Submitted URL: http://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240...
Effective URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240...
Submission: On September 30 via api from IE — Scanned from DE

Summary

This website contacted 92 IPs in 9 countries across 61 domains to perform 352 HTTP transactions. The main IP is 151.101.193.55, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.refinery29.com. The Cisco Umbrella rank of the primary domain is 135078.
TLS certificate: Issued by R10 on August 26th 2024. Valid for: 3 months.
This is the only time www.refinery29.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 151.101.193.55 54113 (FASTLY)
1 13.32.27.47 16509 (AMAZON-02)
2 151.101.129.55 54113 (FASTLY)
8 18.66.147.27 16509 (AMAZON-02)
1 18.66.147.49 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:264... 16509 (AMAZON-02)
1 34.196.228.185 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
11 2602:816:5001... 54113 (FASTLY)
1 3 18.244.18.27 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
2 2a04:4e42:200... 54113 (FASTLY)
1 18.66.112.84 16509 (AMAZON-02)
1 151.101.193.91 54113 (FASTLY)
2 35.190.59.101 15169 (GOOGLE)
3 199.232.188.157 54113 (FASTLY)
1 3.161.82.29 16509 (AMAZON-02)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
2 75.2.40.13 16509 (AMAZON-02)
2 162.247.243.29 54113 (FASTLY)
6 151.101.64.84 54113 (FASTLY)
1 34.120.127.138 396982 (GOOGLE-CL...)
4 34.107.217.107 396982 (GOOGLE-CL...)
1 3.163.248.4 16509 (AMAZON-02)
1 18.245.60.29 16509 (AMAZON-02)
1 35.190.72.161 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:236... 16509 (AMAZON-02)
49 2a04:4e42:4e:... 54113 (FASTLY)
2 2600:9000:235... 16509 (AMAZON-02)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.35.58.148 16509 (AMAZON-02)
4 35.190.43.134 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
23 54.197.49.144 14618 (AMAZON-AES)
4 34.117.250.57 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.10.98.83 16509 (AMAZON-02)
1 2600:1901:0:7... 396982 (GOOGLE-CL...)
3 34.227.208.232 14618 (AMAZON-AES)
12 2600:9000:249... 16509 (AMAZON-02)
8 45.133.44.3 39572 (ADVANCEDH...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 172.240.45.75 7979 (SERVERS-COM)
2 45.133.44.4 39572 (ADVANCEDH...)
6 13.224.186.120 16509 (AMAZON-02)
7 167.235.37.234 24940 (HETZNER-AS)
2 18.245.31.65 16509 (AMAZON-02)
8 184.30.211.26 16625 (AKAMAI-AS)
2 65.9.66.104 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 172.240.45.81 7979 (SERVERS-COM)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 108.138.8.164 16509 (AMAZON-02)
2 18.245.60.124 16509 (AMAZON-02)
2 178.32.197.49 16276 (OVH)
4 185.89.211.84 29990 (ASN-APPNEX)
4 2a02:2638:3::39 44788 (ASN-CRITE...)
2 52.222.236.91 16509 (AMAZON-02)
2 18.157.230.4 16509 (AMAZON-02)
2 185.255.84.151 200271 (IGUANE-)
2 2600:9000:223... 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 52.50.81.5 16509 (AMAZON-02)
2 35.227.252.103 15169 (GOOGLE)
3 163.5.194.34 60558 (SECUREDSE...)
2 52.213.72.128 16509 (AMAZON-02)
8 2602:803:c003... 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 185.184.8.90 204995 (RTB-HOUSE...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
2 34.250.181.32 ()
3 163.5.194.32 ()
2 52.49.236.173 ()
2 34.98.64.218 ()
2 76.223.111.18 ()
2 23.35.236.201 ()
2 185.255.84.152 ()
2 95.101.149.233 ()
2 103.67.200.72 ()
352 92
Apex Domain
Subdomains
Transfer
78 spot.im
launcher.spot.im — Cisco Umbrella Rank: 5781
direct-events-collector.spot.im Failed
static-cdn.spot.im — Cisco Umbrella Rank: 5061
publisher-assets.spot.im — Cisco Umbrella Rank: 5344
api-2-0.spot.im — Cisco Umbrella Rank: 2180
pix.spot.im — Cisco Umbrella Rank: 5402
1 MB
44 refinery29.com
www.refinery29.com — Cisco Umbrella Rank: 135078
web-statics-cdn.refinery29.com — Cisco Umbrella Rank: 286582
analytics.tenmges.refinery29.com — Cisco Umbrella Rank: 368873
api.tenmges.refinery29.com — Cisco Umbrella Rank: 272595
718 KB
14 spotim.market
player.spotim.market — Cisco Umbrella Rank: 9605
sghb.spotim.market — Cisco Umbrella Rank: 10843
209 KB
12 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2502
725 KB
11 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 749
33 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 530
eus.rubiconproject.com
6 KB
10 amazon-adsystem.com
wms-na.amazon-adsystem.com Failed
c.amazon-adsystem.com — Cisco Umbrella Rank: 364
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 744
aax.amazon-adsystem.com — Cisco Umbrella Rank: 470
88 KB
9 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2155
track1.aniview.com — Cisco Umbrella Rank: 5490
go1.aniview.com — Cisco Umbrella Rank: 6842
179 KB
9 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 5590
r.skimresources.com — Cisco Umbrella Rank: 5424
t.skimresources.com — Cisco Umbrella Rank: 5733
p.skimresources.com — Cisco Umbrella Rank: 7160
m.skimresources.com — Cisco Umbrella Rank: 59011
22 KB
9 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4542
96 KB
8 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1326
106 KB
8 anonymised.io
static.anonymised.io — Cisco Umbrella Rank: 14077
material.anonymised.io — Cisco Umbrella Rank: 13617
aegis.anonymised.io — Cisco Umbrella Rank: 14196
38 KB
8 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 4570
ct.pinterest.com — Cisco Umbrella Rank: 981
log.pinterest.com — Cisco Umbrella Rank: 6161
25 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 842
241 B
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 921
tr6.snapchat.com — Cisco Umbrella Rank: 1409
609 B
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 227
182 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 896
ce.lijit.com
1 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 635
spot-im-d.openx.net
406 B
4 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 632
453 B
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 509
ads.pubmatic.com
174 B
4 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4129
visitor.omnitagjs.com
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 587
eb2.3lift.com
1 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 772
785 B
4 adnxs-simple.com
ib.adnxs-simple.com — Cisco Umbrella Rank: 11325
3 KB
4 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3233
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4883
1 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1574
a.ad.gt — Cisco Umbrella Rank: 1689
5 KB
3 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 11086
ghb.adtelligent.com — Cisco Umbrella Rank: 9077
2 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1617
analytics.twitter.com — Cisco Umbrella Rank: 1133
28 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 194
3 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2035
mab.chartbeat.com — Cisco Umbrella Rank: 3331
35 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
198 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
22 KB
2 adkernel.com
sync.adkernel.com
268 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 832
31 KB
2 openwebmp.com
hb.openwebmp.com — Cisco Umbrella Rank: 6266
1 KB
2 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 1693
1 KB
2 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2074
1 KB
2 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 9796
928 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1123
29 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1762
12 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
3 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4111
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
71 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 272
831 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 4449
497 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1103
25 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1176 Failed
ad.crwdcntrl.net Failed
13 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 8267
181 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1164
558 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2021
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 9833
63 B
1 t.co
t.co — Cisco Umbrella Rank: 857
627 B
1 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 8916
36 KB
1 fqtag.com
c.fqtag.com — Cisco Umbrella Rank: 95407
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1232
24 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 989
15 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 4643
34 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1629
201 B
1 htlbid.com
htlbid.com — Cisco Umbrella Rank: 9450
1016 B
352 61
Domain Requested by
49 static-cdn.spot.im www.refinery29.com
static-cdn.spot.im
34 www.refinery29.com www.refinery29.com
23 api-2-0.spot.im www.refinery29.com
12 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
player.aniview.com
11 js-agent.newrelic.com www.refinery29.com
9 cdn.privacy-mgmt.com www.refinery29.com
8 fastlane.rubiconproject.com player.spotim.market
8 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
8 player.spotim.market www.refinery29.com
player.spotim.market
rumcdn.geoedge.be
8 web-statics-cdn.refinery29.com www.refinery29.com
6 prebid.a-mo.net player.spotim.market
6 sghb.spotim.market player.spotim.market
6 c.amazon-adsystem.com player.spotim.market
c.amazon-adsystem.com
5 ct.pinterest.com www.refinery29.com
4 ads.yieldmo.com player.spotim.market
4 bidder.criteo.com player.spotim.market
4 ib.adnxs-simple.com player.spotim.market
4 track1.aniview.com player.aniview.com
4 securepubads.g.doubleclick.net www.refinery29.com
rumcdn.geoedge.be
4 material.anonymised.io www.refinery29.com
4 tr.snapchat.com www.refinery29.com
sc-static.net
3 player.aniview.com www.refinery29.com
player.aniview.com
3 pix.spot.im static-cdn.spot.im
3 t.skimresources.com www.refinery29.com
3 sb.scorecardresearch.com 1 redirects
3 www.googletagmanager.com www.refinery29.com
3 www.google-analytics.com www.refinery29.com
2 sync.adkernel.com
2 eus.rubiconproject.com player.spotim.market
2 visitor.omnitagjs.com player.spotim.market
2 ads.pubmatic.com player.spotim.market
2 eb2.3lift.com player.spotim.market
2 spot-im-d.openx.net player.spotim.market
2 ce.lijit.com player.spotim.market
2 static.criteo.net player.spotim.market
2 ap.lijit.com player.spotim.market
2 rtb.openx.net player.spotim.market
2 hbopenbid.pubmatic.com player.spotim.market
2 hb.openwebmp.com player.spotim.market
2 hb-api.omnitagjs.com player.spotim.market
2 tlx.3lift.com player.spotim.market
2 hb.yellowblue.io player.spotim.market
2 prg.smartadserver.com player.spotim.market
2 web.hb.ad.cpe.dotomi.com player.spotim.market
2 trx-hub.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
2 id.hadron.ad.gt cdn.hadronid.net
2 go1.aniview.com www.refinery29.com
2 cdn.id5-sync.com rumcdn.geoedge.be
2 cdn.hadronid.net www.refinery29.com
2 config.aps.amazon-adsystem.com rumcdn.geoedge.be
2 player.adtelligent.com player.spotim.market
2 aegis.anonymised.io www.refinery29.com
2 www.facebook.com
2 region1.analytics.google.com www.refinery29.com
2 publisher-assets.spot.im www.refinery29.com
2 connect.facebook.net www.refinery29.com
2 static.anonymised.io www.refinery29.com
2 bam.nr-data.net www.refinery29.com
2 api.sail-personalize.com www.refinery29.com
2 p.skimresources.com
2 platform.twitter.com www.refinery29.com
2 r.skimresources.com www.refinery29.com
2 s.pinimg.com www.refinery29.com
2 assets.pinterest.com www.refinery29.com
2 static.chartbeat.com www.refinery29.com
2 tags.crwdcntrl.net www.refinery29.com
rumcdn.geoedge.be
1 ghb.adtelligent.com player.spotim.market
1 prebid-eu.creativecdn.com player.spotim.market
1 prebid.media.net player.spotim.market
1 a.ad.gt rumcdn.geoedge.be
1 fonts.gstatic.com fonts.googleapis.com
1 log.pinterest.com
1 tr6.snapchat.com sc-static.net
1 api.tenmges.refinery29.com www.refinery29.com
1 fonts.googleapis.com client
1 cdn.segment.com www.refinery29.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.twitter.com
1 t.co
1 cdn-magiclinks.trackonomics.net www.refinery29.com
1 c.fqtag.com www.refinery29.com
1 analytics.tenmges.refinery29.com www.refinery29.com
1 sc-static.net www.refinery29.com
1 m.skimresources.com www.refinery29.com
1 launcher.spot.im www.refinery29.com
1 static.ads-twitter.com www.refinery29.com
1 s.skimresources.com www.refinery29.com
1 ak.sail-horizon.com www.refinery29.com
1 mab.chartbeat.com www.refinery29.com
1 ping.chartbeat.net www.refinery29.com
1 htlbid.com www.refinery29.com
0 direct-events-collector.spot.im Failed www.refinery29.com
0 wms-na.amazon-adsystem.com Failed www.refinery29.com
0 ad.crwdcntrl.net Failed www.refinery29.com
352 97
Subject Issuer Validity Valid
refinery29.com
R10
2024-08-26 -
2024-11-24
3 months crt.sh
htlbid.com
Amazon RSA 2048 M02
2024-08-20 -
2025-09-18
a year crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M03
2024-09-07 -
2025-10-06
a year crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2024-05-15 -
2025-06-06
a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1
2023-11-20 -
2024-12-20
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-05 -
2025-08-07
a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02
2023-12-04 -
2024-12-30
a year crt.sh
*.skimresources.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-01 -
2024-12-31
6 months crt.sh
skimresources.com
WR3
2024-09-18 -
2024-12-17
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-24 -
2025-07-25
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
*.spot.im
Amazon RSA 2048 M03
2024-08-02 -
2025-08-30
a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M02
2024-03-25 -
2025-04-22
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-12 -
2025-08-12
a year crt.sh
anonymised.io
WR3
2024-09-01 -
2024-11-30
3 months crt.sh
sc-static.net
Amazon RSA 2048 M03
2023-12-21 -
2025-01-18
a year crt.sh
analytics.tenmges.viceops.net
Amazon RSA 2048 M02
2024-03-10 -
2025-04-07
a year crt.sh
*.fqtag.com
R11
2024-09-27 -
2024-12-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-09 -
2024-10-07
3 months crt.sh
*.trackonomics.net
Sectigo RSA Domain Validation Secure Server CA
2023-11-17 -
2024-12-17
a year crt.sh
t.co
E5
2024-09-28 -
2024-12-27
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-31 -
2024-10-29
a year crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.de
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.segment.com
Amazon RSA 2048 M03
2023-11-14 -
2024-12-13
a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-23 -
2025-07-22
a year crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
api.tenmges.viceops.net
Amazon RSA 2048 M02
2024-03-10 -
2025-04-08
a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M03
2024-07-12 -
2025-08-09
a year crt.sh
player.spotim.market
R11
2024-08-12 -
2024-11-10
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2024-08-17 -
2025-08-20
a year crt.sh
player.adtelligent.com
R10
2024-09-10 -
2024-12-09
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
sghb.spotim.market
ZeroSSL ECC Domain Secure Site CA
2024-09-19 -
2024-12-18
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
hadronid.net
WE1
2024-09-24 -
2024-12-23
3 months crt.sh
id5-sync.com
WE1
2024-09-30 -
2024-12-29
3 months crt.sh
id.hadron.ad.gt
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2024-06-17 -
2025-07-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
a.ad.gt
WE1
2024-08-07 -
2024-11-05
3 months crt.sh
*.trx-hub.com
Amazon RSA 2048 M02
2023-12-22 -
2025-01-18
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018
2024-02-29 -
2025-03-31
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.yellowblue.io
Amazon RSA 2048 M03
2024-03-18 -
2025-04-16
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-08-01
a year crt.sh
*.openwebmp.com
Amazon RSA 2048 M03
2024-02-07 -
2025-03-07
a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M02
2024-03-04 -
2025-04-03
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2024-08-14 -
2025-08-18
a year crt.sh
*.a-mo.net
R11
2024-09-02 -
2024-12-01
3 months crt.sh
*.lijit.com
Amazon RSA 2048 M02
2023-11-21 -
2024-12-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
prebid.media.net
WR3
2024-08-09 -
2024-11-07
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2024-04-05 -
2025-04-30
a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2024-09-24 -
2024-12-23
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-21
3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2024-01-12 -
2025-02-12
a year crt.sh

