jun 2024 20:29:58 GMT

GET
H2 200 jquery-2.1.1.min.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/lib/jquery/ 82 KB
29 KB 580ms
577ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/lib/jquery/jquery-2.1.1.min.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:18 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c629bacb0a12-MIA
x-dw-request-base-id: _1C6zZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 751 KB
72 KB 379ms
200ms Script
application/javascript 2600:9000:21dd:8c00:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:8c00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 6678bc26efbd6fa9f8706aad2088fc4db6347277c70b25658fa84c81fdf170c5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:16:58 GMT
content-encoding: gzip
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2024 13:22:56 GMT
server: DYCDN
age: 24
x-amz-cf-pop: EWR53-C2
x-amz-server-side-encryption: AES256
etag: W/"08ed9ebf21db912931f98b3a076798aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: _znjO95lI7Bacq7Kv_KSMWKSutvapm8O6hg1VE6wHQGW2yRAj_p8Qw==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 388 KB
115 KB 251ms
72ms Script
application/javascript 2600:9000:21dd:8c00:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:8c00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:38:06 GMT
content-encoding: gzip
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 17:35:05 GMT
server: DYCDN
age: 45555
x-amz-cf-pop: EWR53-C2
etag: W/"64e0187feba0c97d38f8aabb6e6d66cd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: s7AdSxQ8cNLn63Uv98XZyyB-GrP-nsGavQQDyn-Y48Kq0ZE3pQCIYQ==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 129ms
49ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ceCldLDyZN6bSQL6yyKLMg==
age: 86396
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2024 19:47:41 GMT
server: cloudflare
etag: 0x8DC9161D9039DBC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dea3be78-801e-00f3-4ef5-c340e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8990c62a3cd8a677-MIA

GET
H2 200 style.min.css
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/ 723 KB
136 KB 471ms
469ms Stylesheet
text/css 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/style.min.css
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cdbabdd0b3d48416200ef7238f3b2f2c8dd90e83b34456d0f4e88c04457d638

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:18 GMT
server: cloudflare
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c629bac50a12-MIA
x-dw-request-base-id: _1C5zZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 EswHooks.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/ 11 KB
3 KB 359ms
347ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/EswHooks.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a8112252b50b4b89f7b39ecd63b218133284fcd7e1e5bef85baf3bc80220d8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:18 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62ddf8d0a12-MIA
x-dw-request-base-id: _1DCzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 EswCss.css
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/ 11 KB
2 KB 431ms
429ms Stylesheet
text/css 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/EswCss.css
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ecda24592b5899ec119960edc4afbb29ca7e7b0c926f3c11f2c70ce8161c890

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:18 GMT
server: cloudflare
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c629bac80a12-MIA
x-dw-request-base-id: _1C8zZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 global.css
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1718992739037/css/ 30 KB
5 KB 315ms
314ms Stylesheet
text/css 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1718992739037/css/global.css
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Dec 2019 19:20:36 GMT
server: cloudflare
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c629bac90a12-MIA
x-dw-request-base-id: _1C4zZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 10 KB
4 KB 210ms
59ms Script
application/javascript 108.138.106.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-40.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:11:55 GMT
content-encoding: gzip
via: 1.1 2301ef513d768666e30ce282b9045098.cloudfront.net (CloudFront)
last-modified: Tue, 23 Apr 2024 14:51:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 327
etag: W/"73ca6f23f3e08738233832c7a7a0c30c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: XdXCWVa3tyAgf4RQE7jps0xaGHsit4dqSGjF4hvQWcBqpDZejLqlag==

GET
H2 200 changeUp.css
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/ 12 KB
2 KB 346ms
344ms Stylesheet
text/css 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/changeUp.css
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fabd1529453dd3e53a74c918ecf6ef2c0df8e709fb51713fed956815f174a5f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:17 GMT
server: cloudflare
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62a2b560a12-MIA
x-dw-request-base-id: _1C7zZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 changeUp.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/ 3 KB
1 KB 417ms
405ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/changeUp.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:17 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62ddf8e0a12-MIA
x-dw-request-base-id: _1DIzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 logo.jpg
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/default/dw5862774d/images/ 2 KB
2 KB 336ms
335ms Image
image/jpeg 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/default/dw5862774d/images/logo.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd9e85c7125c9ad8baef11d133ebcb87367707c7c52d6db6892eaade9dfd9efb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 8990c62a2b570a12-MIA
x-dw-request-base-id: _1C9zZEMemYBAAB_
content-length: 2235
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 splide.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/ 4 KB
2 KB 119ms
42ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/splide.min.css

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1171942
x-jsd-version: 2.4.21
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1031
x-served-by: cache-fra-etou8220072-FRA, cache-lga21975-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"102c-M7+BfeLRxTmUwlsz98mdry3uV50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUHWHfFalmy72Xg2D54leNVQo64VJJ4ygGXSttD8WfZOD2IU06skotwyc%2BKSBMrvlUsuwQHU3EIDSOvKM5ISVbZ%2B736DSnUsHvsxF%2BISqcKthttP3%2F8PPQJ5RTPyXsy%2Fbf8hxKx%2BMLiOoQC95vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8990c62aaa58dab9-MIA

GET
H2 200 splide.min.js Show response
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/ 28 KB
11 KB 43ms
42ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/splide.min.js

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2257396
x-jsd-version: 2.4.21
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230056-FRA, cache-lga21933-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"7170-eq1ZE4HBpvEGZCwKn41rAbub2NI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfvyabd8Mdh2MoZQYsyyXjhpFuQ%2FVY7amuUbhy5L1uLStEbI5EKq20%2FrD%2FT%2FwB0xBbM33cuRU2EQTr%2Fhtt1Okc4wl%2BRjNq6A0JfkBWj9OAbVC2Gf%2BZlRoZlWL7mP5WmjzzMTBOsiNuxldN1B2IM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8990c62afab3dab9-MIA

GET
H2 200 haloGlowFam_D_IMAGE3-1.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw5a315745/homepage/2023/04/ 762 KB
763 KB 246ms
122ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw5a315745/homepage/2023/04/haloGlowFam_D_IMAGE3-1.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9381cc2e82e9d6be913b7b2e52739ddfb2b768cb7923194cdd1e123f81cfe41b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910542
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306008 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028365/[12,-,1715364039690] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd47fcf4f8728-ORD
x-dw-request-base-id: G3Fs6CEyPWYBAAB_
content-length: 779992
expires: Sat, 08 Jun 2024 20:29:21 GMT

GET
H2 200 haloGlowFam_2_HP_D_TEXT.png
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwfc4caf76/homepage/2023/04/ 29 KB
29 KB 195ms
195ms Image
image/png 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwfc4caf76/homepage/2023/04/haloGlowFam_2_HP_D_TEXT.png
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 2135d42472a3508e44ff861242f12de8a8effbee53e004e6ef37da4b6a637c00

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
age: 3910541
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306010 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/png
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02836a/[4,-,1715364040827] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd4870deb10db-ORD
x-dw-request-base-id: G3Ft6CIyPWYBAAB_
content-length: 29623
expires: Sat, 08 Jun 2024 20:29:22 GMT

GET
H2 200 haloGlowFam_D_IMAGE4.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw2f8c75df/homepage/2023/04/ 17 KB
18 KB 143ms
130ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw2f8c75df/homepage/2023/04/haloGlowFam_D_IMAGE4.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: bf335c593528db4ead1580acb6656530326a6b5cdbd1d4e663f41df440d97802

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910541
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306011 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028335/[4,-,1715364040956] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd487ddd2113a-ORD
x-dw-request-base-id: G3Fu6CMyPWYBAAB_
content-length: 17476
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 haloGlowFam_D_IMAGE5.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw41ee2e47/homepage/2023/04/ 27 KB
27 KB 141ms
130ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw41ee2e47/homepage/2023/04/haloGlowFam_D_IMAGE5.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 70d33528beda4b62b25c2b7aa41a0d305e9e6da9d6f8f4d01bb3c2452762dca5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306013 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028364/[4,-,1715364041731] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48ca90c10e6-ORD
x-dw-request-base-id: G3Fw6CMyPWYBAAB_
content-length: 27226
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 haloGlowFam_D_IMAGE6.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwd5b7fec7/homepage/2023/04/ 26 KB
27 KB 141ms
130ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwd5b7fec7/homepage/2023/04/haloGlowFam_D_IMAGE6.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 06b342380fdd8f72c76afb415afd8f2589f0a359f56f49bd2dcb089fcdadae7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306014 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028362/[6,-,1715364041738] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48cb99a61b4-ORD
x-dw-request-base-id: G3Fv6CMyPWYBAAB_
content-length: 26946
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 haloGlowFam_D_IMAGE7.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e1e16ab/homepage/2023/04/ 20 KB
21 KB 141ms
131ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0e1e16ab/homepage/2023/04/haloGlowFam_D_IMAGE7.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 27e921377431a1415510465137eaafbee97e6903651f4a432f3c8481329f2eaf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306015 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028369/[5,-,1715364041750] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48ccf2d8716-ORD
x-dw-request-base-id: G3F36CMyPWYBAAB_
content-length: 20969
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 haloGlowFam_D_IMAGE8.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw139b3e32/homepage/2023/04/ 119 KB
120 KB 140ms
131ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw139b3e32/homepage/2023/04/haloGlowFam_D_IMAGE8.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b34b4406dc95c820ca4a6bc9bb43fff02fc09d82d579e4c0e48ff3e1827c9e33

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306016 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832e/[10,-,1715364041746] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48cbfad5076-ORD
x-dw-request-base-id: G3Fz6CMyPWYBAAB_
content-length: 122050
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 haloGlowFam_D_IMAGE9.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw24bb8590/homepage/2023/04/ 158 KB
158 KB 141ms
131ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw24bb8590/homepage/2023/04/haloGlowFam_D_IMAGE9.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ed389866bb97f3828e65bcb6b6c56743f7501398f6c7d448c94d8c3bc602b047

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306017 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832c/[8,-,1715364041758] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48ccc87639e-ORD
x-dw-request-base-id: G3F16CMyPWYBAAB_
content-length: 161483
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 NEWARRIVALS_D_1.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwda646437/homepage/2023/06/ 113 KB
113 KB 140ms
132ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwda646437/homepage/2023/06/NEWARRIVALS_D_1.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e80da8cd6f16975cd9cc820bf8f461a0893da94f9f1113413396894c41dcfda8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306018 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02836c/[7,-,1715364041751] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48cbcfb6173-ORD
x-dw-request-base-id: G3Fx6CMyPWYBAAB_
content-length: 115459
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 mascara_D-min.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dweafd8b37/homepage/2023/06/ 122 KB
123 KB 141ms
133ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dweafd8b37/homepage/2023/06/mascara_D-min.jpg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9450a6523af74529a0c240abf48d82912c140c14da4e61bd341f2ed6cd2423d1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306019 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028334/[8,-,1715364041753] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48cc9e710f7-ORD
x-dw-request-base-id: G3F06CMyPWYBAAB_
content-length: 125092
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 bs-revamped_intl_D.gif
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0f7c5e39/homepage/2022/01/ 29 KB
29 KB 141ms
133ms Image
image/gif 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0f7c5e39/homepage/2022/01/bs-revamped_intl_D.gif
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: c1ad324697e4ee64aeb17fe94c0c2327f8e351a2baf9fe27c64cf0f438f77761

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true, true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: MISS
age: 3988037
x-yottaa-optimizations: ob/1 si/26D1cc8d585f-1715192426-3617152608 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/gif
cache-control: public, max-age=31104000
x-yottaa-os: 200
cross-origin-resource-policy: cross-origin
x-yottaa-metrics: 2621cc8d586c/[163,131,-] 26D1cc8d585f/[hit]
cf-ray: 881471fb4ed98702-ORD
x-dw-request-base-id: G3HH6EwyPWYBAAB_
content-length: 29374
expires: Sat, 08 Jun 2024 20:30:04 GMT

GET
H3 200 intersection-observer.min.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.5.1/ 7 KB
3 KB 48ms
43ms Script
application/javascript 104.18.187.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.5.1/intersection-observer.min.js

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d56e42bdf8acd22fe7e5e1fe14c7862f03eee89acf31967d6bea370c0d7d356e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 58520
x-jsd-version: 0.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2702
x-served-by: cache-fra-eddf8230071-FRA, cache-lga21948-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"1c36-CNU5ytJAW0ab8+oh53TLIBGNt+Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQzYshtVP6i2uuLdp6f%2BcGqN4YN5NWm%2FY%2BUIXZPskXRFoW7MWL7Co01OW%2B3kx1%2BgssfIHulGUmUupMXMRR632vSwyYjHi8tokX9x8DaCZZd9MLBnbjCXNahG5%2FrwkFAg0ew%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8990c62ddd28a687-MIA

GET
H3 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/ 5 KB
3 KB 49ms
43ms Script
application/javascript 104.18.187.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/lazyload.min.js

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4430046
x-jsd-version: 12.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2145
x-served-by: cache-fra-eddf8230064-FRA, cache-lga21974-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"15d1-IxZ2QckOwVh8MMcWJc7ap/VwGh4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x24hv6%2Fn0UbeRDrKyx4sGQVBMNhqSeXwns06kBHtRcSPIJvZ21T3g1xPsxUoeWUh%2FgexejUPysS35AnKBESXzmAlu37uHLs0qeikXCCqFPBARh%2FpywrWO08C0RyoQ9knz8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8990c62ddd2fa687-MIA

GET
H2 200 appstore-download.png
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw62f0a333/homepage/2020/05/ 7 KB
7 KB 140ms
132ms Image
image/png 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw62f0a333/homepage/2020/05/appstore-download.png
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f8385a727d9ce6c82afec6272e3b93ae898d94b17570342413c737edc92bf4ed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306021 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/png
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02836b/[4,-,1715364041754] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48cb8fc5077-ORD
x-dw-request-base-id: G3Fy6CMyPWYBAAB_
content-length: 6821
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 playstore-download.png
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwc8e8c5c9/homepage/2020/05/ 5 KB
6 KB 187ms
179ms Image
image/png 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwc8e8c5c9/homepage/2020/05/playstore-download.png
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f27161dfe1b76e23a981ddc9988036e92cc0103efa22d67b3fc2ff86f8ee1e1c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306022 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/png
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028333/[7,-,1715364041745] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48ccc512994-ORD
x-dw-request-base-id: G3F26CMyPWYBAAB_
content-length: 5609
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 e_l_f_US_Mobile_App_sm-min.png
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0beb308a/lp/2022/ 7 KB
8 KB 187ms
180ms Image
image/png 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0beb308a/lp/2022/e_l_f_US_Mobile_App_sm-min.png
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 0201acab1b11acd0f5cc7ee6b9b8f6f08eb3c05425f62d8d21a342621bbd0458

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: HIT
age: 3910540
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715349444-3463306023 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/png
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028366/[5,-,1715364041784] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 881bd48d09912ab6-ORD
x-dw-request-base-id: G3F46CMyPWYBAAB_
content-length: 7515
expires: Sat, 08 Jun 2024 20:29:23 GMT

GET
H2 200 plugins.min.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/ 283 KB
78 KB 468ms
456ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/plugins.min.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:18 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62ddf8b0a12-MIA
x-dw-request-base-id: _1DBzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 app.min.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/ 534 KB
147 KB 483ms
477ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/app.min.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 692ec66f8193b7ee2b14bb6d8b2e09f0cfaef3fb4762e66686fa547d60fff2e2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:18 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62def8f0a12-MIA
x-dw-request-base-id: _1DGzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 global.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1718992739037/js/ 1 KB
597 B 393ms
387ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1718992739037/js/global.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Dec 2019 19:20:37 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62def900a12-MIA
x-dw-request-base-id: _1DFzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 rangetouch.min.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/lib/ 2 KB
1 KB 380ms
375ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/lib/rangetouch.min.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:17 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62def910a12-MIA
x-dw-request-base-id: _1DDzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 dwanalytics-22.2.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/internal/jscript/ 6 KB
3 KB 391ms
386ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/internal/jscript/dwanalytics-22.2.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b2a97b95ecaab1920aba84b26169c23a38e0513c2d4423ab9c0102b96cb195

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 00:17:21 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62def920a12-MIA
x-dw-request-base-id: _1DEzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 dwac-21.7.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/internal/jscript/ 5 KB
2 KB 388ms
383ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/internal/jscript/dwac-21.7.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d87091d363393cdfb559f44f41e447f70b67917b9dedb3e97c2a8d476e1ea8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 00:17:21 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62def940a12-MIA
x-dw-request-base-id: _1C_zZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 65 KB
19 KB 217ms
68ms Script
application/javascript 18.164.130.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.130.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-130-168.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 709de1b955852f8d94747824000c07f253a89a03078941703df9859d2e75c252

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 23:23:34 GMT
content-encoding: gzip
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 18:43:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 3228
etag: W/"5a46adde69ff5afdefaed355873317e1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: s0i4QQDtpNSs5TrIJCT9j0TDg80qJwPOVJ9v5HvIDskcdfGZC0bmaA==

GET
H2 200 applepay.js Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/internal/jscript/ 14 KB
4 KB 392ms
388ms Script
text/javascript 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/internal/jscript/applepay.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e7938fd5c17bb1b600de328beb4372fd16d07ef78ec200436f4b683d465ffa0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 00:17:21 GMT
server: cloudflare
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62def950a12-MIA
x-dw-request-base-id: _1DAzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff-test.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff-test/ 6 KB
2 KB 220ms
157ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff-test/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4d34043fda126f336813e7371dee25695d51123858453e94207e8473ad95d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: ffYNj2o5e0vTbIHGs8Eypw==
content-length: 1738
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 18:18:14 GMT
server: cloudflare
etag: 0x8DC57F841736D87
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2cdbc435-001e-0103-0b95-c6d6d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8990c62e5d9a74c0-MIA

GET
H2 200 sensor.js Show response
elfco11111.pcapredict.com/js/ 100 KB
15 KB 317ms
238ms Script
text/javascript 34.117.233.127
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://elfco11111.pcapredict.com/js/sensor.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.233.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 127.233.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 16db994a568e28d3f16de6c672b1dec012ef3c911abbfac05e61f365c8267335

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: text/javascript;charset=UTF-8
cache-control: public
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776

GET
H2 200 st Show response
st.dynamicyield.com/ 151 KB
13 KB 286ms
97ms Script
text/javascript 2600:9000:24f1:2a00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=h9dftkikqet2j6sl9gol61mg76ef21gl&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en_US%22%2C%22data%22%3A%5B%5D%7D
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:2a00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d8de85c1cd700d2717f36f1445adfc503874d78c80f468bceb2717a10d2013a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
via: 1.1 bd3fb8ca205d8e5f716067cdf581fa76.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: jVuPhqtFJFL_TV7R5_m-R9ytsZR0NDUCxmXBlf1Ksh2FVKmKAL4PWQ==
expires: Tue, 25 Jun 2024 00:17:20 GMT

GET
H2 200 sdk.js Show response
plugins-media.perfectcorp.com/c695/ 412 KB
118 KB 779ms
641ms Script
application/javascript 18.238.80.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plugins-media.perfectcorp.com/c695/sdk.js?apiKey=WZAntXUwJQKcfXEl4AR5w==