This page contains 32 frames:

Primary Page: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Frame ID: 4BC0485709DD9BCEEC63A47C35428D08
Requests: 203 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1193027&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Frame ID: 4E42CA0D8D630890F33A309CE9C4621F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PBVC7CQ
Frame ID: D12872BF4BF6AAE7062F3CD4692E427F
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4853186533159233
Frame ID: 6DA43FFE880435660D3A0D512A4790B3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.refinery29.com
Frame ID: C1E276F85060F833160602353AC2416F
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: E565CDCE3275DC8AC6BBCC1F8C8FED42
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=932dbb53-dfe6-4009-ab77-21ce3c6ef802&u_scsid=bbc18989-bad8-41e4-b93b-2861202e2192&u_sclid=4358cd62-6c87-49e1-9fe2-031572e2f60f
Frame ID: DE4677F479F2C2B0FB0FB1CBB935483D
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: D90BBE07477A46C230DA051E38FF414A
Requests: 51 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: AF8AA8F20AD030011C0066F988D5561F
Requests: 49 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Frame ID: 4D7ABABE6AC77F85CAAE5C662C60904D
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Frame ID: C7F06E01479BBA876D49C66F1DA00466
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 2A2D8223C76756AE273C67A6FC0B7D98
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 9F5D72C9DA4BB5BDBF65B58C0FED5A3F
Requests: 3 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/ba2454c4-6774-4f05-8bdc-06147119265e/grumi.js
Frame ID: A7B1008312A17D18F34AF9C27437B925
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/ba2454c4-6774-4f05-8bdc-06147119265e/grumi.js
Frame ID: 8FE9041B41F7D66C0813476890B6A0CE
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&type=iframe
Frame ID: D5E71DFEF41AAC6E3A11AEF1961085DF
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&gpp=&gpp_sid=
Frame ID: E131C94F76CC8D214E70E10AF3FF7FFB
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&informer=13399841
Frame ID: 2FEFC551B8413E2FF0F11B1876017B34
Requests: 1 HTTP requests in this frame

Frame: https://spot-im-d.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: 568C758E46AE2D660E9BB72F430ED9D3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&
Frame ID: F5D083FA80853ECAF197AF03D0E7F796
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: A434D2F093B3D5B7BBC4866995978A13
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: 3DACE01CE0016D329AE64A181B2B9C95
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: 4653633B388FA299A429B72321E833F6
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 1210CC117C6F04D9476CEF7ACF314D29
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: 13E9BE12E222E7A6BAD1833890627773
Requests: 1 HTTP requests in this frame

Frame: https://spot-im-d.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: E0D1D7BE71348BAABE259239D790ABBB
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: 1D98D4B0E4D8B35DC56002141ACB882D
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&type=iframe
Frame ID: B5DF3924C806BDAB4D076EBCC9CB54A3
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&informer=13399841
Frame ID: 2AF147127376714A498C9F6E6FF4B3E9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&
Frame ID: FA48ADAB55F8B1DB255BBC09EB664587
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Frame ID: 5D547EC9B0C2D05C8509AD13E3ACC64F
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&gpp=&gpp_sid=
Frame ID: EED1F8E9AAF486C4453766B3EBC6A7B7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The 14 Best Products To Buy From e.l.f. Cosmetics

Page URL History Show full URLs

  1. http://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content... HTTP 307
    https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

352
Requests

98 %
HTTPS

32 %
IPv6

61
Domains

97
Subdomains

92
IPs

9
Countries

4201 kB
Transfer

20045 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/ HTTP 307
    https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://sb.scorecardresearch.com/cs/7395029/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js

352 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request elf-cosmetics-review
www.refinery29.com/en-gb/
Redirect Chain
  • http://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%...
  • https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF...
231 KB
54 KB
Document
General
Full URL
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bdcb1178f97c4f90c9d4b0078e989cc53346e95a7a67f5af1e50d3ff51e0e515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
394
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=7200
content-encoding
br
content-length
54810
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 08:55:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-backend
104.156.87.98
x-cache
MISS, HIT
x-cache-hits
0, 0
x-content-type-options
nosniff
x-country-code
DE
x-geoip-country-code
DE
x-geoip-region-code
BW
x-geolocation
DE
x-served-by
cache-iad-kjyo7100098-IAD, cache-fra-etou8220035-FRA
x-timer
S1727686521.798122,VS0,VE1
x-ua-device
desktop
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Non-Authoritative-Reason
HttpsUpgrades
vice-ad-lib.js
web-statics-cdn.refinery29.com/vendor/ad-lib/v3_0_0/
141 KB
45 KB
Script
General
Full URL
https://web-statics-cdn.refinery29.com/vendor/ad-lib/v3_0_0/vice-ad-lib.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4529c1ef78d62024544db9de70b8e3a1e205a89c11079db9cbd9234af888d89b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"88f7e94e19b552a26bbbb64e0dfca11c"
age
495895
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:20 GMT
last-modified
Tue, 27 Aug 2024 14:21:13 GMT
x-served-by
cache-iad-kiad7000032-IAD, cache-fra-etou8220035-FRA
x-cache-hits
6, 880
content-type
text/javascript
x-amz-id-2
bwZngGHkpDf7Uamz8eUSKY2QEINylg2sq8YA7y36rOEmpBQExr3gj9j3vb0JKRS1/Ic7pk3ugAo=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
167.82.233.32
x-timer
S1727686521.873080,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
FJX9MWXFDKYCMKYN
accept-ranges
bytes
access-control-allow-origin
*
content-length
45962
server
AmazonS3
x-amz-server-side-encryption
AES256
cc.js
tags.crwdcntrl.net/c/5283/
0
0

styles.2c74ec50092399c89ac5.css
www.refinery29.com/assets/
308 KB
34 KB
Stylesheet
General
Full URL
https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c5daadda1c4c2757e68a92a072bce0ac2a3923a0734dcf5e90cc43627c5d0ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
445930
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
text/css; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kjyo7100080-IAD, cache-fra-etou8220035-FRA
x-cache-hits
0, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.87.80
x-geoip-country-code
DE
x-timer
S1727686521.872722,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
34809
x-xss-protection
1; mode=block
htlbid.css
htlbid.com/v3/refinery29-v2.com/
3 KB
1016 B
Stylesheet
General
Full URL
https://htlbid.com/v3/refinery29-v2.com/htlbid.css
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fff7d4a8d62ea3ab4170bf11ba1d85a05f7fc2fb7ee76b08533648d89bb07e95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=600
content-encoding
br
etag
W/"1f5353bf47a87258ac5292aa1f15d04b"
age
594
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hfUIsVlDhoGowxCbOJPOTOpkroYDAMPufSE_Ei_AXYsHp8NfCy7ZhA==
date
Mon, 30 Sep 2024 08:45:27 GMT
content-type
text/css
last-modified
Tue, 17 Sep 2024 20:47:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
d27ad8510dcf0eef13f6419f4f9a76e6.svg
www.refinery29.com/assets/
3 KB
1 KB
Image
General
Full URL
https://www.refinery29.com/assets/d27ad8510dcf0eef13f6419f4f9a76e6.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
89f9523ed6ee42db29969af142573a35a677d32f880875f4a0ca50c894d9faf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
1206798
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
image/svg+xml
last-modified
Wed, 28 Aug 2024 17:09:01 GMT
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-etou8220035-FRA
x-cache-hits
0, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.77
x-geoip-country-code
DE
x-timer
S1727686521.873078,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1091
x-xss-protection
1; mode=block
c5a8ae3dd50e6ebe17044593c2c7ee0c.svg
www.refinery29.com/assets/
12 KB
5 KB
Image
General
Full URL
https://www.refinery29.com/assets/c5a8ae3dd50e6ebe17044593c2c7ee0c.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0ee2b1e5281ff25b48ec791dad8c05333f787cd13eb5b17e8647d684a5062b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
1044135
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Sep 2024 09:35:43 GMT
x-served-by
cache-iad-kcgs7200031-IAD, cache-fra-etou8220035-FRA
x-cache-hits
7, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.31
x-geoip-country-code
DE
x-timer
S1727686521.873054,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
4630
x-xss-protection
1; mode=block
runtime.1c7bcfe5a383288ad4a0.js
www.refinery29.com/assets/
3 KB
2 KB
Script
General
Full URL
https://www.refinery29.com/assets/runtime.1c7bcfe5a383288ad4a0.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b72413bc0e16407a93a071286585f1b0227d6c2f1c70de51f9bf71a81cad49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
409841
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 25 Sep 2024 14:53:41 GMT
x-served-by
cache-iad-kjyo7100125-IAD, cache-fra-etou8220153-FRA
x-cache-hits
1, 3
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.87.125
x-geoip-country-code
DE
x-timer
S1727686521.923947,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1727
x-xss-protection
1; mode=block
ads.b703da23a66e75ad251f.js
www.refinery29.com/assets/
177 B
624 B
Script
General
Full URL
https://www.refinery29.com/assets/ads.b703da23a66e75ad251f.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc81615fd34840e761389edd85973392f30221b10635bce7dbb76bc94245deb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
714836
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kiad7000110-IAD, cache-fra-etou8220153-FRA
x-cache-hits
2, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
167.82.233.110
x-geoip-country-code
DE
x-timer
S1727686521.926753,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
143
x-xss-protection
1; mode=block
vendor.241f8bff3f7c8b9fa059.js
www.refinery29.com/assets/
708 KB
206 KB
Script
General
Full URL
https://www.refinery29.com/assets/vendor.241f8bff3f7c8b9fa059.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1665c0edd577ae8c4d0867779a88d15befe5a5126b9590e5364a76f6113501c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
1206633
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kjyo7100083-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 1
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.87.83
x-geoip-country-code
DE
x-timer
S1727686521.977831,VS0,VE3
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
210435
x-xss-protection
1; mode=block
scripts.f75578b0761295c99ca2.js
www.refinery29.com/assets/
291 KB
74 KB
Script
General
Full URL
https://www.refinery29.com/assets/scripts.f75578b0761295c99ca2.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f03f08aba143992ca4676ea1fe48dcd40abb0cba56a78087f31b0de827c9357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
548812
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kjyo7100122-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.87.122
x-geoip-country-code
DE
x-timer
S1727686521.978046,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
75414
x-xss-protection
1; mode=block
lineitems.json
web-statics-cdn.refinery29.com/htlbid/
4 KB
2 KB
Fetch
General
Full URL
https://web-statics-cdn.refinery29.com/htlbid/lineitems.json
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8c58d152dcc706c0663dcd7fbcddd8873c09795b0b7a227a5dcc9f8947b0e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"30eef080e1633f3f48a1192b6c39e145"
age
530026
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
last-modified
Tue, 27 Aug 2024 14:19:27 GMT
x-served-by
cache-iad-kcgs7200137-IAD, cache-fra-etou8220146-FRA
x-cache-hits
6, 636
content-type
application/json
x-amz-id-2
BjdEQEa1BXkkDAyPIcz/l4xCAlv3rNpvh3tlGd4i4BV5Lm1jqgXHAOziLAorqBLC8lFjrEx4Jek=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
104.156.83.137
x-timer
S1727686521.006589,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
F6S7TEDFCAHFQSPC
accept-ranges
bytes
access-control-allow-origin
*
content-length
1737
server
AmazonS3
x-amz-server-side-encryption
AES256
vice-ad-lib-refinery29-master-config.json
web-statics-cdn.refinery29.com/vendor/ad-lib/refinery29/
27 KB
2 KB
Fetch
General
Full URL
https://web-statics-cdn.refinery29.com/vendor/ad-lib/refinery29/vice-ad-lib-refinery29-master-config.json
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58aece29ac204388dcdd51306337449523673218264c98b3e6aff65b6057213e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"76cc177704f92de445cc88f23bc95139"
age
518035
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
last-modified
Tue, 27 Aug 2024 14:21:16 GMT
x-served-by
cache-iad-kcgs7200042-IAD, cache-fra-etou8220146-FRA
x-cache-hits
4, 831
content-type
application/json
x-amz-id-2
3ALh9RE9GIZRFEZJZru349Sj/L7vUIs2XnGKPR3HIy0XFXiPWaTC3DDbL9yzJ3g2sscOKxnSX3s=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
104.156.83.42
x-timer
S1727686521.006720,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
4QMWJ937BMBVCWKP
accept-ranges
bytes
access-control-allow-origin
*
content-length
1883
server
AmazonS3
x-amz-server-side-encryption
AES256
sourcepointOne.js
web-statics-cdn.refinery29.com/sourcepoint/
1 KB
1 KB
Script
General
Full URL
https://web-statics-cdn.refinery29.com/sourcepoint/sourcepointOne.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
488ceaf71204354cd30b4cf226e6e26e70360a2fefa0417cacca873202dfface