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.80.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-80-5.jfk52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fa34549142bf08d64a1aafc46cd747908dcba2aadaf01bd57a4e7146db5adc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:23 GMT
content-encoding: gzip
via: 1.1 f5c697bd298aa5fde836b2908d51005c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 120739
last-modified: Tue, 27 Jun 2023 02:53:40 GMT
server: AmazonS3
etag: "aac1d160ac43ba93bebc6f9aaa2733f2"
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: BRFfks51D4XoToH4p8O1gYyYpefbZn5lv7SpoygEC0m10R5SKQwgaQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 528 KB
140 KB 228ms
93ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3088512cce1086950ef581799e439b10125411d744efbeb9ce6e32b8bf508a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142931
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 00:17:21 GMT

GET
H2 200 back-to-top.svg
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/images/svg-icons/ 280 B
909 B 389ms
388ms Image
image/svg+xml 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/images/svg-icons/back-to-top.svg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/style.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/style.min.css
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:17 GMT
server: cloudflare
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=1EYjLSJz.3sLtjZxp2yKHs8Nyh3CindXWfLdzZUaCdc-1719274642-1.0.1.1-o8EAmbzohSECyVGJzmPfyW9OR7ChPsD9tHjzBSdBgLiPMovVa.1VEz7bEduVLITovoeWpcck9SUMLTqUezVCFBzng85X8s6s.tSfa.nlQCsD7jlLg_9_iu1xvl77kqdh_s6DpT7S0XTGvEHMUJhEB0W1zgPqNgbpv21rUNmrv0k; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=1EYjLSJz.3sLtjZxp2yKHs8Nyh3CindXWfLdzZUaCdc-1719274642-1.0.1.1-o8EAmbzohSECyVGJzmPfyW9OR7ChPsD9tHjzBSdBgLiPMovVa.1VEz7bEduVLITovoeWpcck9SUMLTqUezVCFBzng85X8s6s.tSfa.nlQCsD7jlLg_9_iu1xvl77kqdh_s6DpT7S0XTGvEHMUJhEB0W1zgPqNgbpv21rUNmrv0k"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62e580b0a12-MIA
x-dw-request-base-id: _1DJzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
H2 200 feedback.svg
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/images/svg-icons/ 281 B
298 B 322ms
321ms Image
image/svg+xml 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/images/svg-icons/feedback.svg
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/style.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/css/style.min.css
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c62e580c0a12-MIA
x-dw-request-base-id: _1DHzZEMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:21 GMT

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40ce925d45385c5afbd468d74c305990602f2532b12dde20bb44cb5622cb5ab2

Request headers

Referer
Origin: https://cc-elf-us-dev.elfcosmetics.com
Accept-Language: en-US,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbf0ad8d8fb9d5ac376dd38a49d48d76eded8bfb082609d3d9b765ad033a8b87

Request headers

Referer
Origin: https://cc-elf-us-dev.elfcosmetics.com
Accept-Language: en-US,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 32F818_11_0.woff2
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwf07fd48b/fonts/ 12 KB
13 KB 62ms
62ms Font
font/woff2 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dwf07fd48b/fonts/32F818_11_0.woff2
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 08200626ba06885c7a9e4ff3c6ccb778055d293690b5004d3d2862e779d7e9fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Origin: https://cc-elf-us-dev.elfcosmetics.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true, true
date: Tue, 25 Jun 2024 00:17:21 GMT
cf-cache-status: MISS
age: 3988036
x-yottaa-optimizations: ob/1 si/26D1cc8d585f-1715192426-3617152613 tts/1714998143179 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-os: 200
cross-origin-resource-policy: cross-origin
x-yottaa-metrics: 2621cc8d586f/[157,143,-] 26D1cc8d585f/[hit]
cf-ray: 881472025a94025e-ORD
x-dw-request-base-id: G3HR6E0yPWYBAAB_
content-length: 12570
expires: Sat, 08 Jun 2024 20:30:05 GMT

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 60ms
58ms Script
application/javascript 108.138.106.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-40.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:11:55 GMT
content-encoding: gzip
via: 1.1 2301ef513d768666e30ce282b9045098.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 327
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: edBJfTVpv0ui8YqeO9DDH3D97lUb2d4RrN3v0-vVioIVNurDsxOEDA==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 157ms
62ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8990c62feeb89ac3-MIA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK x0c0fuo3priw2icz.js Show response
imgs.signifyd.com/ 97 KB
14 KB 333ms
104ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/x0c0fuo3priw2icz.js?2269lcczf4y68h2x=w2txo5aa&v9otsj8vi3qx61vk=aHR0cHM6Ly9kZXZlbG9wbWVudC5lbGZjb3NtZXRpY3MuY29tLzY1MzY3ZTM1ZjllODFiZTYyMjgxNTZiOGU4

Requested by

Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

538c140759394af91479cb1e6b8ae2e2ab6637e8fe1a124073c16501374b5f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 00:17:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/2.32.0/ 196 KB
65 KB 67ms
66ms Script
text/javascript 2600:9000:21dd:8c00:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Requested by: Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=h9dftkikqet2j6sl9gol61mg76ef21gl&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en_US%22%2C%22data%22%3A%5B%5D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:8c00:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 06:52:35 GMT
content-encoding: gzip
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
last-modified: Tue, 02 Apr 2024 09:13:12 GMT
server: DYCDN
age: 2136287
x-amz-cf-pop: EWR53-C2
etag: W/"65b3e284856fb8d657d1f6a3423618c7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: SiyCRde7fAYytqcRYbaSCo-gRpjCisWUxJ433vUGzGHOJKKg8e2CFw==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/ 404 KB
98 KB 43ms
43ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XJk1ZZTljtwHFT3qcIJg+w==
age: 10228
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99599
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:36 GMT
server: cloudflare
etag: 0x8DB82A15D413626
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8990c6305d95a677-MIA

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
383 B 219ms
70ms XHR
text/plain 18.238.80.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1719274642111
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-118.jfk52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: LMqu8lQWazTRCfNgxRDY558OcKEnCxpMWfl8CxZ8Jlqbym2YDGYdJw==
expires: 0

GET
H2

200

nfEmbeddedService.js Show response
elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/
Redirect Chain

https://elfcosmetics.secure.force.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1719274641492
https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1719274641492

5 KB
2 KB

392ms
253ms

Script
application/x-javascript

3.214.83.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1719274641492

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Server

3.214.83.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-83-230.compute-1.amazonaws.com

Software

Resource Hash

05afd7115e1e4e6835deb4080f8b300a058786683a9ef7ec2af25e4038885905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 00:17:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 6 Nov 2019 02:20:06 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="CUR OTR STA"
cache-control: public,max-age=3888000
origin-trial: AoeiQ3Ow/BnNjoZ1k2kL0ix9SXzlnjm47YFisfuVAskKVTny0NGo4CEkVQNe1OCi48F77X4EZc6G69wDDJtAlggAAABleyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2Utc2l0ZXMuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-length: 1781
expires: Fri, 09 Aug 2024 00:17:23 GMT

Redirect headers

date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: upgrade-insecure-requests
location: https://elfcosmetics.my.salesforce-sites.com/resource/einsteinBot/js/nfEmbeddedService.js?_=1719274641492
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
origin-trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff-test/018ebeca-e8af-7a4a-a8f2-056be1af8a2c/ 161 KB
35 KB 152ms
152ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff-test/018ebeca-e8af-7a4a-a8f2-056be1af8a2c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5397ca137346263e22b469e89cac884feedefd5f941775dcf559916338331eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: dRP0w5bybVeF0pZLbGSyBQ==
content-length: 35438
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 18:18:29 GMT
server: cloudflare
etag: 0x8DC57F84AD90082
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: deacfed7-e01e-0006-3995-c664f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8990c631896974c0-MIA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 101ms
98ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ee5f302184c7f391b9d5c605a70b4ed00618f179452ee8a0a4f235d1da334e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jun 2024 00:17:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 239ms
104ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Jun 2024 23:46:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1845
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 25 Jun 2024 01:46:37 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 250ms
90ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 25 Jun 2024 00:17:22 GMT

GET
H2 200 products-in-all-categories-top-sellers Show response
e.cquotient.com/recs/bbxc-elf-us/ 236 B
495 B 206ms
74ms Script
text/javascript 34.193.203.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://e.cquotient.com/recs/bbxc-elf-us/products-in-all-categories-top-sellers?callback=CQuotient._callback0&_=1719274642201&_device=windows&userId=&cookieId=&emailId=&anchors=id%3A%3A%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A&slotId=home-slot-3&slotConfigId=2020%20New%20Carousel&slotConfigTemplate=slots%2Frecommendation%2Felfcarousel.isml&ccver=1.03&realm=BBXC&siteId=elf-us&instanceType=dev&v=v3.1.2&json=%7B%22userId%22%3A%22%22%2C%22cookieId%22%3A%22%22%2C%22emailId%22%3A%22%22%2C%22anchors%22%3A%5B%7B%22id%22%3A%22%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%5D%2C%22slotId%22%3A%22home-slot-3%22%2C%22slotConfigId%22%3A%222020%20New%20Carousel%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2Felfcarousel.isml%22%2C%22ccver%22%3A%221.03%22%2C%22realm%22%3A%22BBXC%22%2C%22siteId%22%3A%22elf-us%22%2C%22instanceType%22%3A%22dev%22%2C%22v%22%3A%22v3.1.2%22%7D

Requested by

Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.203.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-203-33.compute-1.amazonaws.com

Software

envoy /

Resource Hash

a13d2476068d51ad397e9a9276e08b1241d00249985a1eb10048e18777556ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-content-type-options: nosniff
server: envoy
etag: W/"ec-guaQxAHjcnN90dkJZ3U3K7ysV6o"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store
x-envoy-upstream-service-time: 14
content-length: 236

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 104ms
71ms Fetch 18.238.80.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=196301&uid=148619025645702289&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=29995db83327e10fa1dc1ec0986ce84c&expSes=86632&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884375.998337.1004363.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8275908881301150024&cgtgDecisionId=8275908882385006022&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719274641228&rri=224399
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-118.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: JxRQBHuSwJRpSO57PEW2JZC64XUE3RnV90FR2zxCE0UR8RpPeNplWQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 100ms
68ms Fetch 18.238.80.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=429014&uid=148619025645702289&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=29995db83327e10fa1dc1ec0986ce84c&expSes=86632&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884375.998337.1004363.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8275908878573326975&cgtgDecisionId=8275908880476125026&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719274641230&rri=9059181
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-118.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: TL4fq-lwigsWYO9eAg-dlwyui8oIl4qxYNLgxTkHSOoKpOYiX38e_Q==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 100ms
69ms Fetch 18.238.80.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=728443&uid=148619025645702289&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=29995db83327e10fa1dc1ec0986ce84c&expSes=86632&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884375.998337.1004363.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8275908881941397409&cgtgDecisionId=8275908880499050118&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719274641231&rri=3394421
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-118.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: FkDAeX0WShBvXrX_dcaIVrDixQxxh0GDkF-d8DDvaiXO54vtrQCjUA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 100ms
70ms Fetch 18.238.80.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=820827&uid=148619025645702289&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28646951%5D&ses=29995db83327e10fa1dc1ec0986ce84c&expSes=86632&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884375.998337.1004363.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8275908878579597633&cgtgDecisionId=8275908879746416282&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719274641232&rri=6364353
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-118.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: 5iWhz2Vd2xpnqp7yZ2JqNwYayXyw86Eeg4ypFwJKRoqF7NWQT22-4g==
expires: 0

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1648855719.1719274642&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dma=0&npa=0&gtm=45He46j0n81WL3STMXv896608294za2...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1648855719.1719274642&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dma=0&npa=0&gtm=45He46j0n81WL3STMX...

42 B
65 B

203ms
79ms

Ping
image/gif

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1648855719.1719274642&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dma=0&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1558942984.1719274642

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1648855719.1719274642&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dma=0&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1558942984.1719274642
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 batch
async-px.dynamicyield.com/ 0
384 B 188ms
71ms Ping
text/plain 18.238.80.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1719274642321_839330
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-118.jfk52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
via: 1.1 282af6dbb4c478f6651ee2a13940179e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: HYpLP1hL_Rr5HUm_4WNjMkmWzcIQoepajabtGH37bIK2sBp4GLAwNQ==
expires: 0

GET
H2 200 CSRF-GetToken Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
670 B 225ms
224ms Fetch
application/json 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/app.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528622fd0ee8099706a7fadf1614ae63ed4e2312ff274f82478b9f73073830f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8990c632edb50a12-MIA
x-dw-request-base-id: _1DKzZIMemYBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 CSRF-GetToken Show response
cc-elf-us-dev.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 234 B
298 B 357ms
168ms Fetch
application/json 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/CSRF-GetToken
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1718992739037/js/app.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a23a87a85dcb25c7055d11b4e95444766e80087a4f09b52ca9590bc5b5c3e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8990c6345fb70a12-MIA
x-dw-request-base-id: _1DLzZIMemYBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 13 KB
3 KB 168ms
167ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: 5mNZducabMgxSDzBo+ZI8w==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:30 GMT
server: cloudflare
etag: 0x8DB82A159AF8EA6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: da39c748-501e-0036-5895-c63ed8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8990c633ac0d74c0-MIA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 61 KB
12 KB 174ms
173ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: sXFDxCJwbPEMIT/8f5Prwg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:33 GMT
server: cloudflare
etag: 0x8DB82A15AFF8646
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d31e6527-f01e-00d5-2c95-c6db57000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8990c633ac0f74c0-MIA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 21 KB
4 KB 177ms
176ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a0faf065-e01e-00e8-0195-c66e71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8990c633ac1074c0-MIA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 78ms
74ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=862779876&t=pageview&_s=1&dp=%2F&ul=en-us&de=UTF-8&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=12429295&gjid=1479645374&cid=185237236.1719274643&tid=UA-432816-1&_gid=1241961732.1719274643&_r=1&_slc=1&gtm=45He46j0n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&z=1312626434

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/84314bef/www-widgetapi.vflset/ 24 KB
8 KB 64ms
61ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8237
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 04:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 25 Jun 2025 00:16:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
357 B 179ms
64ms XHR
text/plain 2607:f8b0:4004:c21::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-432816-1&cid=185237236.1719274643&jid=12429295&gjid=1479645374&_gid=1241961732.1719274643&_u=YEBAAEAAAAAAACgAI~&z=694057451

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jun 2024 00:17:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bv.js Show response
apps.bazaarvoice.com/deployments/elfcosmetics/main_site/staging/en_US/ 69 KB
22 KB 340ms
167ms Script
text/javascript 2600:9000:2511:f600:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/deployments/elfcosmetics/main_site/staging/en_US/bv.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:f600:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5bcd8b4669a5a032beb454a70f3eaf884f1e44f785109f191b71fd7cb1147080

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:23 GMT
content-encoding: gzip
via: 1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-version-id: 2uwq3b0Rg1TmbC0iSxsDFaXJWUGGKvTs
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 21661
last-modified: Thu, 09 Feb 2023 15:17:20 GMT
server: AmazonS3
etag: "61e58e9e66124dc498a4fe474c7ca192"
vary: Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: N8TpKEILrAz88meX8_nd9hLgLTMpeUWWzL2PEUgwBx0ggv_XxEjbuA==

GET
H2 200 110221.ct.js Show response
tag.rmp.rakuten.com/ 47 KB
15 KB 134ms
60ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/110221.ct.js

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

11762f3811534382a7fe191591000ebd869ce22a1936004470c4ce1d420a36a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Jun 2024 00:17:22 GMT
x-cache: hit
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 afterpay.js Show response
portal.sandbox.afterpay.com/ 284 KB
81 KB 211ms
128ms Script
text/javascript 2606:4700::6813:b0d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.sandbox.afterpay.com/afterpay.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b0d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1f9b482277bad68eac0ea5cdfbf2d55e5578cb83df84dd45afd86a5f2aa518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 9ef84cf4cc2ba519912977f9e63d129e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
age: 90
x-amz-cf-pop: MIA3-C5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Thu, 13 Jun 2024 05:00:21 GMT
server: cloudflare
etag: W/"1ef4f1d6b0cae30b4e08b7fb88851065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=60
cf-ray: 8990c63558fd4c12-MIA
x-amz-cf-id: Dv_lXtHZFNSrWFEqmHa2slZ6FiQDQAQ3LliUt3eCrTNTwcIpHudsBg==

GET
H2 200 braze.min.js Show response
js.appboycdn.com/web-sdk/4.5/ 202 KB
56 KB 129ms
49ms Script
application/javascript 2606:4700::6810:7809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/4.5/braze.min.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4adff3c1c64b9816a0b089544ce135490356f3c87a34b43c59660cf94bc3eba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 17:51:35 GMT
server: cloudflare
x-amz-request-id: 6W1AK37MVT48EF13
age: 1745
etag: W/"88cddc3df06c791edbaadbe7a552a0ef"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8990c6355dd5a524-MIA
x-amz-id-2: ilraasjq+0EaLz21BP0mN4t3298AdrmwONBZDmQRMFrkI/42GByJ5Sl9cxoNtd+BMG5mvT4zLyQ=
expires: Tue, 25 Jun 2024 04:17:22 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 225ms
67ms Script
application/javascript 2600:141b:1c00:30::1739:5a65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a65 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 00:17:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
x-amz-request-id: 2YB2S79F7M1AYA0H
ETag: "5a676288bcea03bd05e483bc4ce066ae"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2054
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11792
x-amz-id-2: zv8gjwupVIE8rjvpBDLtKTftzWpNC38nKXy5SoA9M4CleAIvm2p/AV+zJcIejoEzSUvSi4VBbsk=
Expires: Tue, 25 Jun 2024 00:51:36 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 50ms
50ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 27530
x-ms-lease-status: unlocked
last-modified: Mon, 24 Jun 2024 01:56:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3914aa07-601e-0094-66e6-c5f344000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8990c634fc07a677-MIA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
511 B 477ms
476ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Mon, 24 Jun 2024 16:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9172bc14-801e-00da-4495-c636a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8990c6351dc774c0-MIA

POST Api-SetTrackingAllowed
development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0

POST Api-SetCookieData
development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 0
0

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 43ms
42ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 28469
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2024 19:47:44 GMT
server: cloudflare
etag: 0x8DC9161DA6DCD3D
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 47d2e917-201e-0093-7c7b-c305c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8990c6352c3ca677-MIA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 43ms
43ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jun 2024 00:17:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 42827
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2024 19:47:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a1658fde-601e-00f2-030e-c4411e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8990c6352c3fa677-MIA

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
414 B 140ms
56ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/110221.ct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

9926e6dab8984b50d0371bfc59a07decff730f61f253126257c481f8f5c8e9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/plain; charset=utf-8
date: Tue, 25 Jun 2024 00:17:22 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-samesite: secure

GET
H2 200 / Show response
tags.rd.linksynergy.com/js/9097/ 14 KB
14 KB 290ms
182ms Script
text/html 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.rd.linksynergy.com/js/9097/?pt=home

Requested by

Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/110221.ct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

75e90110108cc3c6588fc188d8ab2252a9a9a949d51723fa2f0239e805f67d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:23 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Jun 2024 00:17:23 GMT
x-samesite: secure
content-type: text/html
cache-control: max-age=2592000, no-cache
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13909
expires: Fri, 23 Jun 2023 20:04:51 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 138ms
138ms Image
image/gif 142.251.40.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=185237236.1719274643&jid=12429295&_u=YEBAAEAAAAAAACgAI~&z=164239857

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

404
development.elfcosmetics.com/
Redirect Chain

https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=Affordable%2...
https://development.elfcosmetics.com/404

0
0

GET
H/1.1 200
OK batch.json Show response
stg.api.bazaarvoice.com/data/ 644 B
1 KB 300ms
125ms Fetch
application/json 52.20.196.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.api.bazaarvoice.com/data/batch.json?passKey=i3oac3j1xm1adoxndn7ez2thv&apiversion=5.5&displaycode=13573-en_us&resource.q0=products&limit.q0=1
Requested by: Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.20.196.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-196-93.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3f35a18a6fb42471cbd8ffd1aba998921e3038c5d7b4918189409a4f0bc06771

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 00:17:23 GMT
Content-Encoding: gzip
X-Bazaarvoice-Quota-Allotted: 1728000
X-Bazaarvoice-Quota-Reset: 2024-06-25T01:00:00.000Z
Transfer-Encoding: chunked
X-Bazaarvoice-Api-Version: 5.5
Connection: keep-alive
X-Bazaarvoice-Quota-Current: 24
X-Bazaarvoice-QPM-Current: 1
X-Bazaarvoice-QPM-Allotted: 1200
Server: nginx
X-Bazaarvoice-QPS-Allotted: 20
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://cc-elf-us-dev.elfcosmetics.com
Access-Control-Expose-Headers: X-Bazaarvoice-Api-Version,X-Bazaarvoice-Original-MessageId,X-Bazaarvoice-Platform-Version,X-Bazaarvoice-QPM-Allotted,X-Bazaarvoice-QPM-Current,X-Bazaarvoice-QPS-Allotted,X-Bazaarvoice-QPS-Current,X-Bazaarvoice-Quota-Allotted,X-Bazaarvoice-Quota-Current,X-Bazaarvoice-Quota-Reset,X-Requested-With,X-CSRF-Token,Content-Type
Cache-Control: max-age=3300
X-Bazaarvoice-Platform-Version: 2
X-Bazaarvoice-Original-MessageId: rrt-0cdc93869d10382ca-c-ea-30226-79990854-1
X-Bazaarvoice-QPS-Current: 1

GET
H2 200 api-0.8.2.js Show response
apps.bazaarvoice.com/apps/api/ 32 KB
11 KB 74ms
72ms Script
text/javascript 2600:9000:2511:f600:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/apps/api/api-0.8.2.js

Requested by

Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:f600:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Dec 2023 16:17:27 GMT
content-encoding: gzip
via: 1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-version-id: kvnMIwPjpbNt45nTgF9mmYA0x1y87znz
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: JFK50-P6
age: 15321597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10599
last-modified: Tue, 28 Jun 2022 11:19:05 GMT
server: AmazonS3
etag: "86a440b08f71ad9de17500c8946fa7a1"
vary: Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: I-EWC4wTARDWXGBl5WUTAxb9S1f_qzIs0tmTuyVcRcr7g-AqvT1ZPQ==

GET
H2 200 api-config.js Show response
apps.bazaarvoice.com/deployments/elfcosmetics/main_site/staging/en_US/ 2 KB
1 KB 147ms
145ms Script
text/javascript 2600:9000:2511:f600:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/deployments/elfcosmetics/main_site/staging/en_US/api-config.js

Requested by

Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:f600:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e095e9ea41994a0303722e769ebc6ac1cd04ae4fbf2939ae8668eb6b1366fdf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:24 GMT
content-encoding: gzip
via: 1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-version-id: zXK21.xlVJzz.Ic5g7KN7Isbac9L28cj
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 780
last-modified: Thu, 09 Feb 2023 15:17:17 GMT
server: AmazonS3
etag: "67a90043dcd9f614834ee7fd54f73512"
vary: Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 0OlutG4BEm00wyN6qHf6PYtyVmfkOhXt8xzh2HF0_v0w9_yDC15DoQ==

GET
H2 200 bv-analytics.js Show response
apps.bazaarvoice.com/analytics/ 40 KB
13 KB 84ms
83ms Script
application/javascript 2600:9000:2511:f600:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/analytics/bv-analytics.js

Requested by

Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:f600:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7d22f48243f28ae0d3cfbbc0ec1919450e5249f32645dfdf104c83d0b5cfd00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:02:21 GMT
content-encoding: gzip
via: 1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-version-id: bpPpZ5pM20Ya_S0L3_fvvcnrkhtTNNfQ
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: JFK50-P6
age: 519303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 12865
last-modified: Tue, 28 Feb 2023 07:25:25 GMT
server: AmazonS3
etag: "d30320dafbb1e585d933d2657267b544"
vary: Origin
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: mO8b-iI9Vtqh8eRxGaD9Kn3oqQ7slWRnKDOH_SqU1VE-pCj8rvcM7A==

GET
H2 200 a.gif
network-stg-a.bazaarvoice.com/ 43 B
231 B 188ms
62ms Image
image/gif 44.214.85.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://network-stg-a.bazaarvoice.com/a.gif?loadId=18e9abaefbd130ab&BVBRANDID=b64085f9-a370-472e-8a70-60a1d859bd04&BVBRANDSID=6bfcf80f-aef7-4074-9aec-2bea923684f5&tz=600&sourceVersion=3.17.2&magpieJsVersion=3.17.2&source=bv-loader&environment=prod&client=elfcosmetics&dc=13573&host=cc-elf-us-dev.elfcosmetics.com&r_batch=!((bvProduct:bv-loader,bvProductVersion:%2713.14.0%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:%272.1000%27,endTime:%273104.7000%27,locale:en_US,name:timeToRunScout,startTime:%273102.6000%27,type:Performance))&_=oipqb3
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.85.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-85-195.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
date: Tue, 25 Jun 2024 00:17:23 GMT
cache-control: no-cache, no-transform, must-revalidate, max-age=0
content-type: image/gif
server: nginx
content-length: 43
expires: -1

GET
H2

200

cs
tags.rd.linksynergy.com/
Redirect Chain

https://idsync.rlcdn.com/458359.gif?partner_uid=24af1589-2b82-4c98-81b9-6b2aff556d3f
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDI0YWYxNTg5LTJiODItNGM5OC04MWI5LTZiMmFmZjU1NmQzZhAAGg0IlJnoswYSBQjoBxAAQgBKAA
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=258bed4b0ad50276d73a4be3334f84348082f05dce8343172ff8a35b09f714c46ac34734d8e453ee

37 B
302 B

56ms
55ms

Image
image/gif

34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.rd.linksynergy.com/cs?ns=lr&uid3=258bed4b0ad50276d73a4be3334f84348082f05dce8343172ff8a35b09f714c46ac34734d8e453ee

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 25 Jun 2024 00:17:24 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-samesite: secure

Redirect headers

date: Tue, 25 Jun 2024 00:17:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://tags.rd.linksynergy.com/cs?ns=lr&uid3=258bed4b0ad50276d73a4be3334f84348082f05dce8343172ff8a35b09f714c46ac34734d8e453ee
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 9097
tags.rd.linksynergy.com/pix/ Frame 7C25 0
0 187ms
123ms Document
text/html 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.rd.linksynergy.com/pix/9097?type=pos&pt=home&href=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&_rm_fire3p=true

Requested by

Host: tags.rd.linksynergy.com
URL: https://tags.rd.linksynergy.com/js/9097/?pt=home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=2592000, no-cache
content-length: 23191
content-type: text/html
date: Tue, 25 Jun 2024 00:17:24 GMT
expires: Fri, 23 Jun 2023 20:13:05 GMT
last-modified: Tue, 25 Jun 2024 00:17:24 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
via: 1.1 google
x-samesite: secure

GET
H/1.1 200
OK Zu74BoNPpwR9OAVJ Show response
imgs.signifyd.com/ Frame F37C 303 KB
52 KB 312ms
112ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/Zu74BoNPpwR9OAVJ?660f06ebadfc0699=sUG9NMTbmQ_nXwDsr8f5N5fs-bu-KtodfHoy0daaisP-KXv-mFrKmiodMS8g1RdJIai87sJs-GueXJXZq2tfhupjqvwVaqnlQXV1GWBfKMhyQ1y1pDSGHh90plGdBv6FCG5fMz4776ko1C0Fo_tvLt93FS7BvnP1iFpDsKYHjJIhLRRymZYG69hghfQSHDFUtnH0LXkyq7V-Wha5zx1SopX8KXBNKLi3CvP6qbRHag9hcClipfgGCSpxUx5WiiNpQFdei2JlVFyKCqlV&jb=35312426687b6777355f61646e677d7b24687b6d3f556b6e646d777b27303a3b33246073687d3f436070676d6d2462736a374b687a6565672f323831383c

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/x0c0fuo3priw2icz.js?2269lcczf4y68h2x=w2txo5aa&v9otsj8vi3qx61vk=aHR0cHM6Ly9kZXZlbG9wbWVudC5lbGZjb3NtZXRpY3MuY29tLzY1MzY3ZTM1ZjllODFiZTYyMjgxNTZiOGU4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

dac964d799693671c6a7ec7e4b650bab2bf801be623806d73dbc9a2ec0bebc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 950ab00c8b3fab78
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK k44k_8gxQ-S4eibC
imgs.signifyd.com/ Frame F37C 81 B
475 B 302ms
100ms Image
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/k44k_8gxQ-S4eibC?793ebd448aff98cd=0BsLgTnpz3nzrB41Qe6UlyJlIgvHUVqcykD4gXO8cLxQ6iEwKEpwlXBGIlrLJ1_O955ZJ9Sf540_18xsuYi9_PRmbW4cqbcQSyO2YVUKZo_CPj6GY10z_jZqj-ID_zl3YpUdfhywvfdNFlwdCB1tu-NFOMSq7vA_eutL-DaZe_Ku2OhbLGMF498elYYYAI7ohUAymY_r3tzn1Fthgb5YunkusofDVWm_UqdKacc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ox88VHs5skbpSlrg
imgs.signifyd.com/ Frame F37C 81 B
475 B 299ms
99ms Image
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/ox88VHs5skbpSlrg?23602676a9d195d3=No0mjxLeV4DOIhWZeDcPOaHZuVA3qeSHkS_lB7HDVD_3wWEUXldn8snlhytRR5Ap4gbCtyX7AZq483jrG9JSmkKrZaaWkBgDVq1d4HRHBgXb6L7xsIcwimv7VVZVLupwKRDrt4qN2uMKAIb48FB2BBxyVL-iiVvtdZ0vduwjS3UiJhc3mqMMf3CxvgY7zaD_Dwv8T4m5YXXwjoaAw2e4_h1ZkOaTpnor_Ydk55Q

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 96ms
95ms Script
application/javascript 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c0c8b53ad8efc1b3ce1f8f06c1f21540ef05df48e0d4c9795ae6d4db83ee3a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78242
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 00:17:25 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 100ms
98ms Script
application/javascript 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bddddc368f8a9dc28982e860d89e424f6c4deabdce3f5c06870e3e8447595ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78235
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 00:17:25 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 198ms
64ms Script
application/javascript 2a04:4e42:46::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:46::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: br
x-cdn: fastly
etag: "9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1878

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 190ms
63ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jun 2024 00:17:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=12, mss=1297, tbw=2763, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 3sQdAUQUH7XkrPlO6HRdRPogH/HweeLsY/QQ38NOyG9ggDYPcufL5RnXEkq95D/84e3vd+Z6+l5qBnBQlkz8UA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 111ms
32ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 300ms
184ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 25 Jun 2024 00:17:24 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 316A86C8748447EDA213C4EE2470B76B Ref B: MIAEDGE1912 Ref C: 2024-06-25T00:17:25Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 247ms
94ms Script
application/javascript 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 41a730a41b53c20792561d1904487a341f32b9572646128575267648dc50a85c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 28c8d8c
date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625001725DC7B8E3FB15B4A48BCB6-3DCA9F4257ACB2C4-00
x-cache: TCP_MISS from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=14
content-length: 2317
pragma: no-cache
server: nginx
x-tt-logid: 20240625001725DC7B8E3FB15B4A48BCB6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.44.200.144
x-tt-trace-host: 01439e9c575441e437c8f70b0cf4bee413d6b1dd3ea6f3c8573bc2c2587bc3b14ef3e719cf5daa49cd6282a6b7ceec6aa9188a4d269d3abf3788fef5427b953953fba43be57397b4ccdf40cc36ba88d3bc6cc1104dc4f012b78d750d1b8e199f9f
expires: Tue, 25 Jun 2024 00:17:25 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 243ms
91ms Script
application/javascript 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5fc7daec3049f34cb4a29c98ada947c074396dbef9beb12af9dfe144da7aac93

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 28c8d8d
date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625001725361F2C5463A9B0A0E5B0-3006F2431A6D42D9-00
x-cache: TCP_MISS from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=15
content-length: 2322
pragma: no-cache
server: nginx
x-tt-logid: 20240625001725361F2C5463A9B0A0E5B0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.44.200.144
x-tt-trace-host: 01439e9c575441e437c8f70b0cf4bee413d6b1dd3ea6f3c8573bc2c2587bc3b14ec39b8c2be1edb19c10f88d8c9a83b57bb29caf064f31e15e4c313b5632e7319a4d5e10cff932bb93c5d5a6958042126b51a209bf40ffafdfa422d8ad3349598e
expires: Tue, 25 Jun 2024 00:17:25 GMT

GET
H2 200 widget.js Show response
js.jebbit.com/companion/v1/ 44 KB
45 KB 261ms
84ms Script
text/javascript 2600:9000:24f1:c400:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:c400:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc9709489aeba0f23cc18fd3d1ff6f2087e1381ba6dbe92e98738228d520fd54

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:08:56 GMT
x-amz-version-id: j3bLD5VAFZVsHy8WM9iuVjqRLf9F9664
via: 1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 15:04:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 76110
etag: "226557253164387c89ed4612b780f10f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 45245
x-amz-cf-id: JhGqwGjpSlEYcMKiUvCyA6A0U3gHKX1J8c07hqUtlUN4tGQqREOTCg==

GET
H2 200 cnxtag-min.js Show response
js.cnnx.link/roi/ 2 KB
1 KB 261ms
77ms Script
text/javascript 2600:9000:23cb:1600:11:85b0:d600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:1600:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f7e9c4d6427d6379534a8324d46af322f1a7b3aebe482a1e5bdaf2e069714568

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:23 GMT
via: 1.1 google, 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: JFK50-P1
age: 2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: max-age=600
x-amz-cf-id: Da6hGPfsJCuYDF6wPh4mCZtGTEdGxl71raxl7fJ-FVXk0HpYa0ZWTA==

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
587 B 386ms
301ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&_p=1719274641629&gcs=G111&gcd=13v3v3v3u5&npa=1&dma=0&tag_exp=0&cid=185237236.1719274643&ecid=1834218702&ul=en-us&sr=1600x1200&_fplc=0&ir=1&ur=US-FL&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.rnd=1648855719.1719274642&sst.gse=1&sst.gcd=13v3v3v3u5&sst.adr=1&sst.tft=1719274641629&sst.ude=0&_s=1&sid=1719274645&sct=1&seg=0&dl=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_ss=1&ep.vendor_id=facebook&ep.event_id=1719275158796_171927481377727&tfd=5065&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2

200

pixel.gif
cdn.blisspointmedia.com/assets/img/
Redirect Chain

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=89006a85-8f5a-4213-905e-c7b636b1fced&user_id=undefined&utm_source=undefined&utm_medium=undefined&utm_campaign=undefin...
https://cdn.blisspointmedia.com/assets/img/pixel.gif

807 B
1 KB

513ms
57ms

Image
image/gif

18.238.80.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.blisspointmedia.com/assets/img/pixel.gif
Protocol: H2
Server: 18.238.80.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-94.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 24 Jun 2024 06:16:46 GMT
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2019 16:24:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 64841
etag: "18b3e43abad26bdac6f4cea944777b62"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 807
x-amz-cf-id: 4plxY7NEbGYdHyRx4Vuy2VbnokPoAXWdnWcskz2of-ypR2Uz2gAzLA==

Redirect headers

date: Tue, 25 Jun 2024 00:17:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amzn-requestid: c5b5bc08-906d-45fb-9f05-563444687c3e
x-amzn-trace-id: Root=1-667a0c95-2a8d0e7b5b5a2f4619962abf;Parent=7f91b5d8312a9d6f;Sampled=0;lineage=07bbc27a:0
content-type: application/json
location: https://cdn.blisspointmedia.com/assets/img/pixel.gif
access-control-allow-origin: *
x-amz-apigw-id: Z5bnYGcloAMEmSw=
content-length: 2

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2

43 B
1 KB

129ms
129ms

Image
image/gif

68.67.179.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2

Protocol

Server

68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:25 GMT
an-x-request-uuid: bb210d3f-424d-43b5-9040-895ca69b0289
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.77; 38.132.118.77; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:25 GMT
an-x-request-uuid: 6f8ed057-4162-4318-9a32-44e7ca465778
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D160890%26%2520seg%3D6104893%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.77; 38.132.118.77; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MGQ4ODcxZjAtZTQwMS00M2E3LWI5NjQtMjVjODQyYTllZjZk&gdpr=0&gdpr_consent=&ttd_tdid=0d8871f0-e401-43a7-b964-25c84...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=0d8871f0-e401-43a7-b964-25c842a9ef6d&google_gid=CAESEPABSYt8sh_lSH3_ni6EAM0&google_cver=1
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=0d8871f0-e401-43a7-b964-25c842a9ef6d
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8446786216128769053&ttd_tdid=0d8871f0-e401-43a7-b964-25c842a9ef6d
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0d8871f0-e401-43a7-b964-25c842a9ef6d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d8871f0-e401-43a7-b964-25c842a9ef6d&expiration=1721866646&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d8871f0-e401-43a7-b964-25c842a9ef6d&expiration=1721866646&gdpr=0&gdpr_consent=&C=1

43 B
735 B

69ms
69ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0d8871f0-e401-43a7-b964-25c842a9ef6d&expiration=1721866646&gdpr=0&gdpr_consent=&C=1
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNVECPAUuSG5h04TloFexgE9KdO3l%2Brcsu0BH%2BJMg7VE4hv44IOpyjh%2FkYe19pAFGiu6mycps%2Fdp5hhx4ANFakxd9wv9iJai7RmlT4vEs0OOh3Qh5C9XWRZi%2FcWLvHEZ9PAB%2BpFBR2cquA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8990c64b88fc0325-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRyrgSIcSH%2BtM53ZzyI6rJoIAMXaJt8Lk9Vc6pQhW83th0TKvm55uRLRd7K47heZKFu6iaXdC13f3JSlmfsE2qzsE6zW6zL3%2BLizywhaagkhhPdQ%2B8Dla6jk3BukjZUbUWJZqoRAcbt3Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=39&external_user_id=0d8871f0-e401-43a7-b964-25c842a9ef6d&expiration=1721866646&gdpr=0&gdpr_consent=&C=1
cache-control: no-cache
cf-ray: 8990c64b087e0325-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
59ms Image
image/gif 142.250.80.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=862779876&t=event&ni=1&_s=1&dp=%2F&ul=en-us&de=UTF-8&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aHDAAEABAAAAACgAI~&jid=&gjid=&cid=185237236.1719274643&tid=UA-432816-1&_gid=1241961732.1719274643&gtm=45He46j0n81WL3STMXv896608294za200&gcs=G111&gcd=13v3v3v3u5&dma=0&tag_exp=0&npa=1&z=54468782