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"de5118924a03e4e69309bcfaefa68ad3"
age
431040
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
last-modified
Tue, 27 Aug 2024 14:19:30 GMT
x-served-by
cache-iad-kjyo7100104-IAD, cache-fra-etou8220035-FRA
x-cache-hits
5, 680
content-type
text/javascript
x-amz-id-2
Hiz7mvpbfGJK7bEIpOR2wQVHGCsmO8TnOkxVNCbILMYESx+FzB/9Xsj+uiOcKHW/uSvTdDRdFz0=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
104.156.87.104
x-timer
S1727686521.054298,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
4QMVWBEWR1RQ2XX8
accept-ranges
bytes
access-control-allow-origin
*
content-length
719
server
AmazonS3
x-amz-server-side-encryption
AES256
sourcepointTwo.js
web-statics-cdn.refinery29.com/sourcepoint/
1 KB
848 B
Script
General
Full URL
https://web-statics-cdn.refinery29.com/sourcepoint/sourcepointTwo.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
593567d422fc48644190a2d5f6b28ee51a85dcfd7da6be123cc3156cb5e015d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"1fe8ebf4579e039b82e77b5beb624b9a"
age
401985
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
last-modified
Tue, 27 Aug 2024 14:19:30 GMT
x-served-by
cache-iad-kiad7000088-IAD, cache-fra-etou8220035-FRA
x-cache-hits
5, 640
content-type
text/javascript
x-amz-id-2
hu35BJOxMnFs86FMHyJTwzxohtTrYrvTWK1Y8n4WEUlUwTZsM4XtBnvSgtNGcp0zSXcFUX+rvaw=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
167.82.233.88
x-timer
S1727686521.089932,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
4QMGGK477EE1FR0X
accept-ranges
bytes
access-control-allow-origin
*
content-length
609
server
AmazonS3
x-amz-server-side-encryption
AES256
msps1.1.js
web-statics-cdn.refinery29.com/sourcepoint/
2 KB
1 KB
Script
General
Full URL
https://web-statics-cdn.refinery29.com/sourcepoint/msps1.1.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eedcaa6452da11dea027dc1886c79b7e7447a5a823401718b23363e85a15c3fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"ec5dbdd7166f98c77abb064879594ff7"
age
510006
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
last-modified
Tue, 27 Aug 2024 14:19:30 GMT
x-served-by
cache-iad-kiad7000105-IAD, cache-fra-etou8220035-FRA
x-cache-hits
7, 643
content-type
text/javascript
x-amz-id-2
5T1eIKUS8h9Qkr1Npq0QdnEXP2p/9BOuU7OA7qrTItHLQBMFg1oinx7PiCFmRDlFNcJtEFsHpM4=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
167.82.233.105
x-timer
S1727686521.111377,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
4QMVP5VSRC18KW45
accept-ranges
bytes
access-control-allow-origin
*
content-length
948
server
AmazonS3
x-amz-server-side-encryption
AES256
gdpr.js
web-statics-cdn.refinery29.com/sourcepoint/
1 KB
1 KB
Script
General
Full URL
https://web-statics-cdn.refinery29.com/sourcepoint/gdpr.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea8a6feac11ff04a6e6810f3e328723cc8040effc3e0476acba7a2574fa82e18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"f504ef3c5eba82dfb00047f5fffded19"
age
503661
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
last-modified
Tue, 27 Aug 2024 14:19:30 GMT
x-served-by
cache-iad-kjyo7100032-IAD, cache-fra-etou8220035-FRA
x-cache-hits
6, 792
content-type
text/javascript
x-amz-id-2
SAq7CLNNTQLUj2pKdeddf8BtoZkrSoXyF6nffVc//aAZU3VHRKi+1urDcH0v1atf9z4oba7Bk1w=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
104.156.87.32
x-timer
S1727686521.135188,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
4QMRR2FFBSZCSZS8
accept-ranges
bytes
access-control-allow-origin
*
content-length
754
server
AmazonS3
x-amz-server-side-encryption
AES256
sourcepointThreeR29.js
web-statics-cdn.refinery29.com/sourcepoint/
7 KB
2 KB
Script
General
Full URL
https://web-statics-cdn.refinery29.com/sourcepoint/sourcepointThreeR29.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
083e0546508057cb1c5fc4878232027c3b702b7754c97bac348022cd67ca4417

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"cf498fedbff16631c8ab7e8f7b1a9dfb"
age
580363
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
last-modified
Tue, 27 Aug 2024 14:19:30 GMT
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220035-FRA
x-cache-hits
5, 643
content-type
text/javascript
x-amz-id-2
Jf0Nah8PwdhqryVPrJfAFA2yNuH5YdAMuiijyC0R3Ok0cLNea2FDlwvbMmPtTrwWoU0W32GuEho=
vary
Accept-Encoding
cache-control
max-age=604800,public,must-revalidate
x-backend
104.156.87.113
x-timer
S1727686521.158065,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
4QMQVM3427AJX65V
accept-ranges
bytes
access-control-allow-origin
*
content-length
1312
server
AmazonS3
x-amz-server-side-encryption
AES256
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/unified/
129 KB
38 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
336e624766f4d2eff6c85301f831bbaf2d640556581d3df97513b13c6aee4e79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
br
etag
W/"468bcb2080ccc49cfba2e9e85e5d9e6b"
age
2164
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
CrzWA7e1hyahxF2TJYUBxK-X5qAYo6LUbjGnHzuYab3-_p7IdFbiMg==
date
Mon, 30 Sep 2024 08:19:18 GMT
content-type
text/javascript
last-modified
Thu, 15 Aug 2024 14:24:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
gdpr-tcf.0b327789b5d246674c71.bundle.js
cdn.privacy-mgmt.com/unified/4.25.2/
156 KB
24 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/4.25.2/gdpr-tcf.0b327789b5d246674c71.bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
167422f9a1a89f8df2d51908c362a3058da461c734bc4323db6ee039c6159f45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=31536000
content-encoding
br
etag
W/"9ef6bbaf6775bf1b7a1ddd9d8051d03a"
age
3954587
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
aSaYkDxJN1JI8J_HBDO30Xb7x180XZTU1L3x9-kpFB4PP4KEpWuEjQ==
date
Thu, 15 Aug 2024 14:25:35 GMT
content-type
text/javascript
last-modified
Wed, 14 Aug 2024 19:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
usnat-uspapi.52a61f8a8a6d0bc6ea8e.bundle.js
cdn.privacy-mgmt.com/unified/4.25.2/
210 KB
25 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/unified/4.25.2/usnat-uspapi.52a61f8a8a6d0bc6ea8e.bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0161d2339f23d79eb6d4f5e637b80231f67dde4c9fbea7897363faa77708bfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=31536000
content-encoding
br
etag
W/"f9ba572e9d5e68b4a215c63802405a4c"
age
3954586
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
rn09oPV18gaxuJUUkmh2M2a_REk2THF5FKr0zNYL5fF62sDiwoZx2g==
date
Thu, 15 Aug 2024 14:25:36 GMT
content-type
text/javascript
last-modified
Wed, 14 Aug 2024 19:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
get_site_data
cdn.privacy-mgmt.com/mms/v2/
208 B
621 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&account_id=1988
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
/
Resource Hash
8fc6ea49fb076738c04a252d29a955561c2f6767474fbbd18461a1527f99f4dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=15552000; includeSubdomains
cache-control
max-age=3600, s-maxage=86400
age
61342
access-control-allow-credentials
true
access-control-allow-methods
GET
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
GJzcnPf2--3O664t0vDHHsGc1buXlo18gUUc-UOnpr3xwFAya_xHFg==
date
Sun, 29 Sep 2024 15:52:59 GMT
content-type
application/javascript
x-sp-mms-node
ip-10-128-33-38
x-amz-cf-pop
FRA60-P4
meta-data
cdn.privacy-mgmt.com/wrapper/v2/
417 B
944 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1988&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22usnat%22%3A%7B%7D%7D&propertyId=36626&scriptVersion=4.25.2&scriptType=unified
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
575edff17970a52418f03ae82e9629298cb266a4ed0d6c446de75f7008eb366f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

age
3429
access-control-allow-methods
GET, PUT, POST, DELETE
x-cache
Hit from cloudfront
x-amz-cf-id
Tw4Zu0TK0UujbcNXe_3Mv9KAWGo8SaUION5NKbQBU_qVqwmQsYm91A==
date
Mon, 30 Sep 2024 07:58:12 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
417
x-amz-cf-pop
FRA60-P4
x-powered-by
Express
d27ad8510dcf0eef13f6419f4f9a76e6.svg
www.refinery29.com/assets/
3 KB
0
Image
General
Full URL
https://www.refinery29.com/assets/d27ad8510dcf0eef13f6419f4f9a76e6.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
89f9523ed6ee42db29969af142573a35a677d32f880875f4a0ca50c894d9faf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
1206798
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:20 GMT
content-type
image/svg+xml
last-modified
Wed, 28 Aug 2024 17:09:01 GMT
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-etou8220035-FRA
x-cache-hits
0, 2
vary
Accept-Encoding
x-ua-device
desktop
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.77
x-geoip-country-code
DE
x-timer
S1727686521.873078,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1091
x-xss-protection
1; mode=block
b1649921d5adbbccbdcc065dd2474644.svg
www.refinery29.com/assets/
3 KB
2 KB
Image
General
Full URL
https://www.refinery29.com/assets/b1649921d5adbbccbdcc065dd2474644.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da20aad92ff5801fb2533cd2211769e1c39dca54844a9521b33d88654b652f0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css

Response headers

content-encoding
br
age
625165
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Sep 2024 09:35:43 GMT
x-served-by
cache-iad-kcgs7200020-IAD, cache-fra-etou8220153-FRA
x-cache-hits
16, 1
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.20
x-geoip-country-code
DE
x-timer
S1727686521.375806,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1158
x-xss-protection
1; mode=block
c5978d8cfc0a8ce2373e33980dd34486.svg
www.refinery29.com/assets/
481 B
710 B
Image
General
Full URL
https://www.refinery29.com/assets/c5978d8cfc0a8ce2373e33980dd34486.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1272dca7cfd9ed1d1335d738a2fe09be6cebccec87fabe2b3d4dc111abc43a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css

Response headers

content-encoding
br
age
1206798
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/svg+xml
last-modified
Wed, 28 Aug 2024 17:09:01 GMT
x-served-by
cache-iad-kcgs7200112-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 1
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.112
x-geoip-country-code
DE
x-timer
S1727686521.376673,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
244
x-xss-protection
1; mode=block
5578dd1cba125fac89ff721c276006fb.svg
www.refinery29.com/assets/
6 KB
2 KB
Image
General
Full URL
https://www.refinery29.com/assets/5578dd1cba125fac89ff721c276006fb.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b2b9a11ab423ff724b4d1e67b226f557ccef9e3480d667b8940c0bd429da8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css

Response headers

content-encoding
br
age
459585
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Sep 2024 09:35:43 GMT
x-served-by
cache-iad-kiad7000047-IAD, cache-fra-etou8220153-FRA
x-cache-hits
1, 0
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
167.82.233.47
x-geoip-country-code
DE
x-timer
S1727686521.377007,VS0,VE2
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1943
x-xss-protection
1; mode=block
8ef1aa2d2848dc1fce7f40dbabe19c80.woff2
www.refinery29.com/assets/
25 KB
26 KB
Font
General
Full URL
https://www.refinery29.com/assets/8ef1aa2d2848dc1fce7f40dbabe19c80.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18de2f92c4cd97aaf4b2a950859995b681f1b24fad046e04fac3f16ddcd7dc28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css

Response headers

age
1022903
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-country-code
DE
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
font/woff2
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kiad7000030-IAD, cache-fra-etou8220153-FRA
x-cache-hits
5, 2
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
167.82.233.30
x-geoip-country-code
DE
x-timer
S1727686521.410395,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
25964
x-xss-protection
1; mode=block
18fcc97793839a49e69d57013102e0f7.woff2
www.refinery29.com/assets/
26 KB
27 KB
Font
General
Full URL
https://www.refinery29.com/assets/18fcc97793839a49e69d57013102e0f7.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f6e41f66e70d5e030908e8f8ce058f35a019aaf6eaeabd216cecc9c01745396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css

Response headers

age
625165
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-country-code
DE
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
font/woff2
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kjyo7100145-IAD, cache-fra-etou8220153-FRA
x-cache-hits
20, 2
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.87.145
x-geoip-country-code
DE
x-timer
S1727686521.411348,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
26760
x-xss-protection
1; mode=block
197dfb7e234fb09ab53f7dfb2b0a8120.woff2
www.refinery29.com/assets/
19 KB
19 KB
Font
General
Full URL
https://www.refinery29.com/assets/197dfb7e234fb09ab53f7dfb2b0a8120.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8af3e315d35d120dd008e9eb06084091f1358839999e1f5fd452b9949d9776b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.2c74ec50092399c89ac5.css