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 09:00:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55012
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/default/dw18c2b797/images/ 27 KB
4 KB 335ms
327ms Other
image/x-icon 104.16.136.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cc-elf-us-dev.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/default/dw18c2b797/images/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.136.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2185a0c47d26b13be50710c4794d7bbaad1aaed7b74490f2e641e0f62d73955e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 16:09:17 GMT
server: cloudflare
vary: accept-encoding
content-type: image/x-icon
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
cf-ray: 8990c643f9030a12-MIA
x-dw-request-base-id: _1DazZUMemYBAAB_
expires: Thu, 25 Jul 2024 00:17:25 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_16331p/ 3 B
124 B 106ms
33ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_16331p/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_16331p_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 104ms
40ms XHR
application/json 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 105ms
33ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1719274645110&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=99dafbd6-372a-4233-8a0f-1100237c99a1&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 main.f74ed22b.js Show response
s.pinimg.com/ct/lib/ 70 KB
20 KB 65ms
64ms Script
application/javascript 2a04:4e42:46::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:46::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: br
x-cdn: fastly
etag: "446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 20114

GET
H2 200 haloGlowFam_D_mainIMG-2.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw1fec28b4/homepage/2023/04/ 882 KB
884 KB 128ms
123ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw1fec28b4/homepage/2023/04/haloGlowFam_D_mainIMG-2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: abeaee675488e2822c821477339ce9896e57e9a1e1834f642537bd148b15b81b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:25 GMT
cf-cache-status: MISS
age: 3340693
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715874284-1398598428 tts/1715543171522 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02835d/[13,-,1715933871840] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 88522c65cab4e25c-ORD
x-dw-request-base-id: G3ERGq8SR2YBAAB_
content-length: 903439
expires: Sun, 16 Jun 2024 08:17:51 GMT

GET
H2 200 NEWARRIVALS_D_2.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw2439d6ab/homepage/2023/06/ 72 KB
73 KB 732ms
727ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw2439d6ab/homepage/2023/06/NEWARRIVALS_D_2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d3b0b3f1f2c1e5034007196b7f26370c5fcf0185c59db37f89d8a10b8d9e9660

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:25 GMT
cf-cache-status: MISS
age: 3340693
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715874284-1398598429 tts/1715543171522 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02835e/[8,-,1715933871132] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 88522c65ca54637b-ORD
x-dw-request-base-id: G3ESGq8SR2YBAAB_
content-length: 73742
expires: Sun, 16 Jun 2024 08:17:51 GMT

GET
H2

200

activityi;dc_pre=CMDfj5S99YYDFYkZ-QAdwZwLTg;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=14408...
9231397.fls.doubleclick.net/ Frame 876D
Redirect Chain

https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144...
https://9231397.fls.doubleclick.net/activityi;dc_pre=CMDfj5S99YYDFYkZ-QAdwZwLTg;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=un...

0
0

127ms
126ms

Document
text/html

142.251.35.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9231397.fls.doubleclick.net/activityi;dc_pre=CMDfj5S99YYDFYkZ-QAdwZwLTg;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144085566;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jun 2024 00:17:25 GMT
expires: Tue, 25 Jun 2024 00:17:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jun 2024 00:17:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9231397.fls.doubleclick.net/activityi;dc_pre=CMDfj5S99YYDFYkZ-QAdwZwLTg;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144085566;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144085566;uaa=x86;...
ad.doubleclick.net/ 0
25 B 238ms
130ms Image
image/png 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=3319597455100;npa=1;auiddc=1558942984.1719274642;u6=%2F;u10=undefined;u12=undefined;u8=undefined;ps=1;pcor=144085566;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3169690586734149752"}],"aggregatable_trigger_data":[{"filters":[{"14":["8259474"]}],"key_piece":"0xab0d1df2ae15f14a","source_keys":["12","13","14","15","16","17","18","19","20","21","628473576","628473577","628473578","628473579","628534472","628534473","628534474","628534475","628613572","628613573","628613574","628613575","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","628827972","628827973","628827974","628827975","634786564","634786565","634786566","634786567"]},{"key_piece":"0x705de081e5557b42","not_filters":{"14":["8259474"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628473576","628473577","628473578","628473579","628534472","628534473","628534474","628534475","628613572","628613573","628613574","628613575","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","628827972","628827973","628827974","628827975","634786564","634786565","634786566","634786567"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628473576":32,"628473577":32,"628473578":32,"628473579":3177,"628534472":34,"628534473":34,"628534474":34,"628534475":3345,"628613572":32,"628613573":32,"628613574":32,"628613575":3177,"628795380":32,"628795381":32,"628795382":32,"628795383":3177,"628812176":32,"628812177":32,"628812178":32,"628812179":3177,"628827972":32,"628827973":32,"628827974":32,"628827975":3177,"634786564":32,"634786565":32,"634786566":32,"634786567":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15510997481222171667","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3169690586734149752","filters":[{"14":["8259474"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3169690586734149752","filters":[{"14":["8259474"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3169690586734149752","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3169690586734149752","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9231397"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CIHakpS99YYDFQs9-QAdoGgH8w;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1...
10742279.fls.doubleclick.net/ Frame 02AD
Redirect Chain

https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pco...
https://10742279.fls.doubleclick.net/activityi;dc_pre=CIHakpS99YYDFQs9-QAdoGgH8w;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-u...

0
0

129ms
128ms

Document
text/html

142.251.35.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10742279.fls.doubleclick.net/activityi;dc_pre=CIHakpS99YYDFQs9-QAdoGgH8w;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1370606683;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 432
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jun 2024 00:17:25 GMT
expires: Tue, 25 Jun 2024 00:17:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jun 2024 00:17:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10742279.fls.doubleclick.net/activityi;dc_pre=CIHakpS99YYDFQs9-QAdoGgH8w;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1370606683;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1370606683;uaa...
ad.doubleclick.net/ 0
25 B 187ms
130ms Image
image/png 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=1605110433249;npa=1;auiddc=1558942984.1719274642;u1=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F;ps=1;pcor=1370606683;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2738140744907228352"}],"aggregatable_trigger_data":[{"filters":[{"14":["12119809"]}],"key_piece":"0x589e63d3405f369e","source_keys":["12","13","14","15","16","17","18","19","20","21","15690448","15690449","15690450","15690451","16253844","16253845","16253846","16253847","628477676","628477677","628477678","628477679","628504556","628504557","628504558","628504559","628627208","628627209","628627210","628627211","628651320","628651321","628651322","628651323","628652116","628652117","628652118","628652119","628801632","628801633","628801634","628801635"]},{"key_piece":"0x9076c520cf2d3287","not_filters":{"14":["12119809"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15690448","15690449","15690450","15690451","16253844","16253845","16253846","16253847","628477676","628477677","628477678","628477679","628504556","628504557","628504558","628504559","628627208","628627209","628627210","628627211","628651320","628651321","628651322","628651323","628652116","628652117","628652118","628652119","628801632","628801633","628801634","628801635"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15690448":93,"15690449":93,"15690450":93,"15690451":9081,"16":65,"16253844":38,"16253845":38,"16253846":38,"16253847":3739,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628477676":32,"628477677":32,"628477678":32,"628477679":3177,"628504556":32,"628504557":32,"628504558":32,"628504559":3177,"628627208":32,"628627209":32,"628627210":32,"628627211":3177,"628651320":65,"628651321":65,"628651322":65,"628651323":6356,"628652116":32,"628652117":32,"628652118":32,"628652119":3177,"628801632":65,"628801633":65,"628801634":65,"628801635":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"17815258674310629638","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2738140744907228352","filters":[{"14":["12119809"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2738140744907228352","filters":[{"14":["12119809"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2738140744907228352","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2738140744907228352","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10742279"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTU0NDc1MDUxMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
98 KB 70ms
69ms Script
application/javascript 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 52960b56e4d4fbf39e5cae2833367131bb2354c69ab5d9eb296d82733f62923d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 28c8de7
date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240620151723A19908DCE2B249855D41
x-tt-trace-id: 00-240620151723A19908DCE2B249855D41-7C0FE76A7F930777-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016a9763deb2845cfd181a37b33c200a7e38df0875bd9a97578f3174336e93fa2335ee10119885243b1727a870d50a5bd0f02649419dccdc19fb73cd13d69b85e61efc4bd512ece1f2e98d003afde20203b99aac348480a68c88c294fe2ac1320d
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 100198

GET
H2 200 main.MTU0NDc1MDUxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 339 KB
97 KB 197ms
197ms Script
application/javascript 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 28c8de8
date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240620151618F54BCE4B454FC87FDC64
x-tt-trace-id: 00-240620151618F54BCE4B454FC87FDC64-6B72291A6BF318B1-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01dca4f85e283a3e04c159938b8a5561c7c9d578af0cf841894d856761db14120eddc1209b4fb011f1a1ef621a2b1014335465506ffd9588009ff6ba8be2a74165119eb4aed1de7252ceebddeb0caecce695d19ca04c5348c0b3ce94fdd35808ba
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 98478

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
303 B 138ms
59ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1719274645343&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1288118618006501
content-length: 186
pin-unauth: dWlkPVltTXlNMlkzTVRBdE5XVTRZaTAwTUdVNExXSTFORGd0WW1Kak9EY3daRFJpT1dOaQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
641 B 136ms
59ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221719275158796_171927481377727%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1719274645345&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 6759349261262329
content-length: 186
pin-unauth: dWlkPVpUWTJPVEJoWXpRdFptTmxZeTAwWkdVeUxXRTJNMll0TkRBd09HTTNZamsyTVdKbA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.css
js.jebbit.com/companion/v1/ 15 KB
16 KB 166ms
166ms Stylesheet
text/css 2600:9000:24f1:c400:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.css
Requested by: Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:c400:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 875ca118023e8741e684a320e73b7f9af4e8eba6c88f1f7e8457f7c0cdda6efb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 09:25:25 GMT
x-amz-version-id: 5TtP6A3FvksKClCFN7X6r1PsSCc1hWlP
via: 1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 15:04:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 53521
etag: "de1b72e797664b9b2c2139e5ccb24844"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 15521
x-amz-cf-id: QMKllB0zZteaHIDq8z1IvL9R14U5JIJsY4df8rDVoLJHY6hNv8jIZw==

GET
H2 200 launcher_configs Show response
external-api.jebbit.com/moments/v2/ 2 B
455 B 198ms
59ms XHR
application/json 34.195.40.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZjYy1lbGYtdXMtZGV2LmVsZmNvc21ldGljcy5jb20lMkY=&completedLightboxCampaigns=W10=&jebbitCookies=

Requested by

Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.195.40.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-195-40-121.compute-1.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 1638306756445368 Show response
connect.facebook.net/signals/config/ 71 KB
15 KB 131ms
129ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1638306756445368?v=2.9.158&r=stable&domain=cc-elf-us-dev.elfcosmetics.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c6ad532f6b2681f5bbf520f052c20564518db128d49c4faa8bfde69fff49760

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jun 2024 00:17:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=64, mss=1297, tbw=63515, tp=-1, tpl=-1, uplat=67, ullat=0
pragma: public
x-fb-debug: 80dR2T8SDuS44H33OQ608kU5uMl2Q1V2CwKEfkAp11ehtOWOEbVLISC+3LaufZvZGJQkDuPz1hEcRM+N9fGtqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 115ms
60ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1719274645367
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:25 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1557201622878933
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5013978.js Show response
bat.bing.com/p/action/ 0
116 B 59ms
54ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5013978.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 25 Jun 2024 00:17:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FFDD3FC731B14F0F9154777CA5B2B042 Ref B: MIAEDGE1912 Ref C: 2024-06-25T00:17:25Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 84ms
84ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=e96ac9dc-2248-4487-97b9-c4e0941e6458&sid=4c9864c0328811ef8d2dd11aede03c24&vid=4c991850328811efb4ae2d489b558fb3&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&kw=%20&p=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&r=&lt=5016&evt=pageLoad&sv=1&rn=660693

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jun 2024 00:17:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70338F48E88744EE8B0B2CF5551834CE Ref B: MIAEDGE1912 Ref C: 2024-06-25T00:17:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/4142/ 18 KB
6 KB 110ms
34ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4142/i.js
Requested by: Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: fa82f442825e37da450753beffc9ef5169fb2219bbc409c28b19e55000d7285f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:14 GMT
content-encoding: gzip
x-envoy-decorator-operation: tag-router.tag-router.svc.cluster.local:80/*
via: 1.1 google
age: 11
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5912
server: istio-envoy
etag: dca4f14476b310
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H3 200 include.js Show response
cdn8.eu.inside.chat/gtm/IN-1011171-EC/ 23 KB
6 KB 114ms
58ms Script
application/javascript 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js

Requested by

Host: cc-elf-us-dev.elfcosmetics.com
URL: https://cc-elf-us-dev.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb5a96a0b8bb188276405893ba46f3dcb643f868258f089870e4ee0edc18bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
age: 280
cf-polished: origSize=33893
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Jun 2024 18:33:40 GMT
server: cloudflare
etag: W/"01a48e12dbcda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 8990c64619412887-MIA
expires: Tue, 25 Jun 2024 01:17:25 GMT

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 33ms
32ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
x-cdn: fastly
age: 89
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame CEF1 0
0 117ms
57ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 25 Jun 2024 00:17:25 GMT
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1208760934865800

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 59ms
58ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221719275158796_171927481377727%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1719274645494&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:25 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4508390049211148
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame F37C 81 B
546 B 298ms
99ms XHR
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/Zu74BoNPpwR9OAVJ?660f06ebadfc0699=sUG9NMTbmQ_nXwDsr8f5N5fs-bu-KtodfHoy0daaisP-KXv-mFrKmiodMS8g1RdJIai87sJs-GueXJXZq2tfhupjqvwVaqnlQXV1GWBfKMhyQ1y1pDSGHh90plGdBv6FCG5fMz4776ko1C0Fo_tvLt93FS7BvnP1iFpDsKYHjJIhLRRymZYG69hghfQSHDFUtnH0LXkyq7V-Wha5zx1SopX8KXBNKLi3CvP6qbRHag9hcClipfgGCSpxUx5WiiNpQFdei2JlVFyKCqlV&jb=35312426687b6777355f61646e677d7b24687b6d3f556b6e646d777b27303a3b33246073687d3f436070676d6d2462736a374b687a6565672f323831383c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*, w2txo5aa/950ab00c8b3fab78ahr0chm6ly9kzxzlbg9wbwvudc5lbgzjb3ntzxrpy3muy29tlzy1mzy3ztm1zjllodfiztyymjgxntziogu4
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 25 Jun 2024 00:17:25 GMT
Server: Apache
Etag: 0e112a11f7a5457b80a2da6a90c11a45
Content-Type: image/png
Access-Control-Allow-Origin: https://cc-elf-us-dev.elfcosmetics.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 24 Jun 2029 00:17:25 GMT

GET
H/1.1 200
OK ugnNMf_SfE71CgBF
imgs.signifyd.com/ Frame 98A7 0
0 314ms
102ms Document
text/html 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/ugnNMf_SfE71CgBF?b22180e98a3488e6=NSepwJldSWsvlMCZTSgMqYdckVyI63GgAJO2p52aMxN0ClTr0u2C7ul_GyOGdkhLjnxWuv2ch0dCRVmezpFCbA401xfCElQcYOein8ZEnMwy6ACbfIN9ryK9b5APoK7srFhJYDsu5GzvS3GiRBWIaAvsY943_9tbsIxHg9pwh_GNjOtNIsQKhLt7cAnTCbPToSZXJNQCx_ZocoX3kTedCUkxI11PzX6oSwMyODOYJTzsbD7c_5yxLoblP4mgJN8_tm-29BkxcfnMjC5rDWs

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 25 Jun 2024 00:17:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK GToEfVPU14q4uboe Show response
imgs.signifyd.com/ Frame F37C 0
398 B 100ms
99ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 2rb-7Xx6fszIQgu_ Show response
imgs.signifyd.com/ Frame F37C 134 B
654 B 101ms
101ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/2rb-7Xx6fszIQgu_?c21334da3dbcfdea=_BfVLnXyNMAUPkB4tdzD095X7DjtW6fQg7kLq-jvqSxfFNtb7aH6luXW_dhvUCDdXYsAn5RO6GlT47bGOXyWBH_1oNqlwR0aJiWycJEkjZo0Ekg8KHukzVkX0GL3a0EjMHRgIuvJL9caOnu4kjVKPnCe_w-SzDhZSsEgP_9a-36sgv5hbSuvi2-sY076cl69fuC2nBTrxIe8H68MfQ6iJA

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

08507569ca429fef9c5941dd2fa63204a8a123bb43e26dd7f15526e5076f14c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK UJRuUFhoe_2xOydA
h.online-metrix.net/ Frame 8DEC 0
0 338ms
108ms Document
text/html 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/UJRuUFhoe_2xOydA?b11c8ff092d5fc0e=PYREhXtJ9briMMdnklQjd8a8I-zp3RviC6mW5pQclKa3oSkDlbcVEb-rcQR5nu62JkQF8gZu3WERReHOxak2bXBY6Gqi-aFpPIru9YUJPgbd8tE_vYg60-ckDZPvOI6Mar0Te6acmPN-mGnjR9u4OVIifP-DOJGhiz8de8zNrcqmYZxixaTDnMNhLJ47jXWhXEC9Gjstkx5lIz42X6239BQnTc2KCny2FchqvETlq1PWVFS67FN5oxtMO6lSNvRJ_LPjI8gqKggKcZyVby19

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 25 Jun 2024 00:17:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK rnn4VeFjs1bo1UcS
imgs.signifyd.com/ Frame 3D4D 0
0 313ms
109ms Document
text/html 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/rnn4VeFjs1bo1UcS?5fb514d5a8a4dbbe=3vstIBfrE7WH0Yx4HT0zNl45mOKHWLVTCVQYsm5t-xff_oJRzA0oHvy2CI6035HjvNw75vnzR5ohSzFIr5UMc5BDY-TktsrTnVGfL7K4zWPHr9k3s-Izu2lDTJbUrYZGnvvNRgfToqvJnGCc6ka3wO8ALfiuRkyQIA-88rXxq-zeuzwxeUd_324g2mb_BVZDnFMLvxBLebuXjlJdp_4e0zf0kms5N4jGqf6Ap1BnJinUnQBWBfVdkyBe7ntpUwn4QDPDDYZGtGNjFqcaJV71