Response headers

age
358346
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-country-code
DE
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
font/woff2
last-modified
Wed, 25 Sep 2024 14:53:41 GMT
x-served-by
cache-iad-kcgs7200086-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 2
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.86
x-geoip-country-code
DE
x-timer
S1727686521.411337,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
19144
x-xss-protection
1; mode=block
raven-js.c0a6bdb20df1c9f37aeb.js
www.refinery29.com/assets/
15 KB
6 KB
Script
General
Full URL
https://www.refinery29.com/assets/raven-js.c0a6bdb20df1c9f37aeb.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5f5084c17f11ff76d1f999b39e66e3becd2b75c6cf6ed00c63e9333960495b03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
1206797
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 28 Aug 2024 17:08:20 GMT
x-served-by
cache-iad-kiad7000105-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
167.82.233.105
x-geoip-country-code
DE
x-timer
S1727686521.408106,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
6154
x-xss-protection
1; mode=block
32.c79aba6c23087e8e07c1.js
www.refinery29.com/assets/
913 B
965 B
Script
General
Full URL
https://www.refinery29.com/assets/32.c79aba6c23087e8e07c1.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13dccfe951d07a748b0d61c6379ac032ffded5418e1dfc6b32f8c8167a667fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
1065798
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kcgs7200058-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.58
x-geoip-country-code
DE
x-timer
S1727686521.409008,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
483
x-xss-protection
1; mode=block
31.ca83759409cdbcb7d944.js
www.refinery29.com/assets/
907 B
970 B
Script
General
Full URL
https://www.refinery29.com/assets/31.ca83759409cdbcb7d944.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a34555c835456da14aa43746608b1dbefcf11baea4e862f4fa3d3480dc43d9fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
625165
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kjyo7100112-IAD, cache-fra-etou8220153-FRA
x-cache-hits
4, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.87.112
x-geoip-country-code
DE
x-timer
S1727686521.408887,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
488
x-xss-protection
1; mode=block
messages
cdn.privacy-mgmt.com/wrapper/v2/
52 KB
8 KB
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1988%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%2C%22usnat%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%2C%22usnat%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=458477981460203456689f4584768596b96&scriptVersion=4.25.2&scriptType=unified
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
bc823035ea4af3a6897a2030b99b416a617d3caf19cf4d96fb21bcb73d53bfe7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
age
561
access-control-allow-methods
GET, PUT, POST, DELETE
x-cache
Hit from cloudfront
x-amz-cf-id
is8SCfYqGXcdPxLDQb5yC6l5FvpEliE1VTqcBBPqo_UD2go1wmapGQ==
date
Mon, 30 Sep 2024 08:46:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=458477981460203456689f4584768596b96&scriptVersion=4.25.2&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.refinery29.com
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 08:55:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-id
3TpxiPoJRLz3p568N0JBRrJ4TKTkro2Pkzq2ibEYW10A5UArjwvv2Q==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-powered-by
Express
pv-data
cdn.privacy-mgmt.com/wrapper/v2/
195 B
735 B
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=458477981460203456689f4584768596b96&scriptVersion=4.25.2&scriptType=unified
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
345d1a6c51de60f1b1bc0ad74792b4cf90c26af5fe2a77b0a59fdc7c27c9490b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Miss from cloudfront
content-length
195
x-amz-cf-id
IlQ65L62NO3ofx7vYrqHEjtCoXFSqoRbf_PGUhucNyRCenrtLNnxCw==
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P4
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
react_intl_en.2262fb15db69c1779f5e.js
www.refinery29.com/assets/
18 KB
2 KB
Script
General
Full URL
https://www.refinery29.com/assets/react_intl_en.2262fb15db69c1779f5e.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d262580e6766f65ee8db4f7465c47b6473da2e6c63ec8302786f7b55a2b09135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
445366
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kcgs7200135-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 1
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
104.156.83.135
x-geoip-country-code
DE
x-timer
S1727686521.486752,VS0,VE2
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1283
x-xss-protection
1; mode=block
index.html
cdn.privacy-mgmt.com/ Frame 4E42
0
0
Document
General
Full URL
https://cdn.privacy-mgmt.com/index.html?hasCsp=true&message_id=1193027&consentUUID=null&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&preload_message=true&version=v1
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
2776
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Mon, 30 Sep 2024 08:09:06 GMT
etag
W/"72d65f01a58c964e2b78f707c8429ea3"
last-modified
Mon, 09 Sep 2024 15:06:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-id
1-Ljj3n4qZlClx3TH7ljkFN0EFhIi0nsUeE9psLdU64qKJc3Q9S4yw==
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
age
5113
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 09:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 07:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
ns.html
www.googletagmanager.com/ Frame D128
0
0
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PBVC7CQ
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/scripts.f75578b0761295c99ca2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 08:55:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
chartbeat_mab.js
static.chartbeat.com/js/
24 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5c00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"6583925f-5f13"
age
36417
cross-origin-resource-policy
cross-origin
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
expires
Mon, 30 Sep 2024 22:48:24 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
y-scyIxB_R_yQb67eUwWMFW_5i0jYG4OxCGb3DD0CPNTTNPx6Mc0ww==
date
Sun, 29 Sep 2024 22:48:24 GMT
content-type
application/x-javascript
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
vary
Accept-Encoding
chartbeat_video.js
static.chartbeat.com/js/
71 KB
24 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5c00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"665fac50-11d74"
age
36408
cross-origin-resource-policy
cross-origin
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
expires
Mon, 30 Sep 2024 22:48:33 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
zsOt2o7ItKNQC9QIjA5ojCmFMjzUbuTWmi1HJMCMoksZApQNFavrGw==
date
Sun, 29 Sep 2024 22:48:33 GMT
content-type
application/x-javascript
last-modified
Wed, 05 Jun 2024 00:07:44 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
vary
Accept-Encoding
article.6d63fd882a12c48578d3.js
www.refinery29.com/assets/
253 KB
65 KB
Script
General
Full URL
https://www.refinery29.com/assets/article.6d63fd882a12c48578d3.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbd0291febbcbd205b0eb6f458c68fdc8dbcbe55b4683e1a54b65c89950e5056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
age
1206633
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Sep 2024 09:35:03 GMT
x-served-by
cache-iad-kiad7000130-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 2
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
x-backend
167.82.233.130
x-geoip-country-code
DE
x-timer
S1727686522.518698,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
65850
x-xss-protection
1; mode=block
11783784.jpg
www.refinery29.com/images/
26 KB
27 KB
Image
General
Full URL
https://www.refinery29.com/images/11783784.jpg?format=webp&width=545&height=654&quality=85
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c14545eab3af723092389ef69c6a9ee065adeee1312418e52dae59592db1764d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=344587 idim=2000x2400 ifmt=jpeg ofsz=26844 odim=545x654 ofmt=webp
age
331567
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc10071-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.71
x-geoip-country-code
DE
x-timer
S1727686522.684307,VS0,VE2
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
26844
fastly-io-served-by
vpop-haf2300714
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11772404.jpg
www.refinery29.com/images/
6 KB
6 KB
Image
General
Full URL
https://www.refinery29.com/images/11772404.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c8af49ca8b8929d1921986d6f673f81d860a1dd1fd878c29d4ff1796a533e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1347797 idim=2000x2400 ifmt=jpeg ofsz=5644 odim=140x168 ofmt=webp
age
1206778
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc1000140-SJC, cache-fra-etou8220153-FRA
x-cache-hits
1, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.140
x-geoip-country-code
DE
x-timer
S1727686522.686664,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
5644
fastly-io-served-by
vpop-haf2300714
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11785866.jpg
www.refinery29.com/images/
11 KB
11 KB
Image
General
Full URL
https://www.refinery29.com/images/11785866.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
94c6bf29d75024a735daaa728ab032afcd5d6e6266f4d9fb990fdd6919ab68a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1848208 idim=2000x2400 ifmt=jpeg ofsz=10804 odim=140x168 ofmt=webp
age
231399
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc1000096-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.96
x-geoip-country-code
DE
x-timer
S1727686522.686621,VS0,VE2
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
10804
fastly-io-served-by
vpop-haf2300705
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11783788.jpg
www.refinery29.com/images/
4 KB
5 KB
Image
General
Full URL
https://www.refinery29.com/images/11783788.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6bf85b78af2c57698124b684059009e5c4fb11b614c94824183f47f79e5a6fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=344587 idim=2000x2400 ifmt=jpeg ofsz=4490 odim=140x168 ofmt=webp
age
328945
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc10060-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.60
x-geoip-country-code
DE
x-timer
S1727686522.688228,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
4490
fastly-io-served-by
vpop-haf2300704
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11784414.jpg
www.refinery29.com/images/
4 KB
5 KB
Image
General
Full URL
https://www.refinery29.com/images/11784414.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
12c8a53ada66a82e9c1ac5dab600e79aa74f0945afb06586c26b3db08e3de1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1462191 idim=2000x2400 ifmt=jpeg ofsz=4348 odim=140x168 ofmt=webp
age
402688
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc10022-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.22
x-geoip-country-code
DE
x-timer
S1727686522.687787,VS0,VE2
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
4348
fastly-io-served-by
vpop-haf2300713
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11783847.jpg
www.refinery29.com/images/
5 KB
6 KB
Image
General
Full URL
https://www.refinery29.com/images/11783847.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e4222c3558ac331fdc7985027e9cb1ddb49207ba356aa511dc73706234fcf59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1231904 idim=2000x2400 ifmt=jpeg ofsz=5456 odim=140x168 ofmt=webp
age
492412
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc10023-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.23
x-geoip-country-code
DE
x-timer
S1727686522.687787,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
5456
fastly-io-served-by
vpop-haf2300711
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
10987829.jpg
www.refinery29.com/images/
4 KB
4 KB
Image
General
Full URL
https://www.refinery29.com/images/10987829.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56769e2ae90139ce45c0c3803de15b44cc95a7e114d92305fae6d7f69fa58022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=2411795 idim=2000x2400 ifmt=jpeg ofsz=3854 odim=140x168 ofmt=webp
age
593071
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc1000126-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.126
x-geoip-country-code
DE
x-timer
S1727686522.687366,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
3854
fastly-io-served-by
vpop-haf2300712
x-xss-protection
1; mode=block
11783019.jpg
www.refinery29.com/images/
4 KB
5 KB
Image
General
Full URL
https://www.refinery29.com/images/11783019.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22ef86528d44fe99539473a20c4cdc6c97854c3ac292c4690882a4e83fe417f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1726882 idim=2000x2400 ifmt=jpeg ofsz=4284 odim=140x168 ofmt=webp
age
865874
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc10029-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.29
x-geoip-country-code
DE
x-timer
S1727686522.687347,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
4284
fastly-io-served-by
vpop-haf2300709
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11770489.jpg
www.refinery29.com/images/
8 KB
8 KB
Image
General
Full URL
https://www.refinery29.com/images/11770489.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9698212c09e034e327b9f30a05c19257552182c95ed3327de39e94b922f2de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1493697 idim=2000x2400 ifmt=jpeg ofsz=7708 odim=140x168 ofmt=webp
age
1129939
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc1000103-SJC, cache-fra-etou8220153-FRA
x-cache-hits
1, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.103
x-geoip-country-code
DE
x-timer
S1727686522.687324,VS0,VE2
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
7708
fastly-io-served-by
vpop-haf2300703
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11096562.jpg
www.refinery29.com/images/
4 KB
5 KB
Image
General
Full URL
https://www.refinery29.com/images/11096562.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a35822400fb5e9d95cbc01a42c1807bed8f1fb1ad436dabb0e084172f5deb86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=3769755 idim=2000x2999 ifmt=jpeg ofsz=4426 odim=140x168 ofmt=webp
age
1206503
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
HIT, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc1000086-SJC, cache-fra-etou8220153-FRA
x-cache-hits
1, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.86
x-geoip-country-code
DE
x-timer
S1727686522.688227,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
4426
fastly-io-served-by
vpop-haf2300710
x-xss-protection
1; mode=block
11776002.jpg
www.refinery29.com/images/
4 KB
5 KB
Image
General
Full URL
https://www.refinery29.com/images/11776002.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34f8460eddfbd82488a6e3d183b669f2ef432b19ea623e359294d988e924bf80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=710274 idim=2000x2400 ifmt=jpeg ofsz=4522 odim=140x168 ofmt=webp
age
932184
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc1000110-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.110
x-geoip-country-code
DE
x-timer
S1727686522.688665,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
4522
fastly-io-served-by
vpop-haf2300714
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11769016.jpg
www.refinery29.com/images/
6 KB
6 KB
Image
General
Full URL
https://www.refinery29.com/images/11769016.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c40913898959deb876305198c67290fc6527a25db1a6c28325be92de2bed52cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1746326 idim=2000x2667 ifmt=jpeg ofsz=5976 odim=140x168 ofmt=webp
age
884397
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc10022-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.22
x-geoip-country-code
DE
x-timer
S1727686522.689261,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
5976
fastly-io-served-by
vpop-haf2300701
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
11781549.jpg
www.refinery29.com/images/
6 KB
6 KB
Image
General
Full URL
https://www.refinery29.com/images/11781549.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ec94fbdfdbd0aa951230ccce7e4b3546ffddf7411121a4fa979fb18d151aa153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