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 25 Jun 2024 00:17:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content cMiVwwM4zbry5Htb Show response
h64.online-metrix.net/ Frame F37C 0
357 B 324ms
108ms Script
text/plain 2620:f3:0:14:b401:8ee8:4321:ad82
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/cMiVwwM4zbry5Htb?48600fd6827cab58=KR8h_OsBr_zTmtms5YW0Z3KEfQLLfiRfe1l-0f1HaXwRvgQ0LNyOlNJmPdX2b94y2Caz-yrMBlKOEcjhwjN_SvavNUiAmKH2ucfW3IKBMOlBWcYHOVvpxEwZAYTlb7d8hwx9Up4Gr-Cr-3xzHR6CVmQclqlEeIv-xpmPtOfFQP5YY4rbJizWywzw0RAoTEJy57C79vCJ8l8X6maXg1ucl69IA9GACeVg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 GToEfVPU14q4uboe Show response
imgs.signifyd.com/ Frame F37C 0
218 B 102ms
101ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/GToEfVPU14q4uboe?23a66c011b86e896=fTonnfg9wx8CzBKn4PW8lmeyOpb_F-AXFr7yUyhg6TMfnvmT3QXkNrOkeCuaOcOGTLGTBJc54PT4iXbyX71-woWcIN3X2aC8h5Hki0SXwflB2dudRT7NvDRqpIsSMCi_0D6fpERzVW1Cbh6Iy9_-rirInrnWSfw727aH4yxZ8K9oDioVzN5Wps-oMoelUUJBUPLPjzHtYaBVHVBwVA-UMDEi134&ja=31313b37242e6b3f253e383a2c72373824643533343232783130303824636c3733343a307239303038247b78713f3a30703838266c7a7a3f3b2c39363a3a2439383032243b363838243b30383a2c3b3e3a322c313238322c333e383224393a3a3a2438382e3038246f763f323764353966313b3e3b673c626c3a32396a343e626c3130376a3a69663b693c24676e35322c796b6c3732362e666835607c7e727b2f334b2d38442532466b612d67646e2f7d7b256e6f7e246d6e646b6d716f677469617326616d672f30442c7066353726786a356530323a646e6b3d353d3b31316c346d626f3231313965603c6b39313a313a662e6268373a68673761303d32333a6b316038303f386c3e6f6a33353d33323530633166352e68716537556b6464657f71253a3239312e687b623549607267676d27383039323c2c627b65753f5f636e6c677f79246279627f35496a726f6d6d246e6a6b35333e2e666e6735322e6c6f7c723f3224747a663d586361636c6b612f324c406d6e676e7d6c7d2465617c627a3d3c3a38316e316b32686f6b383865346b69353e38383230696e313f3d3e323166643c37383a393c336c3e6d6b6b3a3e6c613b3c63646066373231313b333b3c6b2466783d627c76707b273b412d304e253a4c6b63256f646427757b2d6e6f7e266f6c646b6573656d7c63617b246365652f3046267035726c776f616c576e646b79602f3d4764696e716723706c7767616c5d7d636c66657779576f656c6b695f786e69796d782d354d6c696e79652970667f6f61645f636c65626d576969706768617e2d3f4766616c7b672172647d656166577b7f616963766b656727374766616e736d2372667f656b645f79606d63637569766d273d456e6b64736d2b786e7f67616e55786d6966706e6973657a2d3d4f646966736f297a6e756769665d766e6b57726469716f782d3f4d646364716723726c756569665d666f7c636e7c722f3d4766696e7b65297264756f63665f7b7c6f5d7c696d776f782d3d4f66636479652978647f6561645f60697c632535456e636c716d2e6564576b377d6d686f6e556d60454e273230332e3827303a224d726f6e4d44273238475b253a323a2e382f3a304b627a6d67697d6d235d6d6a4d4c273a3a47445b442f30384f532f3a3a332e30253a32284d786d6c4f442d383a4d592d30324f4e514e27323047532d30323b24322738304960706f656b7d6d21556d6243637c576d68436b7e253a305d6f6a4f46414c4f464557616679766964636f6c5563727261717125314a2d30384d505e556a666d6c66576f6b6c6f617827334a27303a4f5a5655636661725f6b6d66747a6d64253b482d32384f50565563676c6578576a7f66646d785f6069646c5d6e666f6b7c2f3142253238475856576c67787c605569646b6572273b402730324558565f6e6e6d6b7e5d606665646c27334a273a304d5a5c5f6e786967576e6d727e682d33482f3a384f5856577a6f64716f656c5765666c7b6f765f636c696f70273b4a273a384d525e57796063666d705d7667787477726d5d6e656e27314825383847585c5d7c6570767d726d556b6f657a7a677973616f64556a787e63273b48253a384d5256577e65727c7f70655f63676f70706d7b7161676655786f7e6b27314a2730324758545d746d7a767f78675d6c69667c6772576366697b6d7c72677a61632d394a2738304d585e557c6d7274777a6f5f65617a786d7a5563666967725f746f576764656d2d314a2d3a3a4f505e5771504f402731402532324f4d515d6f66676f6f6e7e576b6e6c67705f7d6b66742d394a253a3a4747595f6e6265557a6d6464677a556d6178656b722d39422f3a3a4d45535f7b76616c6c69706c576c6f78617c69766b7e6771273142253030474751557e677a7e75786d5d66646d69742d314a253a3a47455b557c6772747d726f556e64656176576669666d6978273b482538384547535f746d7a74777a6d5d6069646c556e666763762d31402730304f4753577667727e77706f5f62696e665764646f6976576c61646d617a2f3b402f32384f4f59577e6f72766d725f697a7a6b7b576562606d69762533422d3030554d4a4544576b656667785760776e6467705d666c6d617c2731482f30325d45484f4e5f6b6d65707a677b736d6e57746d727c7778655761797e6b2d3942273a3a574d4a4f465d6b656d7a7a6f717365645776657a7c7d706d576d7e692d394a273038554740454c5f616f6572706f7971676e5f7e6d7a747d706d5f6d766b312d394a253a3a5f474847445f696565787865717b6f64577c6d72767d7865557b39766325334a2732325f4d404f44576965657a7a67717b67665d76657876757a675d793976615573786f60253b402d3238554d424f4657646d687d6555726d6e6e6f7a6d785f6b666c6f2d3b4a2f30385d45484f465d6465627d655f716069666d7a7b2f394a2f3a32554d40454e5d64657274605d766f72767778652f3b40253a325f454a45445f6c78697757687d646c657a732f394a2d3830554d484744576465716d556365667e677874253b402530385f474a4f4455677d667c6b5d6c7063752733422732385547484d4e5d7a6f6671656f665d656f6c6739362e6d645f603730346c336b383e6b303f3b6236306f616c303c3c3b696e346b3f6837633630306038636c3d37393e2e7d6d647c354b6c7c676e273030496c632624756d66703f436e7e6d6e253a32417261712d3238457865664d442738304d6e6d63666d2c63616c3733&jb=313d32266e79354f6772616666692f3a4437263227303228576b6e6c6d75792f303244542f3a3231382c38253b402d32385d616e3e3e2d3148253a30723c3c212f3232497a70646d5f6f604363742f3a4c3733372e3b342530382049405c45462f3a492d3032646b696727323045656b696d232f3032496878676f652d304e313a342630263a26302d3838516b666972632f3a4e3f3335263936

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK u2ZG9yh3vag4qDrm
w2txo5aasxpdjdhd2rneukpze5v4vgokaoq2scdv950ab00c8b3fab78sac.d.aa.online-metrix.net/ Frame F37C 81 B
438 B 809ms
100ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aasxpdjdhd2rneukpze5v4vgokaoq2scdv950ab00c8b3fab78sac.d.aa.online-metrix.net/u2ZG9yh3vag4qDrm?e4ae60c008e56b7a=FI-wSmmQQkWHGKtyeRepZ8pJDeTb7KfVRBDG578slFoXBk0Ql-MenduRvS5vTcRcxfm5ObB7g9GRppgaiMO3fT1D60y12NjBMdAhIxZ3c1M2iwtJM1YX6zinfUWE--j01D61E2SJrjq-uUu3LXhb1DWsaHJXN4VUVRFp54w08M2EyeBMzU59TDuVcLlTvRyjo2qL-eReEBH8-oYNFP1rwxu8itwJGYb_tDiH

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 976 B
1 KB 172ms
170ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&_p=1719274641629&gcs=G111&gcd=13v3v3v3u5&npa=1&dma=0&tag_exp=0&cid=185237236.1719274643&ecid=1834218702&ul=en-us&sr=1600x1200&_fplc=0&ir=1&ur=US-FL&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.rnd=1648855719.1719274642&sst.gse=1&sst.gcd=13v3v3v3u5&sst.adr=1&sst.tft=1719274641629&sst.ude=0&sid=1719274645&sct=1&seg=0&dl=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&_s=2&tfd=5674&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

763e6758f3df5d026315cc840cbb7a8afbb9b48012062174d345788f69467949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET

404
development.elfcosmetics.com/
Redirect Chain

https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&res=1600x1200&cookie=1&ref=&title=Affordable%2...
https://development.elfcosmetics.com/404

0
0

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 68ms
68ms Script
application/javascript 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 28c8e9c
date: Tue, 25 Jun 2024 00:17:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024052114041236F620122B133E43D1EF
x-tt-trace-id: 00-24052114041236F620122B133E43D1EF-08D8C5F62FC9FD87-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d509e94994f826006c74806e985a6fae4c25d3d16cdac56e2e4ae3ebd040ce0b553b932c5a41a75514bc5cedee6597e066f85e411c1e0a52352064bd5bc35960327367de5a3fde107c13cd51b63810c682a921886ddb32bce707b6391c58adeb
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 39498

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 109ms
108ms Ping
text/plain 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 28c8eb8
date: Tue, 25 Jun 2024 00:17:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406250017258276DE80EE32314B35A6-247962711F048C22-00
x-cache: TCP_MISS from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=22, cdn-cache; desc=MISS, edge; dur=7, origin; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406250017258276DE80EE32314B35A6
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.44.200.144
x-tt-trace-host: 01439e9c575441e437c8f70b0cf4bee413d6b1dd3ea6f3c8573bc2c2587bc3b14ef3e719cf5daa49cd6282a6b7ceec6aa9b23d6e6b200fdac6216848bea05c9570a6ef175dff464077cd6b2aae48a4dce86f5421e6160abf1413b0cae3952445d6
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 00:17:25 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 117ms
117ms Ping
text/plain 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 30e54dbf.28c8eb9
date: Tue, 25 Jun 2024 00:17:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625001725DB07710C3AB36AA04E83-1A9D8B933E14FE53-00
x-cache: TCP_MISS from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 40,23.44.200.144
server-timing: cdn-cache; desc=MISS, edge; dur=16, origin; dur=32, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240625001725DB07710C3AB36AA04E83
x-cache-remote: TCP_MISS from a23-218-222-88.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.218.222.88
x-tt-trace-host: 01439e9c575441e437c8f70b0cf4bee413d4f0b56789e913b58dd06897b93fad2873efba932aa491f5689c71321ed6f1a2e93fe071d514186bb2ce1e084b6cd9b864b77795c6a7f4bb8e33496023eae6b7c2c0fad6337a91d7594951507ec33ea0d371240f1a236b5722bf2556e0221b2f
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 00:17:25 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 107ms
107ms Ping
text/plain 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 28c8eba
date: Tue, 25 Jun 2024 00:17:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625001725395BA8330FFF119757C7-152600CA80C2C48C-00
x-cache: TCP_MISS from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=10, origin; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240625001725395BA8330FFF119757C7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.44.200.144
x-tt-trace-host: 01439e9c575441e437c8f70b0cf4bee413d6b1dd3ea6f3c8573bc2c2587bc3b14e1c7cfd09afe37b4afcdca8775af102baa7193a36078f607a93b8cb3ef021ac0dd5846c9061944b9d4ec4502ed8a050bd1a619f4970c9fb994217a447cbc083e1
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 00:17:25 GMT

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 110ms
32ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 14:02:47 GMT
content-encoding: br
age: 2369678
x-guploader-uploadid: ABPtcPpxAHTnwdBJpNKCrPHBy8la2Hi4v85v7mI9d6V0nh-1zjcKTjO2dq50Qzi1aVfagd755u56O7pdpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Thu, 23 May 2024 19:16:48 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1716491808832240
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 ig.js Show response
cdn8.eu.inside.chat/ 124 KB
42 KB 53ms
52ms Script
text/javascript 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn8.eu.inside.chat/ig.js

Requested by

Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d13f13f041941770ae11a3ae675276c43cea109b5f4625264388383e2ffec45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 228
cf-polished: origSize=171336
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 8990c6481c3e2887-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jun 2024 01:17:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 217ms
64ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&rl=&if=false&ts=1719274645774&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1719274645766.544059445434319597&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1719274645365&coo=false&eid=1719275158796_171927481377727&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=10, mss=1297, tbw=2789, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jun 2024 00:17:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 288ms
137ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&rl=&if=false&ts=1719274645774&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1719274645766.544059445434319597&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1719274645365&coo=false&eid=1719275158796_171927481377727&tm=1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa90e50505ca4fe26","source_keys":["1","2"]},{"key_piece":"0x521824ae15b46aad","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 25 Jun 2024 00:17:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7384228373289187559", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=12, mss=1297, tbw=3102, tp=-1, tpl=-1, uplat=72, ullat=0
pragma: no-cache
x-fb-debug: 7Zhw5NsDZv0DIsr7iB4BIhKEqicGLP8x2o8JBFJLLf79LTK6YDfE10kC/th0fou5vznZNFb8yBadhTkIaO1Tvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7384228373289187559"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
204 O1JYB5wfzu96ZHA0 Show response
imgs.signifyd.com/ Frame F37C 0
218 B 102ms
102ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/O1JYB5wfzu96ZHA0?77b7676d5de454a5=tFGbDLjOvmXiNor-5S_kFBYRBI6VZ0Pkq1xohluhe23S7DvPGyebbvsLG7LJDjiKLsoH1W2G5Rbl0ZJCSO0DWMGXYzwcswCFUQpxKePd785lUEEpJaBgPaOsUDzui6gXRfqRLfNlsd6Z96e2TvJs_Z31uNsffmyWONU3fIe0hy7OQiT-drT52WwHsQ7pzRPzox0HI3ezpClw_Z8OT-HQbv-d5cnzeVwQzqwU0Gm5Z_upV_yjHa1lNnwk8XkfPREP8OtKDgdYUXJ2OjSqCm4&jac=1&je=383c24266f6d6c6a35203b2f384b3b2d30413b2730413266393562303331383f60663a353f6a3b653b643a633d603861383b31666c6b3e373f366a616b386b6e3833613a68356c693a3a633c6e313d693d613436383d2b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H3

200

/
www.google.com/pagead/1p-conversion/698270988/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/698270988/?random=796195984&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e46j1v9125640115...
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1311663869&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e...
https://www.google.com/pagead/1p-conversion/698270988/?random=1311663869&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e46j1v9125640115z88966...

42 B
64 B

85ms
85ms

Image
image/gif

142.251.40.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/698270988/?random=1311663869&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e46j1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&tiba=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&auid=1558942984.1719274642&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5&uip=38.132.118.0&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&s3p=1&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIuo2tlL31hgMVbh3QBB1HLgINMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vY2MtZWxmLXVzLWRldi5lbGZjb3NtZXRpY3MuY29tLw&is_vtc=1&cid=CAQSKQDaQooLJggKmTKcf29J4bzv93Hu_V9RsBSpbFoiubA4Dwptc8Wqb9-J&eitems=ChEI8LLkswYQhsbE65jP8t6UARIdAAg1SsOdr75FPTobb_f8zrpnw-Rmm1bcpD4bAmo&random=4038515946

Protocol

Server

142.251.40.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/698270988/?random=1311663869&fst=1719274645755&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e46j1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&tiba=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&auid=1558942984.1719274642&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5&uip=38.132.118.0&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&s3p=1&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIuo2tlL31hgMVbh3QBB1HLgINMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vY2MtZWxmLXVzLWRldi5lbGZjb3NtZXRpY3MuY29tLw&is_vtc=1&cid=CAQSKQDaQooLJggKmTKcf29J4bzv93Hu_V9RsBSpbFoiubA4Dwptc8Wqb9-J&eitems=ChEI8LLkswYQhsbE65jP8t6UARIdAAg1SsOdr75FPTobb_f8zrpnw-Rmm1bcpD4bAmo&random=4038515946
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
204 LDSAp-MUw12pSJjd
imgs.signifyd.com/ Frame F37C 0
400 B 103ms
103ms Image
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/LDSAp-MUw12pSJjd?0feaec8f517b9226=veI3a1jHParYcXbkck-STzvWhDMZyW5rTRazKk0nEBpIQd_yiNdSsZ0tsz0FBifKKQzKquxu-g6M-8GbYPqXUho2LZE1O3rh7CmgOsPSynDstX5Iq8tpeCDW8B_GiP7AVHyMf4r5tbAnNURM8zoVxTorJkwrbDMoc00sc3F--_sGs2Zk4rfm7xeYZ-WQ4E5Be7TYjtMMDbi73bjS4EELcnSXYLed99ga0s4cQkG24rdUpVUdU4Cj4yN9RGqKySjIMsjKb9EuM99RSmvjIus&jf=3439362671616c5d7a666c377e6c7857416142577a5b4757775733504d57734724716364556c63746d3f3937393b3a373c3c3c352e796166557471706f377f6d683a676b6e73692e7b636657616573353932353933383333323e38353a69303c3e30696d3166383032333236303a32693a343e32616739643a3b3231383538333c303830383e3b396a3f6b613c633964326b3c693831376e3b61383f3e6e673b3f36323b6e3a3062643e3336373e6d3a3a6b6a696f386b3a31323f32663263323234616b3a37333d336168373c3e636269333b396c346a656b336a373c336b323d6431363339303c6b6466303f656a3f6968676b38373e6c683a3363623d353036393c3b6e6a2e79636c557b6b653531323636303230303d3a633839633a3c643d30646638346e653a3669313d3c69643d323a3339613e37333b3c3b3236673d38366e6a6a38643f3a653b6e68646633613d6339633d3c323a3a383a68693d696036396464306439633133303333333835303b393a3a3363393438316a313d65383e303231326d34693538616b3c3e6e3f30646a68316c3b3168632e79696c7a3732

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 498 KB
109 KB 36ms
33ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01bd0485587edbcc45fa110675af95224340155e499316c48351efa913a4b4e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 14:05:05 GMT
content-encoding: br
age: 382340
x-guploader-uploadid: ACJd0NrWt-S7plHuVGzUJx8NM79JS-e7Y2TExwSEeGYDOaxXTW4erKAMnkWiOxYssRE5WEEVr0QdcnuFBg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111326
last-modified: Thu, 20 Jun 2024 14:04:53 GMT
server: UploadServer
etag: "a3580b440541e883c55099f395aa5926"
x-goog-generation: 1718892293787562
x-goog-hash: crc32c=0MdYbw==, md5=o1gLRAVB6IPFUJnzlapZJg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 111326
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
16 KB 65ms
63ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 14:12:57 GMT
content-encoding: gzip
age: 2369068
x-guploader-uploadid: ABPtcPpMNkrWFFdg9-RXB36Q62SASOy4FGlAcTG34pYuff921SXwLzZetdCe7P2s405op0OyDm0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15748
last-modified: Mon, 22 Apr 2024 20:59:52 GMT
server: UploadServer
etag: "1eb885454ea6bef1c9747800702959de"
x-goog-generation: 1713819592631797
x-goog-hash: crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15748
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H3 200 config Show response
www8.eu.inside.chat/ 229 B
694 B 217ms
162ms XHR
application/json 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com&sid=1&j=1