fastly-io-info
ifsz=1321571 idim=2000x2400 ifmt=jpeg ofsz=6022 odim=140x168 ofmt=webp
age
1040722
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
image/webp
x-served-by
cache-sjc10042-SJC, cache-fra-etou8220153-FRA
x-cache-hits
0, 0
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-ua-device
desktop
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000, public, immutable
x-backend
157.52.96.42
x-geoip-country-code
DE
x-timer
S1727686522.689244,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
6022
fastly-io-served-by
vpop-haf2300704
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/
35 B
407 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1039142893&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&dp=%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&ul=de-de&de=UTF-8&dt=The%2014%20Best%20Products%20To%20Buy%20From%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGAACAABBAAAAAAAIE~&cid=841723337.1727686522&tid=UA-315022-1&_gid=2038001834.1727686522&cd7=841723337.1727686522&cg1=entry.slideshow&cg2=Beauty&cd4=2023-08-10&cd5=11478122&cd6=Venus%20Wong&cd19=0&z=1197795469
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

age
73252
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 12:34:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/
35 B
94 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1039142893&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&dp=%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&ul=de-de&de=UTF-8&dt=The%2014%20Best%20Products%20To%20Buy%20From%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Story%20Completion&ea=View%20Section&el=0&_u=YGAACAABBAAAAAAAIE~&cid=841723337.1727686522&tid=UA-315022-1&_gid=2038001834.1727686522&cd7=841723337.1727686522&cg1=entry.slideshow&cg2=Beauty&cd4=2023-08-10&cd5=11478122&cd6=Venus%20Wong&cd19=0&cd8=0&cd1=0&z=1648037050
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

age
73252
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 12:34:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=refinery29.uk&p=%2Fen-gb%2Felf-cosmetics-review&u=BXWkAwBC7RYcC1NJBW&d=refinery29.com&g=3552&g0=beauty%2C%20undefined&g1=Venus%20Wong&n=1&f=00001&c=0&x=0&m=0&y=3881&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&b=1320&_c=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD&_m=editorial&_x=email&_y=uk&_s=%7B%22ga%22%3A%22841723337.1727686522%22%7D&t=CDKzayfaqR6CAF7gaDWIIymkUG8t&V=147&i=We%20Tried%20%C2%A3123%20Of%20e.l.f.%20Cosmetics%20Products%20%26%23038%3B%20Here%20Are%20Our%20Honest%20Thoughts&tz=-120&_demo=aid=11478122&sn=1&sv=BCYpQXD0uEgiC6nVh8B4iRa_CQrOwC&sr=external&sd=1&im=061b0fff&_
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.228.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-228-185.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Mon, 30 Sep 2024 08:55:22 GMT
pragma
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
185 B
506 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=refinery29.uk&domain=refinery29.com&path=%2Fen-gb%2Felf-cosmetics-review
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9248405b3acab9dc40c5fc49315cf0f38b2ac530e394d945a60319f8f1074b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
age
1934
expires
Sat, 28 Sep 2024 08:23:07 GMT
x-cache
HIT
date
Mon, 30 Sep 2024 08:55:21 GMT
content-type
application/json
x-served-by
cache-fra-etou8220087-FRA
x-cache-hits
0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-timer
S1727686522.790726,VS0,VE1
cross-origin-resource-policy
cross-origin
via
1.1 varnish (Varnish/6.0), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
148
async-api.8f89c105-1.231.0.min.js
js-agent.newrelic.com/
2 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/async-api.8f89c105-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"c795d925c282d627e664bd4811db2c5f"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
1330
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 20:57:47 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
370
vary
Accept-Encoding
lazy-loader.67423d16-1.231.0.min.js
js-agent.newrelic.com/
928 B
486 B
Script
General
Full URL
https://js-agent.newrelic.com/lazy-loader.67423d16-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"5c71e603fdc4b5e7eb31a10d4bf90768"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
398
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 20:58:30 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
370
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/
311 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PBVC7CQ&l=_dataLayer
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54f40adf370f78076ee0efc8c190db7fb777e031c54a9771ff756d96aad3018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 30 Sep 2024 08:55:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96873
x-xss-protection
0
server
Google Tag Manager
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/7395029/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol
H2
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"77ff4ede4693897337a38594321529a3"
age
24222
via
1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tDE5C4QhMC09mWYr6SnFNPHAygUPcVaTWrVTYBkkk4UobeDVYwDJ0g==
date
Mon, 30 Sep 2024 02:11:41 GMT
content-type
application/javascript
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-cs/default/beacon.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
6xTJnoyLgKcWdTHzoiL31NPP_91cR0-dN0N8_dUQXqyM5NLTeJa2-g==
date
Mon, 30 Sep 2024 08:55:22 GMT
x-amz-cf-pop
FRA56-P11
pinit.js
assets.pinterest.com/js/
361 B
452 B
Script
General
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
X-CDN
cache-control
max-age=300
content-encoding
br
etag
"62d32c28f14783b94192cd8d35bc010d"
x-cdn
fastly
access-control-allow-methods
GET
alt-svc
h3=":443";ma=600
access-control-allow-origin
*
content-length
203
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding, Origin
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
X-CDN
cache-control
max-age=7200
content-encoding
br
etag
"b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn
fastly
access-control-allow-methods
GET
alt-svc
h3=":443";ma=600
access-control-allow-origin
*
content-length
1878
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
spm.v1.min.js
ak.sail-horizon.com/spm/
103 KB
34 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-84.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=600; must-revalidate
content-encoding
gzip
etag
W/"0a63286546fdaeb63f5762369bd1c4ff"
age
237
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
mwzNuOZk2KQhOTWhteAYeC_OQhWWBLQDB0DulN40FhZ4UVShoiw2HA==
date
Mon, 30 Sep 2024 08:51:26 GMT
content-type
application/javascript
last-modified
Thu, 06 Jun 2024 16:53:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
30283X1542341.skimlinks.js
s.skimresources.com/js/
54 KB
20 KB
Script
General
Full URL
https://s.skimresources.com/js/30283X1542341.skimlinks.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Skimlinks V9.0 /
Resource Hash
2c468e83e946a81e04d1dbb7a40ed421f07099ad343cffcb0ff1e552dab5b707

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
public, max-age=3600
content-encoding
gzip
x-amz-version-id
kduJiDU43XpaMi4F5XKVP9mjv.eGWrpZ
etag
"f684195647bc11f742a2bf2a5cb3a62f"
accept-ranges
bytes
x-cache
HIT
p3p
policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
20335
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/javascript
x-served-by
cache-fra-etou8220101-FRA
server
Skimlinks V9.0
x-cache-hits
1
vary
Accept-Encoding
/
r.skimresources.com/api/
183 B
408 B
Script
General
Full URL
https://r.skimresources.com/api/?callback=globalSkimlinksDataCallback
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
4b722df4f2c7d7644424419af60bc483b43099062c54c0db12d94e96b44e4216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript
server
openresty/1.21.4.1
widgets.js
platform.twitter.com/
91 KB
27 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kjyo7100044-IAD, cache-muc13923-MUC
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Mon, 30 Sep 2024 08:55:22 GMT
x-tw-cdn
FT
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000168-IAD, cache-muc13956-MUC
x-amz-server-side-encryption
AES256
var=ccauds
ad.crwdcntrl.net/5/c=5285/pe=y/
0
0

sp_8qxEpddu
launcher.spot.im/spot/
99 KB
25 KB
Script
General
Full URL
https://launcher.spot.im/spot/sp_8qxEpddu
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bdf68fa2da2f1b1958416356c34819d5f26da8235aedb55876cd13b6b3d9a83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
x-amz-version-id
.SYD4YsEOJ9auV9O8gT7IIMmxoYSoA9s
etag
"98432b97fe2a4c6c749de7394a5f268c"
age
223
x-cache
Hit from cloudfront
x-amz-cf-id
cbaWdywtQmI4n0CD-K7rM7Er-HFlKe7Cy9oyysr1ekX4C2923M6D-Q==
date
Mon, 30 Sep 2024 08:51:42 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 26 Sep 2024 07:19:59 GMT
cache-control
max-age=300
via
1.1 92db4c522f37fa3dd780f6fa204d8256.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
24811
x-amz-cf-pop
FRA56-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
favicon.ico
www.refinery29.com/
84 KB
7 KB
Other
General
Full URL
https://www.refinery29.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21bb8ff5960eb6c50d56fdcbf8112fc73086683bb1ca213b108e2282a5de6831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/

Response headers

content-encoding
br
etag
"62e40bc5-14f7e"
age
1206866
x-geoip-region-code
BW
x-content-type-options
nosniff
x-geolocation
DE
x-cache
MISS, HIT
x-country-code
DE
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
image/x-icon
last-modified
Fri, 29 Jul 2022 16:33:09 GMT
x-served-by
cache-iad-kcgs7200081-IAD, cache-fra-etou8220153-FRA
x-cache-hits
0, 1
vary
Accept-Encoding
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
x-backend
104.156.83.81
x-geoip-country-code
DE
x-timer
S1727686522.083155,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
6754
x-xss-protection
1; mode=block
862.04af29e3-1.231.0.min.js
js-agent.newrelic.com/
9 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/862.04af29e3-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"8ff6f8d3b9281c2834e211ce2228757e"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
3791
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 20:57:07 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
367
vary
Accept-Encoding
page_view_event-aggregate.8cf0450e-1.231.0.min.js
js-agent.newrelic.com/
11 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.8cf0450e-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"927ef57448f4e9500b6ddd704625d0b2"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
4291
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 21:34:42 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
369
vary
Accept-Encoding
page_view_timing-aggregate.a30a53ff-1.231.0.min.js
js-agent.newrelic.com/
12 KB
5 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.a30a53ff-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"81350454b5ae22caf77cada88c68cd10"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
4850
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 21:34:57 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
367
vary
Accept-Encoding
metrics-aggregate.78efb4d5-1.231.0.min.js
js-agent.newrelic.com/
4 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/metrics-aggregate.78efb4d5-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"25879f97e7abf9cd89e027ff5a41ed81"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
1648
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 20:58:43 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
372
vary
Accept-Encoding
jserrors-aggregate.0b4d6623-1.231.0.min.js
js-agent.newrelic.com/
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.0b4d6623-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"105c0b07033e97d2ad5192f22cd2b7be"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
2863
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 20:58:04 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
360
vary
Accept-Encoding
ajax-aggregate.b0da4738-1.231.0.min.js
js-agent.newrelic.com/
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/ajax-aggregate.b0da4738-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"9a50be0680ff4e93b2870bc5fa243b5e"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
2067
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 20:57:29 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
363
vary
Accept-Encoding
session_trace-aggregate.0938abd3-1.231.0.min.js
js-agent.newrelic.com/
8 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.0938abd3-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"e48f352e197fb565313a4b08e8d2220a"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
3396
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 21:35:56 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
364
vary
Accept-Encoding
page_action-aggregate.42c392aa-1.231.0.min.js
js-agent.newrelic.com/
2 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_action-aggregate.42c392aa-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"127fe6773a93cca9c6fdbb5ff34d7655"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
1036
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 21:34:17 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
364
vary
Accept-Encoding
spa-aggregate.19ebdf8d-1.231.0.min.js
js-agent.newrelic.com/
18 KB
7 KB
Script
General
Full URL
https://js-agent.newrelic.com/spa-aggregate.19ebdf8d-1.231.0.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"b29b6d7f913058268f8d081edc70f25c"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
6902
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 18 Oct 2023 21:36:19 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
377
vary
Accept-Encoding
main.97c41ef3.js
s.pinimg.com/ct/lib/
82 KB
23 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
content-encoding
br
etag
"e1539e83e14f862d3b381b23e74d63fa"
x-cdn
fastly
access-control-allow-methods
GET
alt-svc
h3=":443";ma=600
access-control-allow-origin
*
content-length
23701
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
pinit_main.js
assets.pinterest.com/js/
66 KB
18 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.6676247773273354
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79e9f1410dfcf6f141bae90a3c3195c275ec390f5d35fce5bcba4b4927a1a7e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
X-CDN
cache-control
max-age=300
content-encoding
br
etag
"539011b799990d9851f6350858332e47"
x-cdn
fastly
access-control-allow-methods
GET
alt-svc
h3=":443";ma=600
access-control-allow-origin
*
content-length
18698
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
robots.txt
t.skimresources.com/api/v2/ Frame 6DA4
0
123 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4853186533159233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain
server
nginx
px.gif
p.skimresources.com/
43 B
93 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=7.387345697498474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
image/gif
server
Skimlinks Pixel 1.0
px.gif
p.skimresources.com/
43 B
267 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=7.387345697498474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
image/gif
server
Skimlinks Pixel 1.0
/
r.skimresources.com/api/
192 B
242 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
fb4ead2b7b86443b57b7846344745bf76f82cebed5347155c996123726caf58d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/json
vary
Accept-Encoding
server
openresty/1.21.4.1
simple
api.sail-personalize.com/v1/personalize/
288 B
497 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Deditorial&page=utm_content%3Duk&page=utm_campaign%3D240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD%3B%EF%BF%BD%EF%BF%BD%EF%BF%BDk%2F
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
c1ad27795450dffa2b3ffb530a6a66f36cce98180fe34faa4f5da818066b0b5b

Request headers

x-lib-version
v1.0.1
authorization
Bearer 1e75b3399eb25ed085683b40f2055181
Referer
https://www.refinery29.com/
x-referring-url
https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
accept
application/json
content-type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
pragma
no-cache
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
access-control-allow-credentials
true
allowedorigins
*
expires
-1
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
content-length
196
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/json
vary
Accept-Encoding
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Deditorial&page=utm_content%3Duk&page=utm_campaign%3D240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD%3B%EF%BF%BD%EF%BF%BD%EF%BF%BDk%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.refinery29.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 30 Sep 2024 08:55:22 GMT
b2
sb.scorecardresearch.com/
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7395029&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1727686522182&ns_c=UTF-8&c3=www.refinery29.com&c4=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&c5=&c6=&c15=&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=DE&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&cs_fpcd=1&c7=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&c8=The%2014%20Best%20Products%20To%20Buy%20From%20e.l.f.%20Cosmetics&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

via
1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
PGsoKLnBdikxvxmxkihNGAonWwC-npJwnQBVKjs8TwJSQnWp7G2TAA==
date
Mon, 30 Sep 2024 08:55:22 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
c0321c02a2
bam.nr-data.net/1/
79 B
486 B
Script
General
Full URL
https://bam.nr-data.net/1/c0321c02a2?a=426687434&sa=1&v=1.231.0&t=Unnamed%20Transaction&rst=1793&ck=0&s=be8951ea8c9fa85e&ref=https://www.refinery29.com/en-gb/elf-cosmetics-review&be=410&fe=1263&dc=642&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1727686520401,%22n%22:0,%22f%22:5,%22dn%22:8,%22dne%22:9,%22c%22:9,%22s%22:28,%22ce%22:387,%22rq%22:390,%22rp%22:410,%22rpe%22:435,%22di%22:1052,%22ds%22:1052,%22de%22:1052,%22dc%22:1670,%22l%22:1670,%22le%22:1673%7D,%22navigation%22:%7B%7D%7D&fp=1046&fcp=1046&jsonp=NREUM.setToken
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-expose-headers
Date
timing-allow-origin
*
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
Content-Length
79
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/javascript
x-served-by
cache-fra-eddf8230143-FRA
/
ct.pinterest.com/user/
326 B
675 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612364440876&cb=1727686522198&dep=2%2CPAGE_LOAD
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
3e76191f5df97df86fc9025218fd31b0
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/json; charset=utf-8
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPVpHTXdOelkyWkRjdFlXUTJNeTAwWkRWakxXRmpZbVF0TkRjek1EWm1aREk0TlRRNA
pinterest-version
d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin
https://www.refinery29.com
content-length
185
x-pinterest-rid
8054971960158663
/
ct.pinterest.com/user/
326 B
328 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612364440876&cb=1727686522198&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
279d66f76d5d0c168136df945a7ee70f
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/json; charset=utf-8
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPVl6ZzRaVEppWmpjdE16Z3pNaTAwWVdJNExXSTVZekl0T0daa1pESXdNV05oTlRJMQ
pinterest-version
d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin
https://www.refinery29.com
content-length
185
x-pinterest-rid
9310875107901499
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame C1E2
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.refinery29.com
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 08:55:22 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100176-IAD, cache-muc13953-MUC
30283X1542341.js
m.skimresources.com/widget/code/
33 B
204 B
Script
General
Full URL
https://m.skimresources.com/widget/code/30283X1542341.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.127.138 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.127.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ab978c762fdaa8725c3622bb6b8e777572a384619b8339bd1bf2c7c4c41fc6b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

etag
"65d8a9f4-21"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript
last-modified
Fri, 23 Feb 2024 14:21:40 GMT
server
nginx
link
t.skimresources.com/api/v2/
22 B
378 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
warning
299 - "Deprecated API"
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain; charset=utf-8, application/javascript
server
Python/3.11 aiohttp/3.8.6
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
page
t.skimresources.com/api/v2/
22 B
79 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain; charset=utf-8, application/javascript
server
Python/3.11 aiohttp/3.8.6
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
js
www.googletagmanager.com/gtag/
306 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VFL3LEQ5LG&l=_dataLayer&cx=c
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac54d02a25ae7dfc8f67c69892113e554173984e1fe97271e2ef936a3bc7fca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 30 Sep 2024 08:55:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104591
x-xss-protection
0
server
Google Tag Manager
loader.js
static.anonymised.io/light/
473 B
859 B
Script
General
Full URL
https://static.anonymised.io/light/loader.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
14ca75dc9c800aaf07a86c49084ab186b71d7f2a477e48625c2e89be07b013c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=cJmZUg==, md5=ag1eYo8LCTPNg2v3EMuIHw==
etag
"6a0d5e628f0b0933cd836bf710cb881f"
age
788
x-goog-stored-content-encoding
gzip
expires
Mon, 30 Sep 2024 09:42:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
325
date
Mon, 30 Sep 2024 08:42:14 GMT
last-modified
Wed, 25 Sep 2024 09:20:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljs1Rfe4UfUCTRLjzEapK1TeGfyge5Q_UigudjCCXB-ts9HQ5wY91-Fg7_o6gsUL3x-n7VvAxAdqVA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727256027268146
content-length
325
server
UploadServer
scevent.min.js
sc-static.net/
55 KB
24 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2f9520d26f111f4b056ee632480a08195afc1f8292723db1df90c8cde43e0abf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
private, s-maxage=0, max-age=600
content-encoding
gzip
via
1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
23694
x-amz-cf-id
FZQmDt_Ehff-bPI8A6LgRMTQEU_lQNv9nrkO-zbBRbO4z0ZUR6MhKg==
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript;charset=utf-8
x-amz-cf-pop
FRA56-P9
server
CloudFront
access-control-allow-headers
Content-Type
LNYQtSvzwx.min.js
analytics.tenmges.refinery29.com/yLPPmGQbqD/
103 KB
28 KB
Script
General
Full URL
https://analytics.tenmges.refinery29.com/yLPPmGQbqD/LNYQtSvzwx.min.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-29.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36ad7ddb62991d6a8f22dac6cacb980fc427002e2b57859af88571576256e2ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"d4f422fe5a857f936c0ae846c69e977a"
age
10320
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
JDrO3-l7kZns_Sf8--4QAVRflrWMR0ZOxxr4_KB8BtAz6IgkTloYIQ==
date
Mon, 30 Sep 2024 06:03:23 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 11:48:47 GMT
cache-control
public, max-age=10800
via
1.1 f7bf54ada21ef4f1f7e0646051894136.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
auto-tagger.js
wms-na.amazon-adsystem.com/20070822/GB/js/
0
0

implement-r.js
c.fqtag.com/tag/
0
0
Script
General
Full URL
https://c.fqtag.com/tag/implement-r.js?org=wyyD4RGnhdGTMfWepGLG&fmt=banner&rd=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&rt=display&sl=1&fq=1&p=www.refinery29.com
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 google
expires
0
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
0
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript
fbevents.js
connect.facebook.net/en_US/
226 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4461, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
CWAhc5/pqAPU9d8WxQmL/xO+1K0zTquWrfADL64PKCa9cmdwViviCYfaU0rL0CVBSF4UDwUU65dXavR49K9LNA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?0
vice_7c6d9_refinery29.js
cdn-magiclinks.trackonomics.net/client/static/v2/
119 KB
36 KB
Script
General
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/vice_7c6d9_refinery29.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:1200:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
d08da3992e4d77eafa3d9c1ac3ac57a4ee09804b5d39ab975451cb1af9ed8ceb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
etag
W/"1dabd-5f678f40bc412"
age
44118
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
vHlLrogLg0vmmImb4dCTxmtXyN9ibEglj7jtcnWQbpfYZbE2yP4r8w==
date
Sun, 29 Sep 2024 20:40:07 GMT
content-type
text/javascript
last-modified
Thu, 09 Mar 2023 15:03:54 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop
FRA60-P1
vary
Accept-Encoding
events
direct-events-collector.spot.im/api/v2/
0
0

450-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
51 KB
15 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/450-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19256d0c7f647ac7dfd1e4cd57e90fa207bc3b53b2240584735fe5ea008ef130

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"2c81239fc5eb54fe2072753e86acca03"
x-amz-version-id
h1VqjB96jTnVLACBAzH8OiQBobJ7Y1Tj
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kiad7000151-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
77, 16438
x-amz-id-2
03ACm40fBLNM+ZNKqWljuZd6dPIHo1xnwjefEVfFj472pdzcA+KtnMH57wtkpT7odj/imzmEgXHisvn0ERVJiOQ3Dc6vBvah
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686522.342420,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
H488R306A5N03SCF
accept-ranges
bytes
access-control-allow-origin
*
content-length
14885
server
AmazonS3
x-amz-server-side-encryption
AES256
137-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
152 KB
40 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/137-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd16d1f33373ad008d0e5897e7185fd176fc36bc2505b28e853c2c1d5900f84b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"c9af9a8bd06d376f949c236317a88800"
x-amz-version-id
DMlgi0ggzb_u2UJl5ZpmAdUJFkRflate
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kiad7000139-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
75, 18145
x-amz-id-2
UfCoVYTT6ZMDQlr3YfzOSDmj5OFDq53BXRbny/5zEIPDI0tBUTOrIVCbH8jy4H2gdRJfodglKzMQJx3BrvT3VA==
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686522.342429,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VD5JP38WF5CQFHKH
accept-ranges
bytes
access-control-allow-origin
*
content-length
40648
server
AmazonS3
x-amz-server-side-encryption
AES256
63-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
9 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/63-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8422d6185eb88db7e74dbe210cf91d91a8444d8bc583e43682b029efef0aaf17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"84a0872661b962c2f415b18744e61cd5"
x-amz-version-id
cTF5PXBXBQHO1jW6IhIoF5BZaD5akmqo
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200033-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
67, 15085
x-amz-id-2
ADlXu4zttNZbV58fmMv2bdGBs4O6abAqJjXIqJxEqxS8TUBf+LVb3OpOdeFRCu2xwinNNAqVCjc=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686522.342727,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
9EW49P83BSWR1G47
accept-ranges
bytes
access-control-allow-origin
*
content-length
3058
server
AmazonS3
x-amz-server-side-encryption
AES256
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
31 KB
10 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/initial-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eafd73bf2e1ff78c1a441307c1ea2f1180b5b078bdeb924a5096e1a66fe87255

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"f0b38b83ff58075cabb418451f0854a8"
x-amz-version-id
udRIo96fX72depBFGKAE2PEK0AZ8DqaJ
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100101-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
77, 15853
x-amz-id-2
QwU0gVlt5mmc9rBA4wLM0SfKtFuWHWirS1qUIPtEK+9eH9GJZFPm9QjU6DfeWdBGmY6c0ZKISCc=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686522.342747,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
H488PRFYSBNRS7NZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
9401
server
AmazonS3
x-amz-server-side-encryption
AES256
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/
0
0
Fetch
General
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:ea00:e:cdcc:4380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding, Origin
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
60094
via
1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
0
x-amz-cf-id
okSwRUFZEOUhBb1kDnlQGCDYOxjaraqMEqAyhxRPMeedA_Tbq59xDA==
date
Mon, 30 Sep 2024 01:25:07 GMT
content-type
text/html
last-modified
Thu, 22 Aug 2024 08:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
ads.js
static-cdn.spot.im/production/ads/tags/v22.19.3/ads/
269 KB
79 KB
Script
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.19.3/ads/ads.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21b8cd46744aee7ba46becc2740ec9d24dcea6865622574781d73f92f2ff288a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"6caf12eb71b390ff53d2fa7b9b9b316d"
x-amz-version-id
7lQSrYnkO6dXutm8eRCFTyUSiH6Goykp
age
5367
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Mon, 09 Sep 2024 14:38:13 GMT
x-served-by
cache-iad-kjyo7100060-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
35, 79
content-type
text/javascript
x-amz-id-2
FuIJVwR6g68srebl4D8GSP9VVPg4xX/hYJNFvwK3XO7nkfCGh2UUxIoB4u4HYSgJmZsFFDEEJyIPhTMNpc37n5MCwfpWYnrp
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686522.342735,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
RQFBBHB89VEGPK6G
accept-ranges
bytes
access-control-allow-origin
*
content-length
80604
server
AmazonS3
x-amz-server-side-encryption
AES256
346-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
222 KB
59 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/346-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab651b30a03d6ef88757b92dd46c5c3ae6c446679258eba411b61163443e3db7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"ab9fd44dd9aaba57aab32b28f9a5a067"
x-amz-version-id
YQIknbs6Vku4Co6zqKFzPFlBoB0ZktTl
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200020-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
77, 17178
x-amz-id-2
J0+whnXrLfAVHkMUoQbQPiJ+RmMStJRhC3FO9xEwXIDO/KLbNy03ug/6DUKJXF01UES8esbZ6RM=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686522.342997,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
H48B0396NE2GYH70
accept-ranges
bytes
access-control-allow-origin
*
content-length
60247
server
AmazonS3
x-amz-server-side-encryption
AES256
shell-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
103 KB
23 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/shell-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f280a2e38f285caa8e8e3144daf9e7d8fcc39e5347b6c0b948f8e18773d07571