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e11c1b7bb62dfe1b07f279fe6bcef4c8874c91404390681ef188f1d3608f000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
server: cloudflare
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
p3p: CP="insert_p3p_privacy_policy_here"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
cf-ray: 8990c6495fab0a12-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 359ms
73ms XHR
application/json 34.98.106.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.106.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.106.98.34.bc.googleusercontent.com
Software: /
Resource Hash: f3ee233d8819e508bb5518fe58a3109712e1162aaec3a3470ca19e48e1a91db2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:26 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 297ms
66ms XHR
application/json 35.244.165.197
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.165.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 197.165.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ee2b3cb1dddb683ea64efcc4187d9ead774e3cf2843350220db6d41c8335807a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:26 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 272ms
67ms XHR
application/json 34.117.101.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.101.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 205.101.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 7322c6b395210149360a505c214681510bf9717456331ff1344228fc962bbc57

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:26 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
699 B 118ms
117ms Ping
text/plain 23.44.111.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 28c8f93
date: Tue, 25 Jun 2024 00:17:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406250017268276DE80EE32314B35D6-247962711F048D26-00
x-cache: TCP_MISS from a23-44-200-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=33, cdn-cache; desc=MISS, edge; dur=10, origin; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406250017268276DE80EE32314B35D6
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 43,23.44.200.144
x-tt-trace-host: 01439e9c575441e437c8f70b0cf4bee413d6b1dd3ea6f3c8573bc2c2587bc3b14ef3e719cf5daa49cd6282a6b7ceec6aa9b23d6e6b200fdac6216848bea05c95705bbf1363533c3655309dbe4425f61741e111a537c8c570bfe18e12cf8e77eba3
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 00:17:26 GMT

GET
H/1.1 200
OK GToEfVPU14q4uboe Show response
imgs.signifyd.com/ Frame F37C 0
398 B 100ms
99ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 17 KB
5 KB 34ms
34ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 16:07:17 GMT
content-encoding: br
age: 2275809
x-guploader-uploadid: ABPtcPobUlyzmAm6NvSUy7tzeSKzRFho2NN6F_g3OxzulRF_XYXJExIsEYzG3VDewZrof_FUESc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5089
last-modified: Wed, 29 May 2024 15:57:03 GMT
server: UploadServer
etag: "2a4c802d3ec2dfc292cc9bb15ef5f45d"
x-goog-generation: 1714406829637644
x-goog-hash: crc32c=PRHjLA==, md5=KkyALT7C38KSzJuxXvX0XQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5089
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
1 KB 32ms
32ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 03:41:44 GMT
content-encoding: br
age: 2579742
x-guploader-uploadid: ABPtcPr45L4WEjMiuxCToeR4YVRvpOcFIYR7a8KRjK-invVu5BFZbx0W6igoV-LASs_7Z44FFJpTmjmYqw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1303
last-modified: Thu, 23 May 2024 19:16:51 GMT
server: UploadServer
etag: "684b816ff7fa85526ab4b729fb5f0c91"
x-goog-generation: 1713883053015461
x-goog-hash: crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1303
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 35ms
34ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 02:04:31 GMT
content-encoding: br
age: 1375975
x-guploader-uploadid: ABPtcPosUQOxuMNVTeulzwg86glJPgs0j2qXgI-q2uly2BaMdyLCPqRzrJ9ckVu_ftVu8Aw62pJbnvnN9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
last-modified: Thu, 06 Jun 2024 18:53:38 GMT
server: UploadServer
etag: "7ff99b6f1cea743cef749de91009e764"
x-goog-generation: 1715283867392885
x-goog-hash: crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5003
accept-ranges: bytes
content-type: text/javascript

POST
H3 200 cf Show response
www8.eu.inside.chat/page/ 165 B
420 B 232ms
231ms XHR
application/json 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.eu.inside.chat/page/cf?_=1719274646154.1992

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d85fdf304afea4934a1a8328c05cd573735b91c94cc4800c497f85ec877983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
cf-ray: 8990c64a993e0a12-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 72F7 0
0 214ms
123ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 2579739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Sun, 26 May 2024 03:41:47 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Thu, 23 May 2024 19:16:17 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1716491777356321
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPorJi6W6KjpblhrUY49kuGDWDMW2IvTPpuMqYYDEO5C_xFdeDPFBafhe2fPPeZXzleuBDQ

GET
H3 200 frontend-framework.js.bundle Show response
cdn8.eu.inside.chat//js/ 204 KB
49 KB 58ms
58ms Script
text/javascript 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn8.eu.inside.chat//js/frontend-framework.js.bundle?v=87cd0da-1

Requested by

Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dd77cdf5d90eff153432697a7e2b132a5a58cd2a5dc0e8d0919c3b7ea895c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 203
cf-polished: origSize=313682
etag: W/"7583524453e261d3b290023590e37b99"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=691200
cf-ray: 8990c64c0a662887-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jul 2024 00:17:26 GMT

GET
H3 200 negotiate Show response
www8.eu.inside.chat/signalr/ 391 B
553 B 561ms
519ms XHR
application/json 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.eu.inside.chat/signalr/negotiate?clientProtocol=2.1&k=IN-1011171%3A840847-8770dca20de7594b8f474f624f7e1330efb3f16021e3d80840fdf48922ceb450-5-5%3A3683502%3A4&c=8c363d4a130a983ee91b82d9db9fb768&nc=0&connectionData=%5B%7B%22name%22%3A%22insidesocialhub%22%7D%5D&_=1719274645883

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac3ea27ca6c917d52588d85fd857d068548931bc8470b7a5aaeb6222c6e23e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/plain, */*; q=0.01
Referer: https://cc-elf-us-dev.elfcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:27 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8990c64cff34a66b-MIA
alt-svc: h3=":443"; ma=86400
expires: -1

GET
H3 200 ig.css
cdn8.eu.inside.chat// 12 KB
3 KB 50ms
50ms Stylesheet
text/css 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn8.eu.inside.chat//ig.css?dev=1&_87cd0da-1

Requested by

Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0620ac5a71e007dde5311ed35aaf25c74fb96e9093fa38b53d026b7026b2089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 3212
cf-polished: origSize=12809
etag: W/"a16715e934551b7e92ffecfeee0b3a81"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=691200
cf-ray: 8990c64cbb612887-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jul 2024 00:17:26 GMT

GET
H/1.1 200
OK GToEfVPU14q4uboe Show response
imgs.signifyd.com/ Frame F37C 0
398 B 101ms
100ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 25 Jun 2024 00:17:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 haloGlowFam_D_IMAGE3-3.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw21df118f/homepage/2023/04/ 724 KB
725 KB 91ms
89ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw21df118f/homepage/2023/04/haloGlowFam_D_IMAGE3-3.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 7796a86b26673b3b57d9a393c31b331b9fc5d413c604e3999727d613047f2dfe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:26 GMT
cf-cache-status: MISS
age: 3340693
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715874284-1398598431 tts/1715543171522 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02835f/[14,-,1715933873080] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 88522c6f28008717-ORD
x-dw-request-base-id: G3EYGrASR2YBAAB_
content-length: 741412
expires: Sun, 16 Jun 2024 08:17:52 GMT

GET
H2 200 NEWARRIVALS_D_3.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw072c8f84/homepage/2023/06/ 157 KB
157 KB 674ms
673ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw072c8f84/homepage/2023/06/NEWARRIVALS_D_3.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d458b8bf8b833ba926761026442a9515f8a6116714a943ba4ed10a9ccbb41b76

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:26 GMT
cf-cache-status: MISS
age: 3340693
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1715874284-1398598432 tts/1715543171522 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028360/[7,-,1715933872683] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 88522c6f2c730102-ORD
x-dw-request-base-id: G3EXGrASR2YBAAB_
content-length: 160275
expires: Sun, 16 Jun 2024 08:17:52 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 448 B
792 B 163ms
84ms XHR
application/json 2600:1901:0:56e0::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=002230220&GCS2=MTcyLjE3LjAuNiwxMC4zLjEzMC4yOSxmZGJmOjFkMzc6YmJlMDo6NTY6Mjo6MWQsZmRiZjoxZDM3OmJiZTA6OjU2OjI6OjFk&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22FkmEzJNCaK3RxM2%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A3%2C%22IDStageStart%22%3A3%2C%22netComplete%22%3A186%2C%22obsReqview%22%3A280%2C%22obsReqpage%22%3A305%2C%22obsReqdata%22%3A365%2C%22IDStagePrefire%22%3A365%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A-10%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%223992864364079718769%22%2C%22visitid%22%3A%221719274646517977%22%7D
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 969d01882f777aa6a70cd3e239d769bc1461ff73fcc4321bf3246f960773e4c5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:26 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 448

GET
H2 200 lookup Show response
pd.cdnwidget.com/ 94 B
318 B 158ms
86ms XHR
application/json 34.149.130.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.cdnwidget.com/lookup?deviceID=2iLfC2zbPaSFUcaxeDgfbDG8K7T&bxwid=4142&bxdid=3992864364079718769&visitID=1719274646517977&enableUID2=false
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 207.130.149.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 0611894db287962f5bcce0da6738a4a6ecdab5b29235c48d87decb3127e9254f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:27 GMT
x-envoy-decorator-operation: id-resolution.id-resolution.svc.cluster.local:9000/*
via: 1.1 google
server: istio-envoy
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 80 KB
15 KB 234ms
75ms Script
text/javascript 34.111.8.32

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1209&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8BOAJkIBYA2S42zYALxCmoAZ3MB3AUwCMcqYLwD6qACZRK+SmUwAnXjhAAbOGgwEO7AB74ynRbxi8FShVGwBDVatQIA5qLgLVUABbBgABxwBSAGYAQX8yADEw8KQkAFpeVRhYuBxYiV4ANwA6BJgkEBwAW140JBws-MKozAzUIWBRfJAAa1ReKH9CACEwslUfXqDQsjIvXwCyAFYQsMmI2YiY+MTk1PTs3PyiktQyipAqqfmRsIBhXoVBmZOb85HeXSvgolIKWhoiQM6AEWwQFraHW6vQkkievUCJHIAA5aIFaOxCCRiNDCNQSIMyHcyLUJE8XuQqLRqJMiMjCGdehlwcCRqoQI5HLwJOIEE8YLYcLxKfcMmZRPTGczWezOdysb0kNYFA0AI7AACeT3YPLIUplogytjg4rIQxVEpGODg-EKwhELIw9V1Qw5qi5qsFTJZDnE6QQaBgbTxJxCdodhrV0oaXOAovt4ux6rDvuC-u5hG+qokjnCqAUOGAABkQNYfXqQsAFDrVR5pRIAJJJ2O9MioLMwU74HwQZBIADycEIAE1dCRHBkmLxeO2mKoAOoAWUx2JUMGAVfBIzrDdOZCY-AACtYAMrhACqUt0vG+jhg-G+AHFoQBpQgAFRnIMcNJ6Izqm6UtRAKVOKVAxSXLG8aqnUO4mjgSAKKg-BmOGAbYnU94PMA4GCFBMFwcBYqqikwqqLwjjWEgSrYRGqpSkgHhiMAEwFs8xCEjQdD4LQPw-DU0o4AA2k6woOAAurAYqcRm3GZPyfEuggQnxqJPHRqI8oKkJXBamJilauovCqfJ3E+AoIAsgZuw6cJEZ6QZRmiAg1jFLJInqTxrqZiASDNA5FlOdxxqmuawpWsIZlyd5TStGIhRGbYogGcovAep5XJ6VJrJuvFnreolvB6YpoZZZZEg+KIODNHA+WhcG5VcfpX7FaV5XpDAvEMs6rINSY3GadqZlqY1zVCtJaUeqgXrMu1TW5SU+VhW0oigCAArSky5lJfwPhQFwJTrdxABE0Y7QANHt1giI4IAKAqh17dR7k-sAV0eAcvBXVZEhwCgV1ctKVE7QJmA+LRnhPX8hQ+PY1jIGIMCqNYjhWBkZZWGWCgulIK6Ns2rYxJ2PZ9gOQ4jmOU6YHODSSFA6Nrhu257oe1jHqe55XreD5AA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 217fc105680c3618348912b066a91fbf8aafae55097178156f2da96da68711de

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:27 GMT
content-encoding: gzip
x-envoy-decorator-operation: legacy-api-tier1.legacy-api.svc.cluster.local:80/*
last-modified: Tue, 25 Jun 2024 00:17:27 GMT
via: 1.1 google
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 13
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 37 KB
6 KB 34ms
33ms Stylesheet
text/css 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 18:08:05 GMT
content-encoding: gzip
age: 2441362
x-guploader-uploadid: ABPtcPrOK5X90OPqSjihtzwB71lzBDfZ_Fk_RU30hsxr_foEgV_P_U18arPue_xogzKenEYs8YmeB_QU9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6053
last-modified: Tue, 13 Dec 2022 17:12:22 GMT
server: UploadServer
etag: "54f61bdcbfb6f81427c8a6803f48b02f"
vary: Accept-Encoding
x-goog-generation: 1670951542233151
x-goog-hash: crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 6053
accept-ranges: bytes
content-type: text/css

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
108 B 121ms
63ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJalUWItYdAGUUADMUJBAneld3VQAyUAgYJAQK5A6kHBbwKGgKPh40U3QEWCRSHDTISFNhanrjGno6Nbp4+IBaBFIKnfgd3gRgRn2K+IIwHMgQeLBGa6zN2n626A6wAlJYe4ImF0OEkqmYzA+g2+v3+IEBAE8QToIa1BvF4JBssBqiAUDZLGAcJQXNpqKQCGgMLwAPo8GjUeSrajUKqkRD0kL0s7IankykIGl05mM+ms9nC6ihZnxaqQakAR0g8I5ciZOg5kvpMqQcuxf1yDNV9JKDM1zNMmRpFoeBpFzLFtrN1AtBBpmBQORVaodGql1B41LAmMSXtFKDZjr9YFgNiyUEgAupgLatqN9vD4tNfuuBAiIAQ1KyrvD1ItCEQ2FD6YjvvpfKptMwtNO2BAFXzvCrLIzka1ssDCEgXZ9Er9pl4pkDEVgw57telstnNdH9LLwCnM+Fae7y4ZLgAIpCYDm8wgiST6bwQJ2t2q5ABOe-UAAcGg86mYLnvLkkz5cqnvedqFAG9DWMSQfyfFx1A0FwPGYORQU5ZlgFDC8D2Q6heDQWgQCQIMAgIFBQMZSAkFgXI-TSapeAASX3Lt-QCCpgkkUwAEVMG2AB5WAXAATV0e80GAIgEAQbiiFITg8CAn4KkgejGJAZjgmoIgbAABRQUpaAAVRlXQEH3NAKhsfcYmfOwXAkFdmWwtDSXATSOlAAh4GCDFsmQL0Rz9cBShjMB4hqGwfNvPz6XAMQEF0SBApsYLQvCsDIuZeBE0sNAUHiZUIrnJ0ZXiNIC0gJYwIgyQoJg9Qfw0YkGKdCpgCHW9Kuq2DMJQAgvRKP1SFMLs5gWJYVjeN5tj2A4jjAE4zguA5rluQcHieF5xrs6gUHKxk+vpYBTFQtrMJI7cSKdJAuyA+IWq9drqGgzqnQgU7jB2SRMLQEKvRcehMNeW89uZUhbrayCHpqlxMJlLJxhANBMB2o0L2Zah1Hoehn1cRz9qOsCgbJUGKvBx7aoazC0efe9VDkZ8cZQvHdswkHWuJqqIc6jCucPDLUAwbBoBsTIhGQHB0kyHIml5iYBeAZAIEBJFChkFWpcQPmsBgCwUEgCoCCQLIcBUfghCkCFpf5mBTlAeJB3hUwz1OMAIkxUwmnRINvKQaBqOCwE5Z1AUcAhDACGga5YGwJB4WuU4cD00omlD8P3KjmPXQQOR49KYwk4QMOI7T90cnjzAoAFNhSkgHXyzzsOOjQOFMBwWgAjrr4EEbwFi7PWhyRqXgUHb+IoERPBcTjdvTBuavSFjs85DkZhf2HwF7kwTX55wERc6LOOIQEWwU2vHB1EkdRqCPE-7tJuCwUQ5prZtE+HyfV91HfT9v1-f97yacYMCgAQAIa+TREDygolxBAJ8ITxHCJre4OQgwelMCCEmkN6CfndvA7AKBTAgADgrZu1c0ByCaE-W2OBeBNEgGkPCVpZTwkDJiDW1IrxgDxJYXgOAHQ0KIAQHAYIIQANKvbM8aRvJgPckgShh8bBNBlrgXmUiFLNhwExFi6ktI6X0oZYyplzKWWsmIJo1EkCCm4Ro1iHEuLxF4gJISIkxISSkjJIAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:27 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
215 B 117ms
60ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NAxgwLQToBmzyhzAJtADo27BgHtCAWwi4YDQgLET6AMlCRYCRA265REqCFQwQAI3QRCmYgHYAQtSrpRYSLwD6MAHYOylKlXYQdEIIHyoAYQdoCFQ3JxcIdy8fCgdA4ND-akj-BkNcNwBHXABPFL8qAAYwnKo81AKDdGRMql8HaqyIh2BUUXde2Vb2-3SQmp6+908QKXK0oPGu2q83Ql0GAGt50cXh7v9CZBMJGHxEt1FPQjPh1N2MidzRUU24Nwl+oLdeiwhPXA7AJ7J6OZyuDyeDz8AEwdhwXhAsb7Wr1AohQFZe7Ax7LHq8YBrTbIJEgvG5fKk3FtA5UX5QIkkrEVZE+awAEVU4GgcCQYlecBuAC8IJgAGwATlIXPUvK0IE8V1kQRw+CIIzotH4UDYomAUgBQg4Ykk0lk8kUKjUPM0-LeEDculEcUMkEwyJlNr5L3tjpKwFFpGAwU9Gm9AodwtF-io1mUimAWgkwEwlXjekTuAY7FT6eTKEIKbTCcQYGAReUn34ufgEBMN1wEBgvEwABYAIytqjKWAN5uYdvWdsS2OtsWt6ykMWVUjtsXKbVDfukCUjgAc46nrcq1glQ7X1klod5-fbyhChRangYTZbZ4Y6DgAJkUnWsxTg+Ho-H1gArO370ff5cBAYAYB1VAbiuTAQLAaVFxvTBeGUXBsBgVABnyEo1l0VBuTcXgYEIUxzBbD1cCFURxUqNNrT9AMcD0CBz1ENBENrExlG5AFMG4GIWPYAp+yoGAABl2HCKghRMAAFEAAGUaAAVTyAAPCB2TAdgTHZABxNcAGlrAAFWUbBDCSFsRPE8J22AABFa8GAAeWQawAE1VIlMAoBFCBnKFdAAHUAFkgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:27 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2

200

hash.gif
pix.cdnwidget.com/
Redirect Chain

https://pix.cdnwidget.com/redirect?CID=2iLfC1pQnccOu7Yx9gvzeeOzlWM&DID=2iLfC2zbPaSFUcaxeDgfbDG8K7T&v=&iv=&deviceid=3992864364079718769&visitid=1719274647360316&wsid=4142&apikey=2^HIykD
https://pippio.com/api/sync?pid=5749
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none