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"d476611469b9a49b232dcd43be709648"
x-amz-version-id
Ym.BHIrpFp8F8Tje7sjGgq4mlAQBUt01
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100055-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
76, 15825
x-amz-id-2
cyD2TMwcPa/cra33GkC5Z162rMzyNfANhgsSCbkK9V6EGw7J+36NT7vXT1u/dROBj95I7mXlgx9lsuaFC9ehvw==
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686522.359871,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VD5PXMETG35GETVA
accept-ranges
bytes
access-control-allow-origin
*
content-length
23548
server
AmazonS3
x-amz-server-side-encryption
AES256
adsct
t.co/1/i/
43 B
627 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=be3dae86-b510-4ea9-93b7-e77bdc08be5a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ad94c9e7-73e0-4648-860d-ab707656f360&tw_document_href=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tw_iframe_status=0&txn_id=o62x0&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
bec9758d9df5dd38
cache-control
no-cache, no-store, max-age=0
x-connection-hash
4350c1adffa80dfe932097075f7fbc242161d375b47b502ddb41bf70f46409ef
cf-cache-status
DYNAMIC
cf-ray
8cb2fe5d1f8b90e2-FRA
x-response-time
108
content-length
43
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=be3dae86-b510-4ea9-93b7-e77bdc08be5a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ad94c9e7-73e0-4648-860d-ab707656f360&tw_document_href=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tw_iframe_status=0&txn_id=o62x0&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
a9c02e8d499d27fd
cache-control
no-cache, no-store, max-age=0
x-connection-hash
5314e3ebff5c8dc472587b59716b3415baea392ef643cc73a2a26e524073eadf
x-response-time
105
content-length
43
date
Mon, 30 Sep 2024 08:55:21 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VFL3LEQ5LG&gtm=45je49p0v9187798456z8831751480za200zb831751480&_p=1727686521506&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101671035~101747727&cid=841723337.1727686522&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727686522&sct=1&seg=0&dl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&dt=The%2014%20Best%20Products%20To%20Buy%20From%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_ss=1&ep.locale=en-gb&ep.page_type=slideshow&ep.channel=beauty&ep.article_editors=Venus%20Wong%3Awritten&ep.article_topics=Beauty%2CMakeup&ep.article_title=We%20Tried%20%C2%A3123%20Of%20e.l.f.%20Cosmetics%20Products%20%26%23038%3B%20Here%20Are%20Our%20Honest%20Thoughts&ep.page=%2Fen-gb%2Felf-cosmetics-review&ep.social_title=We%20Tried%20%C2%A3123%20Of%20e.l.f.%20Cosmetics%20Products%20%26%20Here%20Are%20Our%20Honest%20Thoughts&ep.social_description=Thinking%20about%20trying%20e.l.f.%27s%20Halo%20Glow%20Liquid%20Filter%20or%20Halo%20Glow%20Blush%20Beauty%20Wand%3F%20Check%20out%20our%20review%20of%20the%20TikTok-famous%20beauty%20brand%27s%20range%20first.&ep.template_type=slideshow&ep.publish_date=2024-09-26&ep.publish_date_and_time=2024-09-26%2010%3A00%3A18&tfd=1921
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.refinery29.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
547 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VFL3LEQ5LG&cid=841723337.1727686522&gtm=45je49p0v9187798456z8831751480za200zb831751480&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFL3LEQ5LG&l=_dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.refinery29.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VFL3LEQ5LG&cid=841723337.1727686522&gtm=45je49p0v9187798456z8831751480za200zb831751480&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=744440846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 30 Sep 2024 08:55:22 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
token_create.js
ct.pinterest.com/static/ct/
4 KB
4 KB
Script
General
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
etag
"16d5d552603d86726ae439fc61299d42"
age
2698
x-cdn
fastly
alt-svc
h3=":443";ma=600
content-length
4103
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame E565
0
0
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 08:55:22 GMT
pinterest-version
d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
2866506971696899
x-pinterest-rid-128bit
25f3f17ce2ee686d27c7e0e7422ca552
/
ct.pinterest.com/v3/
35 B
451 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&tid=2612364440876&cb=1727686522338&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22pin_unauth%22%3A%22dWlkPVpHTXdOelkyWkRjdFlXUTJNeTAwWkRWakxXRmpZbVF0TkRjek1EWm1aREk0TlRRNA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-pinterest-rid-128bit
904d691220666f83111620e89fea049b
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version
d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443";ma=600
content-length
35
date
Mon, 30 Sep 2024 08:55:22 GMT
x-pinterest-rid
1231207731619824
content-type
image/gif
1848526335416978
connect.facebook.net/signals/config/
65 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1848526335416978?v=2.9.169&r=stable&domain=www.refinery29.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1bded7deabc190fda2fe2b646d2fcc241fd10440a702375c22154776409b572a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=74, mss=1232, tbw=67293, tp=62, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
hgyH/ylQoRrEGx7Fhqyu66y9RehfdYYnrd+7KjnhIKGmTQXon86vZaMDzkTz2p3bhgj4NoknUFH/S5WbhaeO7Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13040
x-xss-protection
0
settings
cdn.segment.com/v1/projects/JCMOqbUeKtPxaLHzo7I7PX3hsLneQxVH/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/JCMOqbUeKtPxaLHzo7I7PX3hsLneQxVH/settings
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-148.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8820f4143a7de019e031f352a07493075bcd55dee2393d253bb01239d33e6af3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
XRXWHexx_Qtp89QLd8DfG2FgvFVgq8sG
etag
W/"e8886214a8cbe2cd4b98f23816744f62"
age
34
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
p0EufEVanPe60M0fpU7cfDCDxhiqh4q2ddgSmW0kTE1DKKI4_G9XQQ==
date
Mon, 30 Sep 2024 08:54:49 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 25 Jul 2024 18:51:22 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
bundle.js
static.anonymised.io/light/
130 KB
36 KB
Script
General
Full URL
https://static.anonymised.io/light/bundle.js?v=0.3.17p
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b8d5c95452b721ce8c8604ace1a12ed5ed0cc4bb298cfd699504c29b08a13dc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=qMYVdA==, md5=e2I+/UkXzr/UKRmraAsIkQ==
etag
"7b623efd4917cebfd42919ab680b0891"
age
578
x-goog-stored-content-encoding
gzip
expires
Wed, 30 Oct 2024 08:45:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
36938
date
Mon, 30 Sep 2024 08:45:44 GMT
last-modified
Wed, 25 Sep 2024 09:20:25 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljsUioUCSsOaILUubK8N6z33IRg0AzeByu_Fj_1A6gsY_8hr9I8EBMsd7Buy4hm0DUusETY
cache-control
public,max-age=2592000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727256025685721
content-length
36938
server
UploadServer
932dbb53-dfe6-4009-ab77-21ce3c6ef802.json
tr.snapchat.com/config/com/
101 B
387 B
Fetch
General
Full URL
https://tr.snapchat.com/config/com/932dbb53-dfe6-4009-ab77-21ce3c6ef802.json?v=3.32.0-2409271510
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
97
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/json
server
API Gateway
i
tr.snapchat.com/cm/ Frame DE46
0
0
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=932dbb53-dfe6-4009-ab77-21ce3c6ef802&u_scsid=bbc18989-bad8-41e4-b93b-2861202e2192&u_sclid=4358cd62-6c87-49e1-9fe2-031572e2f60f
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 30 Sep 2024 08:55:22 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1848526335416978&ev=PageView&dl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&rl=&if=false&ts=1727686522395&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=12318&fbp=fb.1.1727686522391.663722556643755444&ler=empty&cdl=API_unavailable&it=1727686522350&coo=false&exp=f0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1328, tbw=2813, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1848526335416978&ev=PageView&dl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&rl=&if=false&ts=1727686522395&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=12318&fbp=fb.1.1727686522391.663722556643755444&ler=empty&cdl=API_unavailable&it=1727686522350&coo=false&exp=f0&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420357110054962115"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420357110054962115", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
ltnKHxz+sT+sePkp2lwYia5jvMiUbn/DpL0KL31B2Y+cn3H5mlHcOj8g2W94vxwNeAJ3hDLPxIl9dvnZVYTJeA==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=3131, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
device-load
api-2-0.spot.im/v1.0.0/
36 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
89083775a105fd1809c0bdc70b8f0bc6f1a66204e3c03573bbd274f7cb06450c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000
access-control-max-age
86400
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
content-length
36
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain; charset=utf-8
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
server
fasthttp
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
sprite.svg
static-cdn.spot.im/production/icons/sprites/
24 KB
10 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"2a4e43326a158b47d0598571fd4099b6"
x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
age
58540
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:22 GMT
last-modified
Wed, 24 May 2023 11:40:02 GMT
x-served-by
cache-iad-kjyo7100105-IAD, cache-fra-eddf8230036-FRA
x-cache-hits
5, 634
content-type
image/svg+xml
x-amz-id-2
Sfi5z29Wk+31T5M8WCtwqQMhIK0Bn92LbxnKAQ8vMAnlaVRp5u04Pjr/kRT5au1HkJwyalddijQ=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686523.513591,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
BC4KC2N95BZKXACY
accept-ranges
bytes
access-control-allow-origin
*
content-length
9456
server
AmazonS3
x-amz-server-side-encryption
AES256
configs
material.anonymised.io/v3/tag/
3 B
144 B
Fetch
General
Full URL
https://material.anonymised.io/v3/tag/configs
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Anon-App-Version
0.3.17p

Response headers

x-request-id
FPKkdKPeYwyoggstgsUDHWbHSEFySXvh
content-encoding
gzip
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/json
vary
Accept-Encoding,Origin
health
aegis.anonymised.io/
2 B
137 B
Fetch
General
Full URL
https://aegis.anonymised.io/health
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Anon-App-Version
0.3.17p

Response headers

x-request-id
mUZDFOXxFoCYaCQxzyfLogsrFLmnPgOH
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
2fa7c0a0689060cb199d35ec22d6939f
css2
fonts.googleapis.com/
11 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59395593630c937c765fce293bbd3e71a559a4345cc953df838211190de07571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 08:55:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 07:04:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
t
api.tenmges.refinery29.com/v1/
21 B
269 B
Fetch
General
Full URL
https://api.tenmges.refinery29.com/v1/t
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.10.98.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-98-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.refinery29.com/

Response headers

Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://www.refinery29.com
Content-Length
21
Date
Mon, 30 Sep 2024 08:55:22 GMT
Content-Type
application/json
Vary
Origin
Connection
keep-alive
configs
material.anonymised.io/v3/tag/ Frame
0
0
Preflight
General
Full URL
https://material.anonymised.io/v3/tag/configs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anon-app-version,content-type
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
anon-app-version,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
allow
OPTIONS, GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-request-id
wkFMhiJauBCCQrVIDYwITFiEPtdxeGQZ
health
aegis.anonymised.io/ Frame
0
0
Preflight
General
Full URL
https://aegis.anonymised.io/health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.217.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anon-app-version,content-type
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
anon-app-version,content-type
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://www.refinery29.com
allow
OPTIONS, GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 30 Sep 2024 08:55:22 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
803b089208a5c6aee762af8e0868ff6f
x-request-id
vheYKUdYMxPsEPiwekALiQCXPoUbiDTD
p
tr.snapchat.com/
0
15 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 30 Sep 2024 08:55:22 GMT
server
API Gateway
collect
material.anonymised.io/metrics/ Frame
0
0
Preflight
General
Full URL
https://material.anonymised.io/metrics/collect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anon-app-version,content-type
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
anon-app-version,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
allow
OPTIONS, GET, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:22 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-request-id
sAXNTwETEEAfBSzRbtrktwOvgmoBTXoI
collect
material.anonymised.io/metrics/
5 B
45 B
Fetch
General
Full URL
https://material.anonymised.io/metrics/collect
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.250.57 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
57.250.117.34.bc.googleusercontent.com
Software
/
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Anon-App-Version
0.3.17p

Response headers

x-request-id
NFOjBIFzfmNcmPIwStgDDMQkkCEomhPa
content-encoding
gzip
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
application/json
vary
Accept-Encoding,Origin
p
tr6.snapchat.com/
0
192 B
Ping
General
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7628:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 30 Sep 2024 08:55:22 GMT
x-envoy-upstream-service-time
0
server
API Gateway
c0321c02a2
bam.nr-data.net/events/1/
24 B
345 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/c0321c02a2?a=426687434&sa=1&v=1.231.0&t=Unnamed%20Transaction&rst=2402&ck=0&s=be8951ea8c9fa85e&ref=https://www.refinery29.com/en-gb/elf-cosmetics-review
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://www.refinery29.com
Content-Length
24
date
Mon, 30 Sep 2024 08:55:22 GMT
content-type
image/gif
x-served-by
cache-fra-eddf8230027-FRA
entry$11478122
api-2-0.spot.im/v1.0.0/config/ab_test/sp_8qxEpddu/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_8qxEpddu/entry$11478122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 30 Sep 2024 08:55:23 GMT
server
fasthttp
entry$11478122
api-2-0.spot.im/v1.0.0/config/ab_test/sp_8qxEpddu/
164 B
811 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_8qxEpddu/entry$11478122
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
dcefe47c37b1606f8c2f07fe2500c08ece8a86495ed10d5903e1a85f41650638

Request headers

Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-max-age
86400
x-request-id
ba8590c6-7f09-11ef-b67f-96eaf6523a60
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
content-length
164
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/json
server
fasthttp
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
v3
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_8qxEpddu/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_8qxEpddu/v3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
date
Mon, 30 Sep 2024 08:55:23 GMT
server
fasthttp
v3
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_8qxEpddu/
28 KB
4 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_8qxEpddu/v3
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
8cfb7e7f5b3c8f288b75cc0a9a78887117ab71bb3cc78f0af72fc0470044f346

Request headers

x-access-token
null
x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-guid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
ba85bf2a-7f09-11ef-9326-66ed74c65bd5
access-control-expose-headers
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/json
vary
Accept-Encoding
server
fasthttp
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
p
tr.snapchat.com/
0
15 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 30 Sep 2024 08:55:23 GMT
server
API Gateway
/
log.pinterest.com/
0
254 B
Image
General
Full URL
https://log.pinterest.com/?type=pidget&guid=7M9pKCNXFp2Y&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=de&nvl=de-DE&via=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&viaSrc=canonical
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
86400
x-pinterest-rid-128bit
59bb0a067944d7a0d6f41959a9e095dc
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
x-cache
MISS
date
Mon, 30 Sep 2024 08:55:23 GMT
x-served-by
cache-fra-etou8220102-FRA
x-cache-hits
0
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-timer
S1727686523.205917,VS0,VE27
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-pinterest-rid
1548903289132683
server
envoy
720-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
44 KB
13 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/720-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bebdff9a8d14a584340d840172e79de24abef6002d3ee18f155d108d9b62039