68 B
635 B

76ms
74ms

Image
image/png

34.149.254.212

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Protocol: H2
Server: 34.149.254.212 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://cc-elf-us-dev.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 00:17:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

date: Tue, 25 Jun 2024 00:17:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 202 graph
idr.cdnwidget.com/ 0
194 B 354ms
70ms Image
text/plain 34.149.130.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idr.cdnwidget.com/graph?cookieID=2iLfC1pQnccOu7Yx9gvzeeOzlWM&deviceID=2iLfC2zbPaSFUcaxeDgfbDG8K7T&bxdid=3992864364079718769&bxvid=1719274647360316&bxwid=4142&gm=true&apikey=2^HIykD&loadID=FkmEzJNCaK3RxM2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 207.130.149.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 00:17:27 GMT
x-envoy-decorator-operation: id-resolution.id-resolution.svc.cluster.local:9000/*
via: 1.1 google
server: istio-envoy
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 59a941c096f98029341d8c56b7b89113.png
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 18 KB
18 KB 53ms
52ms Image
image/png 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/59a941c096f98029341d8c56b7b89113.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2f9c91dd6030ee0311497f63531e9e27cb31cb8468a74c0b8482075bdbaa80b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:03:12 GMT
age: 2578455
x-guploader-uploadid: ABPtcPohPH9k6Gx2sOWnF8CbTOeRlOCT06LtfUP9G_DnTlRiptfEKsvUjqoQNKcQO0WIjZEuVt8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18352
last-modified: Tue, 25 Aug 2020 15:57:40 GMT
server: UploadServer
etag: "59a941c096f98029341d8c56b7b89113"
x-goog-generation: 1598371060392963
x-goog-hash: crc32c=8aFhaA==, md5=WalBwJb5gCk0HYxWt7iREw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 18352
accept-ranges: bytes
content-type: image/png

GET
H3 200 473a60b45e925faa55a0b9771ef21d71.png
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 5 KB
5 KB 52ms
51ms Image
image/png 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/473a60b45e925faa55a0b9771ef21d71.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 152d22333bf4f21956a0664fea4464cd31e7860130bd5cd5b443b91c0c068773

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 04:10:22 GMT
age: 2578025
x-guploader-uploadid: ABPtcPrcNdu1kDZi8uilYncvYpPIjcjqaZrzGKMJZ9Tx__ORxqP1yu11ZrXLrF5xAbN4B-6qhr8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4776
last-modified: Thu, 22 Feb 2024 15:38:43 GMT
server: UploadServer
etag: "473a60b45e925faa55a0b9771ef21d71"
x-goog-generation: 1708616323684762
x-goog-hash: crc32c=KX5kTw==, md5=RzpgtF6SX6pVoLl3HvIdcQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4776
accept-ranges: bytes
content-type: image/png

GET
H3 200 start Show response
www8.eu.inside.chat/signalr/ 25 B
252 B 165ms
164ms XHR
application/json 104.18.9.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www8.eu.inside.chat/signalr/start?transport=webSockets&clientProtocol=2.1&k=IN-1011171%3A840847-8770dca20de7594b8f474f624f7e1330efb3f16021e3d80840fdf48922ceb450-5-5%3A3683502%3A4&c=8c363d4a130a983ee91b82d9db9fb768&nc=0&connectionToken=%2FX25kgFcOwEtBpr62XVzqlM2QH6jEy5vp5NmRtuvUyXSo7choynBh81Wnq3H%2BD%2BN2cIFar%2FqHiihJu%2FF2uskjRgFaLMUFSf8T0QU9Clj6WYyvnUFhquCvwmT6V02On16&connectionData=%5B%7B%22name%22%3A%22insidesocialhub%22%7D%5D&_=1719274645884

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/plain, */*; q=0.01
Referer: https://cc-elf-us-dev.elfcosmetics.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:27 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cc-elf-us-dev.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8990c653b8d9a66b-MIA
alt-svc: h3=":443"; ma=86400
expires: -1

GET
H2 200 eligible
events.bouncex.net/track.gif/ 42 B
105 B 62ms
59ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/eligible?wklz=CYcwXAlgzgygrgIygYwE4QQU1QXgGYCGANlJgGSiRQAKqmAbhAPZxQDCrALkwLbb7FSFcMgLIAFpgAqMHAEYA7HICcAJgUAWAGwalOsnACO8sqRB8AdpwD6EYFBxlRPAA4EIIC3ZyqNADmUtAGY-UxZUZEwcBBYLSIAPMgIQTCscACsoMh4mYCiABjIAd0wkCE5Mbw05DVUyRihy70UVdW1dIK18oLktCgYISO8g5TU-HU6NfIVlJT8FLWUyNxTGTCLm00xDOFSh4B8nIghUzk4IPihOAld5JTVNHQWgoKOTqwIXCHpsRqYLHDXECvPKMSI4YBkTjiCCoYDWNyoTgAT2sVyYqGSmGswGgBAQREwB0IJHInAAXkwcF1CitsSiXFFxLxyFAmHgbN5VBAADJ4NiqckIagEGAAMQAqqJ4pgACIgPAIWUAcT8AGkFFIyOICHDbAduXy2HIXABFOLIADycAUAE14soQPRyZhMJbyUQAOoAWSAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:27 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pop
events.bouncex.net/track.gif/ 42 B
105 B 60ms
58ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pop?wklz=A4e2C4EMGMBcEsBukEgHYF4EFsCmAnAMgHNcRxoQBXNWfAT0oBNcMBVAZRLPH12PjoMAMQAy3cpVrw0uWs1YA5AIKEqARwwBGQtEjZgkeMTTwmGAEwAWABwBOAGwBmG4QDO1fNFYAjamm8AD0JIUloMACs3QmwQFgwABkIAd1wfN3hYXDMMKy0rC0JEeAyEcy0Adi07CwqrBysKpwcEpy0HQhZi7xynOxqbBuarBIq7KpsKhztCQ1Ji3GScnTdcdSo5HvMnXQAbeDlYHFw3WH1gbSqauoappys9g9pIYCQCDKEz4h2u+G8MJiEWAAC3g+CYAH1DPhYPQIacQPhQrgIUwSpAfLtcOYAGaQXarIEALxAGBaSTmKNhwFYwJAeHcIBxsAhOQs8FEOIAwhYiT4AAqQDjCNh6QK4AAixBxPglAHEbABpCoAFUIwMg4NZ5nZnK5WmAAEUAtAAPJUCoATUCdmIiCJuFwpqJuwA6gBZIA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:27 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
60ms Image
image/gif 142.250.80.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=862779876&t=event&ni=1&_s=2&dp=%2F&ul=en-us&de=UTF-8&dt=Affordable%20Drugstore%20Makeup%20%26%20Skincare%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Wunderkind&ea=Wunderkind%20Impression&el=SMS%20Opt-In%20-%20Entrance%20-%20Combined%20(Email%20THEN%20Type%20Text)%20%7C%20Entrance%20%7C%20Desktop%2FTablet%20%7C%20Unidentified%20%7C%20Test%3A%20Creative%20-%20overlay%20vs%20side%20tab%20%7C%20CCC%20%7C%20Single%20Build%20%7C%20Spring%202024%20Creative%20(2489628)%3A%20Side%20Tab%20-%20variation%20-%20Combined%20(Email%20THEN%20Type%20Text)%20%7C%20Entrance%20%7C%20Side%20Tab%20(2489638)&_u=aHDAAEABAAAAACgAI~&jid=&gjid=&cid=185237236.1719274643&tid=UA-432816-1&_gid=1241961732.1719274643&gtm=45He46j0n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&z=72900739

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 09:00:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55014
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 id_sync
events.bouncex.net/track.gif/ 42 B
61 B 69ms
68ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2iLfC2zbPaSFUcaxeDgfbDG8K7T&source=web&agent=cjs&deviceid=3992864364079718769&visitid=1719274647360316&websiteid=4142&pageviewid=1&sequenceid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 00:17:28 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 haloGlowFam_D_mainIMG-4.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0f7c66a9/homepage/2023/04/ 655 KB
0 65ms
63ms Image
image/jpeg 204.141.88.95
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw0f7c66a9/homepage/2023/04/haloGlowFam_D_mainIMG-4.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.141.88.95 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cc-elf-us-dev.elfcosmetics.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-yottaa-forcecache: true
date: Tue, 25 Jun 2024 00:17:28 GMT
cf-cache-status: HIT
cf-bgj: h2pri
age: 2631514
x-yottaa-optimizations: ob/101 si/26D1cc8d585f-1716590311-9929038625 tts/1715543171522 ti/5e3afeb04f1bbf5fdecea723 ai/5e3afeb04f1bbf5fdecea6bd tm/0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028331/[15,-,1716643119278] 26D1cc8d585f/[hit]
cross-origin-resource-policy: cross-origin
cf-ray: 8895d007384289f1-ORD
x-dw-request-base-id: G3GXiDUbT2YBAAB_
content-length: 866974
expires: Sat, 22 Jun 2024 10:32:21 GMT

GET NEWARRIVALS_D_4.jpg
development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw9483586a/homepage/2023/06/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: development.elfcosmetics.com
URL: https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetTrackingAllowed

Domain: development.elfcosmetics.com
URL: https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetCookieData

Domain: development.elfcosmetics.com
URL: https://development.elfcosmetics.com/404

Domain: development.elfcosmetics.com
URL: https://development.elfcosmetics.com/404

Domain: development.elfcosmetics.com
URL: https://development.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw9483586a/homepage/2023/06/NEWARRIVALS_D_4.jpg

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

97 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: Bc0uxod5JGre33co8hwKuiYyzMoG4itQ9q4
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
cc-elf-us-dev.elfcosmetics.com/	1970-01-21 01:53:46	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: ab3rO9hw7BnK5TXkbHl4gnxX34
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
cc-elf-us-dev.elfcosmetics.com/	1970-01-20 21:36:01	Name: currentLocale Value: en_US
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: ab3rO9hw7BnK5TXkbHl4gnxX34
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
cc-elf-us-dev.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: WFcfWbqNVucNkb9BmHpKRXuo_VU7FlndJeADBU6AlacbUy6Z-RpY07m2FOCXj9ebCDR7UO2nqh6Z5k6NHdLxxQ==
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dyjsession Value: h9dftkikqet2j6sl9gol61mg76ef21gl
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: cc-elf-us-dev.elfcosmetics.com
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dy_csc_ses Value: h9dftkikqet2j6sl9gol61mg76ef21gl
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dy_c_exps Value:
.dynamicyield.com/	1970-01-21 06:20:10	Name: DYID Value: 148619025645702289
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dycnst Value: dg
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dyid Value: 148619025645702289
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dycst Value: dk.w.c.ws.fst.
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dy_geo Value: US.NA.US_FL.US_FL_Miami
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dy_df_geo Value: United%20States.Florida.Miami
.elfcosmetics.com/	1970-01-20 22:17:46	Name: _dy_toffset Value: -1
.elfcosmetics.com/	1970-01-21 06:20:10	Name: _dy_soct Value: 647796.1248068.1719274642.h9dftkikqet2j6sl9gol61mg76ef21gl836603.1652212.1719274642837245.1654610.1719274642*861617.1750272.1719274642
imgs.signifyd.com/	1970-01-21 07:10:34	Name: thx_guid Value: 23e4d5a40bfb334cc2aedebc653da960
imgs.signifyd.com/	1970-01-21 07:10:34	Name: tmx_guid Value: AAzsF3mgnO9sbbRb9txvee-aSobA8G40WfPPdQmygn7JyCftVPwuGAGxdr7ZtNX694c3FRbGn1KbdMFGtSU7LU01fhEvWQ
.elfcosmetics.com/	1970-01-20 23:44:10	Name: _gcl_au Value: 1.1.1558942984.1719274642
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: QcryRaB2g00
.youtube.com/	1970-01-21 01:53:46	Name: VISITOR_INFO1_LIVE Value: BXigMngjhJI
.youtube.com/	1970-01-21 01:53:46	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgVw%3D%3D
.elfcosmetics.com/	1970-01-20 21:36:01	Name: _gid Value: GA1.2.1241961732.1719274643
.elfcosmetics.com/	1970-01-20 21:34:34	Name: _gat_UA-432816-1 Value: 1
cc-elf-us-dev.elfcosmetics.com/	1970-01-21 06:20:31	Name: _dyid_server Value: 148619025645702289
cc-elf-us-dev.elfcosmetics.com/	1970-01-21 06:20:10	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jun+24+2024+14%3A17%3A22+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7590fd20-6412-4415-a6ee-42e5fe7ea57b&interactionCount=0&landingPath=https%3A%2F%2Fcc-elf-us-dev.elfcosmetics.com%2F&groups=1%3A1%2C2%3A1%2C3%3A1%2COSSTA_BG%3A1%2C4%3A1%2C5%3A1
.elfcosmetics.com/	1970-01-20 22:17:46	Name: rmStore Value: dmid:9097
.afterpay.com/	1970-01-20 21:34:36	Name: __cf_bm Value: QfZcDmykIoZRSyJyWLqlrkuzssgbfi4r1f.BOzkgIJU-1719274642-1.0.1.1-fzp6XTR1PjOfEX4f_.W4HNTi1JkLjT3EEYeUYN5BFRdCovRkM8ljjSvb7Uv3wi_dVTIW3p8Xg4NGMPqwh2T5VRPMPyOXFEOFdMkKAa.mW3k
.afterpay.com/	1969-12-31 23:59:59	Name: _cfuvid Value: HKZCYsW.dqdZTlFouT_ZHICwvGMLDd0SaIWhh5Qfw.w-1719274642871-0.0.1.1-604800000
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
development.elfcosmetics.com/	1970-01-21 06:20:31	Name: _dyid_server Value: 148619025645702289
development.elfcosmetics.com/	1970-01-20 21:36:01	Name: currentLocale Value: en_US
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
development.elfcosmetics.com/	1970-01-21 01:53:46	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: abzUa3v6BvBVQYHlFLkvJAonDq
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: JlO0F4yQCCdi-67Hl_3paLk0TUlY1uEIaPk
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: abzUa3v6BvBVQYHlFLkvJAonDq
development.elfcosmetics.com/	1970-01-20 21:36:01	Name: gdpr_consent_cookie Value: true
development.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: EcBdFKu8kqHr5ehKhE9q1o6npEp_-nuO4ef_YRaiGxgpmEcxDBUBzjUoVcdGxD15wIHpAujKkR3QsWta6N2o2A==
.linksynergy.com/	1970-01-21 06:20:10	Name: rmuid Value: 1f29a797-4beb-4944-9149-1b66fee4bea4
.linksynergy.com/	1970-01-21 06:20:10	Name: icts Value: 2024-06-25T00:17:22Z
.elfcosmetics.com/	1970-01-21 06:20:10	Name: BVBRANDID Value: b64085f9-a370-472e-8a70-60a1d859bd04
.elfcosmetics.com/	1970-01-20 21:34:36	Name: BVBRANDSID Value: 6bfcf80f-aef7-4074-9aec-2bea923684f5
elfcosmetics.secure.force.com/	1970-01-21 06:20:10	Name: CookieConsentPolicy Value: 0:1
elfcosmetics.secure.force.com/	1970-01-21 06:20:10	Name: LSKey-c$CookieConsentPolicy Value: 0:1
elfcosmetics.my.salesforce-sites.com/	1970-01-21 06:20:10	Name: CookieConsentPolicy Value: 0:1
elfcosmetics.my.salesforce-sites.com/	1970-01-21 06:20:10	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.rlcdn.com/	1970-01-21 06:20:10	Name: rlas3 Value: nk6/RJ+rN16a9O0aZMDgXy0xa56N+lZX5RniMzlaPRY=
.rlcdn.com/	1970-01-20 23:00:58	Name: pxrc Value: CJSZ6LMGEgUI6AcQABIGCOTrARAA
.adsrvr.org/	1970-01-21 06:20:10	Name: TDID Value: 0d8871f0-e401-43a7-b964-25c842a9ef6d
cc-elf-us-dev.elfcosmetics.com/	1970-01-20 21:44:39	Name: FPC Value: 89006a85-8f5a-4213-905e-c7b636b1fced
.elfcosmetics.com/	1970-01-21 07:10:34	Name: _ga_5D80LRC85N Value: GS1.1.1719274645.1.0.1719274645.0.0.1834218702
.elfcosmetics.com/	1970-01-21 07:10:34	Name: _ga Value: GA1.2.185237236.1719274643
.elfcosmetics.com/	1970-01-20 23:44:10	Name: _rdt_uuid Value: 1719274645108.99dafbd6-372a-4233-8a0f-1100237c99a1
.tiktok.com/	1970-01-21 06:56:10	Name: _ttp Value: 2iLfBrwEFpnnT4WzcBWp2OFQS0G
.elfcosmetics.com/	1970-01-20 21:36:01	Name: _uetsid Value: 4c9864c0328811ef8d2dd11aede03c24
.elfcosmetics.com/	1970-01-21 06:56:10	Name: _uetvid Value: 4c991850328811efb4ae2d489b558fb3
.elfcosmetics.com/	1970-01-21 07:10:34	Name: FPID Value: FPID2.2.RNWNDXPZ7d%2F3vuT0959EAB8Sgjp1PNXJw8lr%2BT9rCI8%3D.1719274643
.adnxs.com/	1970-01-20 23:44:10	Name: XANDR_PANID Value: T1OYvGygOYl3bojzxJyou3bSBiT1Vw5Qc3YJeUxPM_1-2oSHAXL-_9d4mTQuyCjKSsJGKhSX-rDV2vAvA_7xocb2cTcokSuyhSMoQjViM-c.
.adnxs.com/	1970-01-21 07:10:34	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:44:10	Name: uuid2 Value: 8446786216128769053
.bing.com/	1970-01-21 06:56:10	Name: MUID Value: 127C4B48BC9B604634BF5FE1BDF76174
.bat.bing.com/	1970-01-20 21:44:39	Name: MR Value: 0
.pinterest.com/	1970-01-21 06:20:10	Name: ar_debug Value: 1
.cc-elf-us-dev.elfcosmetics.com/	1970-01-21 06:20:10	Name: _pin_unauth Value: dWlkPVltTXlNMlkzTVRBdE5XVTRZaTAwTUdVNExXSTFORGd0WW1Kak9EY3daRFJpT1dOaQ
.doubleclick.net/	1970-01-20 22:17:46	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 06:20:10	Name: _pinterest_ct_ua Value: "TWc9PSZ4czJCVmZtYUdXU3BpUUlFcjFHWXNTajduK2N5VmU5UThySkkvVUNYbkFhaTgxOEpKTjJSZmRPdWdGdFV4YWphTUtPSm1oY3NBUkp1c0ZUNnFtSDUzdXdnZDFNdElOT3VUbXc2TlhzSUs3WT0mazNNakVHNXNRSjVxaEtianNpalZwSFJrajdRPQ=="
.adnxs.com/	1970-01-20 23:44:10	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GU#iyUxM!]tbP6j2F-XstGt!@De'$ov_r
.doubleclick.net/	1970-01-21 07:10:34	Name: IDE Value: AHWqTUlZlViiWlESdQXZHHyuLAyJvXqqXYLvEu8uqMAgikzJZghzlWEa6hTLXYcNqQc
.elfcosmetics.com/	1970-01-21 06:56:10	Name: _tt_enable_cookie Value: 1
.elfcosmetics.com/	1970-01-21 06:56:10	Name: _ttp Value: pA_EaouISo-26FrkYBJVXu2YReX
.doubleclick.net/	1970-01-21 01:53:46	Name: receive-cookie-deprecation Value: 1
.pointmediatracker.com/	1970-01-21 06:20:10	Name: c Value: ad0714de-8cf8-4454-a89b-d469fedba55a
.elfcosmetics.com/	1970-01-20 23:44:10	Name: _fbp Value: fb.1.1719274645766.544059445434319597
.elfcosmetics.com/	1970-01-20 21:35:46	Name: FPLC Value: IHg0loAe8%2F7a%2F5piaLxIJgCRtdw1uilx%2BBIMWDbO4YHyVl66xImVXTt43K06NSKl7awOov7N%2BJjg1WXKJIO4zs%2FN4E7%2FYxT2JKL%2FOQ4RGgExB3rkSe481v5fKtoU5A%3D%3D
.elfcosmetics.com/	1970-01-21 07:10:34	Name: _scid Value: b3e89f2f-470e-42f7-2f18-22d38fcbe548
.rubiconproject.com/	1970-01-21 06:20:10	Name: khaos Value: LXTNQF65-W-87IF
.rubiconproject.com/	1970-01-21 06:20:10	Name: audit Value: 1\|I0HPAYSZKl7v8Oirc1Ssz7As8wbwkuzi9414/2JiEf08fCYmOTvXg39UVrBZnmynSsChTx0BTzVw0S94mtzOH0pB9H8pjytykCdHvyxZSdZdZ8/iUsUSeSfTGj4KJ/OjGNBXhmos/Ylvlropk7pZF1n3hgXLGbu0i8N7BAmaQgdJt49mPrPRUFyo1mMSXCQ85kHVXO4iITS/uI9Aj+Yjkr7KKI+4mJy3oGirqm5gUhh8KMm0j6uXBGY3KwFBcKEE94+z9/eToJrLtHkR71fkUv/JTzblBZm7jOq1oSpaE+yma+WVcS1g3g==
.elfcosmetics.com/	1970-01-21 06:20:10	Name: inside-eu8 Value: 840847-8770dca20de7594b8f474f624f7e1330efb3f16021e3d80840fdf48922ceb450-0-0
.undertone.com/	1970-01-21 06:20:10	Name: UTID Value: 88b78ccbe62b4829855ad8132037d454
.undertone.com/	1970-01-21 06:20:10	Name: UTID_ENC Value: 83dskyy4tv0omgn6rzt28fdxw
.adsrvr.org/	1970-01-21 06:20:10	Name: TDCPM Value: CAESFgoHMWkwNzFuYxILCPyqvIzHrYo9EAUSFQoGZ29vZ2xlEgsIwsfblMetij0QBRIXCghhcHBuZXh1cxILCMCUnZbHrYo9EAUSFgoHcnViaWNvbhILCMy7nZbHrYo9EAUSFQoGY2FzYWxlEgsIovfzmMetij0QBRgFIAMoATILCOLaxr7drYo9EAVCDyINCAESCQoFdGllcjIQAVoHM2Z0Zm5oM2ABcgZjYXNhbGU.
.casalemedia.com/	1970-01-21 06:20:10	Name: CMID Value: ZnoMltHM7ywAABDzAU9BIAAA
.casalemedia.com/	1970-01-20 23:44:10	Name: CMPS Value: 078
.casalemedia.com/	1970-01-20 23:44:10	Name: CMPRO Value: 078
.cdnwidget.com/	1970-01-21 07:03:22	Name: __3idcontext Value: {"cookieID":"2iLfC1pQnccOu7Yx9gvzeeOzlWM","deviceID":"2iLfC2zbPaSFUcaxeDgfbDG8K7T","iv":"","v":""}
.elfcosmetics.com/	1970-01-21 07:03:22	Name: __idcontext Value: eyJjb29raWVJRCI6IjJpTGZDMXBRbmNjT3U3WXg5Z3Z6ZWVPemxXTSIsImRldmljZUlEIjoiMmlMZkMyemJQYVNGVWNheGVEZ2ZiREc4SzdUIiwiaXYiOiIiLCJ2IjoiIn0%3D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://cc-elf-us-dev.elfcosmetics.com/ Message: Access to fetch at 'https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetTrackingAllowed' from origin 'https://cc-elf-us-dev.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetTrackingAllowed Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cc-elf-us-dev.elfcosmetics.com/ Message: Access to fetch at 'https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetCookieData' from origin 'https://cc-elf-us-dev.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://development.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/Api-SetCookieData Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://cc-elf-us-dev.elfcosmetics.com/ Message: Refused to execute script from 'https://h64.online-metrix.net/cMiVwwM4zbry5Htb?48600fd6827cab58=KR8h_OsBr_zTmtms5YW0Z3KEfQLLfiRfe1l-0f1HaXwRvgQ0LNyOlNJmPdX2b94y2Caz-yrMBlKOEcjhwjN_SvavNUiAmKH2ucfW3IKBMOlBWcYHOVvpxEwZAYTlb7d8hwx9Up4Gr-Cr-3xzHR6CVmQclqlEeIv-xpmPtOfFQP5YY4rbJizWywzw0RAoTEJy57C79vCJ8l8X6maXg1ucl69IA9GACeVg' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
ad.doubleclick.net
alb.reddit.com
analytics.tiktok.com
api.bounceexchange.com
apps.bazaarvoice.com
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
cc-elf-us-dev.elfcosmetics.com
cdn-scripts.signifyd.com
cdn.blisspointmedia.com
cdn.cookielaw.org
cdn.cquotient.com
cdn.dynamicyield.com
cdn.jsdelivr.net
cdn8.eu.inside.chat
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
data.cdnbasket.net
development.elfcosmetics.com
dsum-sec.casalemedia.com
e.cquotient.com
elfco11111.pcapredict.com
elfcosmetics.my.salesforce-sites.com
elfcosmetics.secure.force.com
events.bouncex.net
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
h.online-metrix.net
h64.online-metrix.net
ib.adnxs.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.rlcdn.com
imgs.signifyd.com
insight.adsrvr.org
js.appboycdn.com
js.cnnx.link
js.jebbit.com
match.adsrvr.org
network-stg-a.bazaarvoice.com
page.cdnbasket.net
pd.cdnwidget.com
pippio.com
pix.cdnwidget.com
pixel-config.reddit.com
pixel.pointmediatracker.com
pixel.rubiconproject.com
plugins-media.perfectcorp.com
portal.sandbox.afterpay.com
s.pinimg.com
secure.adnxs.com
sgtm.elfcosmetics.com
st.dynamicyield.com
stats.g.doubleclick.net
stg.api.bazaarvoice.com
tag.rmp.rakuten.com
tag.wknd.ai
tags.rd.linksynergy.com
ut.rd.linksynergy.com
view.cdnbasket.net
w2txo5aasxpdjdhd2rneukpze5v4vgokaoq2scdv950ab00c8b3fab78sac.d.aa.online-metrix.net
websdk.appsflyer.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
www.youtube.com
www8.eu.inside.chat
development.elfcosmetics.com
104.16.136.35
104.18.187.31
104.18.9.17
107.178.254.65
108.138.106.40
142.250.65.162
142.250.65.232
142.250.80.38
142.250.80.46
142.250.80.66
142.251.35.166
142.251.40.132
142.251.40.162
151.101.128.84
151.101.192.84
151.101.193.140
172.64.151.101
18.164.130.168
18.238.80.118
18.238.80.5
18.238.80.94
192.225.157.157
192.225.158.1
192.225.158.3
204.141.88.95
23.44.111.16
2600:141b:1c00:30::1739:5a65
2600:1901:0:56e0::
2600:9000:21dd:8c00:a:b89d:a6c0:93a1
2600:9000:23cb:1600:11:85b0:d600:93a1
2600:9000:24f1:2a00:15:ad21:c740:93a1
2600:9000:24f1:c400:a:7914:b00:93a1
2600:9000:2511:f600:d:274d:a6c0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6810:7809
2606:4700::6812:bb1f
2606:4700::6813:b0d3
2606:4700::6813:b234
2607:f8b0:4004:c21::9a
2607:f8b0:4006:80b::200e
2607:f8b0:4006:816::2008
2607:f8b0:4006:81c::200e
2620:1ec:c11::237
2620:f3:0:14:b401:8ee8:4321:ad82
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:46::84
2a04:4e42::396
3.214.83.230
3.33.220.150
34.102.147.248
34.111.8.32
34.117.101.205
34.117.233.127
34.120.253.250
34.149.130.207
34.149.254.212
34.193.203.33
34.195.40.121
34.49.124.132
34.98.106.171
34.98.67.3
34.98.72.95
35.244.154.8
35.244.165.197
44.214.85.195
44.215.32.16
52.20.196.93
67.202.8.105
68.67.179.87
69.173.146.5
01bd0485587edbcc45fa110675af95224340155e499316c48351efa913a4b4e6
0201acab1b11acd0f5cc7ee6b9b8f6f08eb3c05425f62d8d21a342621bbd0458
020da0825330e19eef417005d005ad730b7c875200d5f16057bcd32230f30b84
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
0232c842afa32c041223fc8ef697660bae9caeac0a4ea9d596d421cd5a7e46ca
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed
05afd7115e1e4e6835deb4080f8b300a058786683a9ef7ec2af25e4038885905
0611894db287962f5bcce0da6738a4a6ecdab5b29235c48d87decb3127e9254f
0620ac5a71e007dde5311ed35aaf25c74fb96e9093fa38b53d026b7026b2089a
06b342380fdd8f72c76afb415afd8f2589f0a359f56f49bd2dcb089fcdadae7f
08200626ba06885c7a9e4ff3c6ccb778055d293690b5004d3d2862e779d7e9fb
08507569ca429fef9c5941dd2fa63204a8a123bb43e26dd7f15526e5076f14c0
11762f3811534382a7fe191591000ebd869ce22a1936004470c4ce1d420a36a1
11d85fdf304afea4934a1a8328c05cd573735b91c94cc4800c497f85ec877983
12acf0cde9105ca35b079104e27341413fb68164085916505c077cf58748abc3
152d22333bf4f21956a0664fea4464cd31e7860130bd5cd5b443b91c0c068773
16db994a568e28d3f16de6c672b1dec012ef3c911abbfac05e61f365c8267335
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1fabd1529453dd3e53a74c918ecf6ef2c0df8e709fb51713fed956815f174a5f
2135d42472a3508e44ff861242f12de8a8effbee53e004e6ef37da4b6a637c00
217fc105680c3618348912b066a91fbf8aafae55097178156f2da96da68711de
2185a0c47d26b13be50710c4794d7bbaad1aaed7b74490f2e641e0f62d73955e
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
27e921377431a1415510465137eaafbee97e6903651f4a432f3c8481329f2eaf
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
2cdbabdd0b3d48416200ef7238f3b2f2c8dd90e83b34456d0f4e88c04457d638
2f9c91dd6030ee0311497f63531e9e27cb31cb8468a74c0b8482075bdbaa80b5
3088512cce1086950ef581799e439b10125411d744efbeb9ce6e32b8bf508a11
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
3c6ad532f6b2681f5bbf520f052c20564518db128d49c4faa8bfde69fff49760
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e7938fd5c17bb1b600de328beb4372fd16d07ef78ec200436f4b683d465ffa0
3f35a18a6fb42471cbd8ffd1aba998921e3038c5d7b4918189409a4f0bc06771
400efdf33f8a4a3eaa2b9f6bd5134f1f2920dd0d2c9f9199c27087550e89876b
40ce925d45385c5afbd468d74c305990602f2532b12dde20bb44cb5622cb5ab2
41a730a41b53c20792561d1904487a341f32b9572646128575267648dc50a85c
42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2
498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33
4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e4d34043fda126f336813e7371dee25695d51123858453e94207e8473ad95d6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
528622fd0ee8099706a7fadf1614ae63ed4e2312ff274f82478b9f73073830f8
52960b56e4d4fbf39e5cae2833367131bb2354c69ab5d9eb296d82733f62923d
538c140759394af91479cb1e6b8ae2e2ab6637e8fe1a124073c16501374b5f77
5397ca137346263e22b469e89cac884feedefd5f941775dcf559916338331eab
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5ac3ea27ca6c917d52588d85fd857d068548931bc8470b7a5aaeb6222c6e23e6
5bcd8b4669a5a032beb454a70f3eaf884f1e44f785109f191b71fd7cb1147080
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fc7daec3049f34cb4a29c98ada947c074396dbef9beb12af9dfe144da7aac93
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6678bc26efbd6fa9f8706aad2088fc4db6347277c70b25658fa84c81fdf170c5
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
692ec66f8193b7ee2b14bb6d8b2e09f0cfaef3fb4762e66686fa547d60fff2e2
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
6d13f13f041941770ae11a3ae675276c43cea109b5f4625264388383e2ffec45
709de1b955852f8d94747824000c07f253a89a03078941703df9859d2e75c252
70d33528beda4b62b25c2b7aa41a0d305e9e6da9d6f8f4d01bb3c2452762dca5
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
7322c6b395210149360a505c214681510bf9717456331ff1344228fc962bbc57
75e90110108cc3c6588fc188d8ab2252a9a9a949d51723fa2f0239e805f67d62
763e6758f3df5d026315cc840cbb7a8afbb9b48012062174d345788f69467949
7796a86b26673b3b57d9a393c31b331b9fc5d413c604e3999727d613047f2dfe
7d22f48243f28ae0d3cfbbc0ec1919450e5249f32645dfdf104c83d0b5cfd00c
7ecda24592b5899ec119960edc4afbb29ca7e7b0c926f3c11f2c70ce8161c890
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
875ca118023e8741e684a320e73b7f9af4e8eba6c88f1f7e8457f7c0cdda6efb
8bb5a96a0b8bb188276405893ba46f3dcb643f868258f089870e4ee0edc18bec
8d8de85c1cd700d2717f36f1445adfc503874d78c80f468bceb2717a10d2013a
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9381cc2e82e9d6be913b7b2e52739ddfb2b768cb7923194cdd1e123f81cfe41b
9450a6523af74529a0c240abf48d82912c140c14da4e61bd341f2ed6cd2423d1
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
969d01882f777aa6a70cd3e239d769bc1461ff73fcc4321bf3246f960773e4c5
96a3358dcb988a6b2d0d6f409533b6e242b79f248d58bb9731860246481eb585
974cc0a61be1d5877ffdc4598bbfa3f33f860a0d91ab1ac21674f9d8e114d4ac
9926e6dab8984b50d0371bfc59a07decff730f61f253126257c481f8f5c8e9cc
9a1f9b482277bad68eac0ea5cdfbf2d55e5578cb83df84dd45afd86a5f2aa518
9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2
9e11c1b7bb62dfe1b07f279fe6bcef4c8874c91404390681ef188f1d3608f000
9ee5f302184c7f391b9d5c605a70b4ed00618f179452ee8a0a4f235d1da334e8
a13d2476068d51ad397e9a9276e08b1241d00249985a1eb10048e18777556ea3
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a3a23a87a85dcb25c7055d11b4e95444766e80087a4f09b52ca9590bc5b5c3e3
a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84
a7d87091d363393cdfb559f44f41e447f70b67917b9dedb3e97c2a8d476e1ea8
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
a9b2a97b95ecaab1920aba84b26169c23a38e0513c2d4423ab9c0102b96cb195
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abeaee675488e2822c821477339ce9896e57e9a1e1834f642537bd148b15b81b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34b4406dc95c820ca4a6bc9bb43fff02fc09d82d579e4c0e48ff3e1827c9e33
b4adff3c1c64b9816a0b089544ce135490356f3c87a34b43c59660cf94bc3eba
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bddddc368f8a9dc28982e860d89e424f6c4deabdce3f5c06870e3e8447595ada
bf335c593528db4ead1580acb6656530326a6b5cdbd1d4e663f41df440d97802
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c0c8b53ad8efc1b3ce1f8f06c1f21540ef05df48e0d4c9795ae6d4db83ee3a8a
c1ad324697e4ee64aeb17fe94c0c2327f8e351a2baf9fe27c64cf0f438f77761
c4dd77cdf5d90eff153432697a7e2b132a5a58cd2a5dc0e8d0919c3b7ea895c5
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
c66960fd249e74cd61ae9b9ed92f21e038feb67be2f7c4c9ced6f00cfb193bf5
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbf0ad8d8fb9d5ac376dd38a49d48d76eded8bfb082609d3d9b765ad033a8b87
cc9709489aeba0f23cc18fd3d1ff6f2087e1381ba6dbe92e98738228d520fd54
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cd5ae643e89170860b9bca1805cb663625a9006ecfcdf8749d3ee7d498d40629
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d3b0b3f1f2c1e5034007196b7f26370c5fcf0185c59db37f89d8a10b8d9e9660
d458b8bf8b833ba926761026442a9515f8a6116714a943ba4ed10a9ccbb41b76
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d56e42bdf8acd22fe7e5e1fe14c7862f03eee89acf31967d6bea370c0d7d356e
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dac964d799693671c6a7ec7e4b650bab2bf801be623806d73dbc9a2ec0bebc44
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e095e9ea41994a0303722e769ebc6ac1cd04ae4fbf2939ae8668eb6b1366fdf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a8112252b50b4b89f7b39ecd63b218133284fcd7e1e5bef85baf3bc80220d8
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e80da8cd6f16975cd9cc820bf8f461a0893da94f9f1113413396894c41dcfda8
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ed389866bb97f3828e65bcb6b6c56743f7501398f6c7d448c94d8c3bc602b047
ee2b3cb1dddb683ea64efcc4187d9ead774e3cf2843350220db6d41c8335807a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4a0a386be0745346bdbbb04735249591dcc13e2d36a444f2ff08f70b236868
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f27161dfe1b76e23a981ddc9988036e92cc0103efa22d67b3fc2ff86f8ee1e1c
f3ee233d8819e508bb5518fe58a3109712e1162aaec3a3470ca19e48e1a91db2
f7e9c4d6427d6379534a8324d46af322f1a7b3aebe482a1e5bdaf2e069714568
f8385a727d9ce6c82afec6272e3b93ae898d94b17570342413c737edc92bf4ed
fa34549142bf08d64a1aafc46cd747908dcba2aadaf01bd57a4e7146db5adc3b
fa82f442825e37da450753beffc9ef5169fb2219bbc409c28b19e55000d7285f
fd9e85c7125c9ad8baef11d133ebcb87367707c7c52d6db6892eaade9dfd9efb

cc-elf-us-dev.elfcosmetics.com Open in urlscan Pro 104.16.136.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

200 Requests

94 %HTTPS

31 %IPv6

48 Domains

75 Subdomains

64 IPs

2 Countries

6001 kBTransfer

13886 kBSize

97 Cookies

100 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cc-elf-us-dev.elfcosmetics.com Open in urlscan Pro
104.16.136.35 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

94 %
HTTPS

31 %
IPv6

48
Domains

75
Subdomains

64
IPs

2
Countries

6001 kB
Transfer

13886 kB
Size

97
Cookies

200 HTTP transactions
2 data transactions