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"f4f692b363e97998fb675ec2b7c74c41"
x-amz-version-id
Snb0YJxPH6RHNFG1HDUUg5Ps_9H2R8f4
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
85, 12038
x-amz-id-2
3FEnhE2O1UpAi81Lka3aAHZaynotGNWrJcrZcJIRuWnHR2WF1qZBAebXff8hQ4HVQNY2Jcs7flQ=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686523.345685,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXNA8E3D5MY4F1Q
accept-ranges
bytes
access-control-allow-origin
*
content-length
12724
server
AmazonS3
x-amz-server-side-encryption
AES256
765-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
324 KB
81 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/765-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cb5bb12f14018bbe44f2718091ebf346bd74dad71fd986ec8ed23443172b8cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"069fa1ee574e06f81e2c962b84a8f878"
x-amz-version-id
l1H6AmJu_nmUtXXcxfvJ1gL._ZcV3vfd
age
863823
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200158-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
84, 13004
x-amz-id-2
RekhdumKlyj9Qz9QaU85JPkPtZang6zHar+9CpEnpS3I19j1H3rYAWYQal2draMQ90dzL0Js3Pw=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686523.345816,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXHX2VF8KM3PJ66
accept-ranges
bytes
access-control-allow-origin
*
content-length
82125
server
AmazonS3
x-amz-server-side-encryption
AES256
714-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
5 KB
2 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/714-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c933b27d7336ddfbf60583d2f6aeb5e2d4ac5aa9d006aa07b3f9157de998f1de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"c9e7a5f2e30ae2bffcf57980781c61ab"
x-amz-version-id
G5uJWDnAb1NUa7Eeq7TBAJLsBlZFpk7q
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100109-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
84, 11746
x-amz-id-2
HS42swIHNLITRR5m3XS46CVo17OO1GHCWEIeS2vvZAaiO3RcHVmGdce0fJiXJSZDWtwQ26UFVr0VBG+n8dOLwf8iK30anyCsL5IWjg05S/I=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686523.345795,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXNSYS6TYB07G5G
accept-ranges
bytes
access-control-allow-origin
*
content-length
1776
server
AmazonS3
x-amz-server-side-encryption
AES256
sp_8qxEpddu
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_8qxEpddu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 30 Sep 2024 08:55:23 GMT
server
fasthttp
x-cache-status
Bypass
authenticate
api-2-0.spot.im/v1.0.0/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Access-Control-Request-Method
POST
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 30 Sep 2024 08:55:23 GMT
server
fasthttp
strict-transport-security
max-age=31536000
sp_8qxEpddu
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/
25 B
755 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_8qxEpddu
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

x-cache-status
Miss
access-control-max-age
86400
x-request-id
bab0ef9b-7f09-11ef-9fe2-6a8b15d8d188
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-cache-key
af5963e69e344a4b4d9785678ee70b43e73d860794e170732cb03bc361459e6f
access-control-allow-origin
https://www.refinery29.com
content-length
25
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/json; charset=utf-8
server
fasthttp
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
authenticate
api-2-0.spot.im/v1.0.0/
397 B
3 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
ca5b3049da362eb6cd5de082302797d42f568ef1882554832c0715d33c9ae026
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bab0fe18-7f09-11ef-80bc-cec0ca24e28a
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-spotim-networkid
spotim
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
access-control-allow-origin
https://www.refinery29.com
content-length
397
x-spotim-token
012409309O0UKM.c2054f7c2babe3c7ffb227953481f8e7bff838763a2215fef82afa9427ac0506
server
fasthttp
with-all-vendors-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
28 KB
8 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/with-all-vendors-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
664ea793b11d14b85e39c167d3404271735a2bae369aa89881c3dbb62510f9b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"9ef2bef2665c676643d3d3d8a87f79bc"
x-amz-version-id
4dWGcvlA20DJT55RzQ.ZE.xcBF6izrX8
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
application/javascript
x-served-by
cache-iad-kiad7000159-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
84, 11864
x-amz-id-2
5uDe1pecg8l2Cznq+0XW2QgkCx+lJHd2y9UbAFb99HgPxdWgayoIWcJDyAQtyEfd+AY9f2zxBuo=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686523.367094,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXTJMCNZ760QQKX
accept-ranges
bytes
access-control-allow-origin
*
content-length
7839
server
AmazonS3
x-amz-server-side-encryption
AES256
notifications-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.33.0/
9 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.33.0/notifications-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0feac81d322833d855ff54fba980e2cbbaad89d6f5e60a1d6c64e1c501852fbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"9c1cbf42b1379a3f01cf48a15124dd7a"
x-amz-version-id
OpbQhxUoghEV3TDDIK3mTgxgkiEdwfPW
age
74019
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 05 Sep 2024 10:37:32 GMT
x-served-by
cache-iad-kjyo7100133-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
159, 822
content-type
application/javascript
x-amz-id-2
+fyx9N3gPIt7onsKmnPSo2FdVcTViNs1EaLy5PBw7FvfMLVE8gxH3bUr4ymu5gMXeVk11XyLO74=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686523.372726,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
DZJSAKGRJ720Y0SZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2863
server
AmazonS3
x-amz-server-side-encryption
AES256
src_next_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.33.0/
4 KB
1 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.33.0/src_next_index_tsx-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cfdc32b795c426f373583227ec3a6444a8f91169fc2508c2fb24989cc13c43d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"5d7154008e854d46b3d25122b50d31aa"
x-amz-version-id
VuZS9QdqTZk0DM5G4SyA2hz2nSsrrLX_
age
54234
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 05 Sep 2024 10:37:32 GMT
x-served-by
cache-iad-kiad7000038-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
1, 34
content-type
application/javascript
x-amz-id-2
inh/MFqLi9+jB9HuLpAY/HszeNhe8wM8k1vQpa5GncNeNAg0O/yFCvqqBrKH3QgFsdug5HIfmVw=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686523.427604,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
DZJW40YF2XHP6T8N
accept-ranges
bytes
access-control-allow-origin
*
content-length
1052
server
AmazonS3
x-amz-server-side-encryption
AES256
pixels
pix.spot.im/api/v1/
0
128 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.208.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-208-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
content-length
23
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/json
vary
Accept-Encoding
reactions-bundle.js
static-cdn.spot.im/production/reactions/tags/v4.8.0/
10 KB
4 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.8.0/reactions-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27414ea251d106225537a6983ca7dec9260034db8e4926032d1313030f2c14f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"32de22afeae1c2febeb4e4d4b0d6b9c5"
x-amz-version-id
hOJEP84XTl8bu30_Xe38QIaZ5e9kWW1A
age
77520
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 25 Jul 2024 10:40:22 GMT
x-served-by
cache-iad-kjyo7100112-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
57, 119
content-type
application/javascript
x-amz-id-2
OOiUFLa/zU4jZfDzJkMhIf420r7HBB6IU+BTU3uhvXNJJv0TMGbh5PtqUPbDFrSYrG5YbVR+69vaOIEFgHmxwjL74vcMhwUtRM598GNwsvI=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686523.463054,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
39WABTFR3GSBADFC
accept-ranges
bytes
access-control-allow-origin
*
content-length
3440
server
AmazonS3
x-amz-server-side-encryption
AES256
popular-in-the-community.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/
165 KB
54 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/popular-in-the-community.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3e573254f95ff9a37e8b3b91cbee1b95df6171ee1935869d240b9a2b498e5da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"6f81ea90a4861d6247fe5d2cfa945067"
x-amz-version-id
XkMUfrYy7kyDhxoxtggfBMYECTKPadEs
age
82732
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Wed, 13 Mar 2024 13:04:09 GMT
x-served-by
cache-iad-kjyo7100029-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
36, 71
content-type
application/javascript
x-amz-id-2
wc577cYzs44dI4X3ugkWijgWAoYGF1+Jznn8bkbvYXrBb/BKVu9aCpZdVnbuhzg8zkNHT9h50am0JTqn6wwvbSHPkPDP7QT0zvGMfUANysw=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686523.463063,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
WJ7CYVXTKVCS8TRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
54584
server
AmazonS3
x-amz-server-side-encryption
AES256
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
50 KB
15 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/conversation-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2735444e3ad514ca327cca9f0177c04ffbced1b2612a201f3d1c152f95cce3a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"f634849feb45441a7df3855d7ba9535c"
x-amz-version-id
PIWSuewqNRHnwvF4nZ.M6GPkeqtdkqG0
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200178-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
82, 6729
x-amz-id-2
Y8skE1gyq6lWFsmE1NT8/ZhqB3AKxRPlStQigZ4xs1WcrhwH2lRmKUMkbMsfuA4OLq90qrp0INk=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686523.463197,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXNSWA58SRVBC1Q
accept-ranges
bytes
access-control-allow-origin
*
content-length
15531
server
AmazonS3
x-amz-server-side-encryption
AES256
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame D90B
16 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.19.3/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c2dfe6e5ac215728c72b90926e35a22da1e6a5424094bb20d80bc78c5280f03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
q8RQlonTyYcX33fZYwXu1WFW7Nu8tlZj
etag
W/"f2cb174a2a3ae8a763fd6c650b4ce0c5"
age
1921
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Oe6vvTcVdAIkv1UpPmsX7lUk_6CgMhmrek1AdJGtj1b4J1Rl-mL60Q==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 17:37:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
hb_270443_6630.js
player.spotim.market/prebidlink/760577567708/ Frame D90B
2 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/760577567708/hb_270443_6630.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf800886dd4845d29fc5de388363642218fa7236665cd984414a4a2a1607a9e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f6cd17-625"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
MISS
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 15:19:51 GMT
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D90B
107 KB
32 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b02428d357bda2001de83fb8d4f693592f0348d9f8fd6adb1700ad5bcea20357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
etag
189 / 19996 / m202409240101 / config-hash: 15645164353668175460
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 08:55:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33240
x-xss-protection
0
server
cafe
wrapper_hb_270443_6630.js
player.spotim.market/prebidlink/760577567708/ Frame D90B
3 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/760577567708/wrapper_hb_270443_6630.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
72bfc1d7ca2927ca0e966143da567506e1347e02dd8cda77c778710415ea532e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f6cd17-a0f"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
MISS
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 15:19:51 GMT
server
nginx
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.refinery29.com
Referer
https://fonts.googleapis.com/

Response headers

age
352518
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 07:00:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 07:00:05 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame AF8A
16 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.19.3/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c2dfe6e5ac215728c72b90926e35a22da1e6a5424094bb20d80bc78c5280f03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
q8RQlonTyYcX33fZYwXu1WFW7Nu8tlZj
etag
W/"f2cb174a2a3ae8a763fd6c650b4ce0c5"
age
1921
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Oe6vvTcVdAIkv1UpPmsX7lUk_6CgMhmrek1AdJGtj1b4J1Rl-mL60Q==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 17:37:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
hb_270443_6630.js
player.spotim.market/prebidlink/479912/ Frame AF8A
2 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/479912/hb_270443_6630.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bf800886dd4845d29fc5de388363642218fa7236665cd984414a4a2a1607a9e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f6cd17-625"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 15:19:51 GMT
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AF8A
107 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b02428d357bda2001de83fb8d4f693592f0348d9f8fd6adb1700ad5bcea20357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
etag
189 / 19996 / m202409240101 / config-hash: 15645164353668175460
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 08:55:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33240
x-xss-protection
0
server
cafe
wrapper_hb_270443_6630.js
player.spotim.market/prebidlink/479912/ Frame AF8A
3 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/479912/wrapper_hb_270443_6630.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
72bfc1d7ca2927ca0e966143da567506e1347e02dd8cda77c778710415ea532e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f6cd17-a0f"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 15:19:51 GMT
server
nginx
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/
3 KB
957 B
Image
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/ec24cb303220fcfc94f8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"2fb4c511e325b1064ff9babf599fbcee"
x-amz-version-id
h7FDCcVB0oIonTHi46E4aR0BMtGF75Qk
age
438299
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 07:59:52 GMT
content-type
image/svg+xml
x-served-by
cache-iad-kiad7000153-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
74, 5936
x-amz-id-2
RJMHvxkfzhkVzllqVNLplorU+ytpoHwc7RBKzAkVmlJTP80sqGaTeAlVGkmVkT1DYqrK+xwle4c=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.502633,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXNKMGZQYWHY6RW
accept-ranges
bytes
access-control-allow-origin
*
content-length
549
server
AmazonS3
x-amz-server-side-encryption
AES256
ad-choises.png
publisher-assets.spot.im/yad/
4 KB
5 KB
Image
General
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:ea00:e:cdcc:4380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding, Origin
etag
"643378ef8a85df26380de21f9beb58ba"
age
31005
via
1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
4550
x-amz-cf-id
w22_lTa32-DyK6ZLxb10_QG2WkDD2jvHh7Bt03mOE2XYJOj9E1Ps4g==
date
Mon, 30 Sep 2024 00:18:39 GMT
content-type
image/png
last-modified
Thu, 22 Aug 2024 08:30:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.33.0/
264 KB
73 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.33.0/vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e66b0cf46fd5b859ffe1dca65988cf01c4c2dbc0c7d955c80efea9e2c221828c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"58b2b2f0dec34448f0b278052aec4cd1"
x-amz-version-id
XX8ESfNIEsSzrs3p11h607K77jMbwpy3
age
60151
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 05 Sep 2024 10:37:32 GMT
x-served-by
cache-iad-kiad7000171-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
159, 608
content-type
application/javascript
x-amz-id-2
12DFYU3MxgDV7/Y86REiLOXyJF0C7lXXAY4XHDVNLLNDn0FoA2hOAn5+x4BuY36yEWAgBID9Cj9YFlT+YDbj3oshphWXERkXek6JspFdBEM=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.518431,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VAE408ZVJREEQ5FH
accept-ranges
bytes
access-control-allow-origin
*
content-length
74551
server
AmazonS3
x-amz-server-side-encryption
AES256
src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-279477-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.33.0/
56 KB
14 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.33.0/src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-279477-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e996f787ec1fc3de2ed8741380926113f912b10ee646f5b7e2d4065e23a659a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"eaa53bf23e0e476646a98c01a0b33f8f"
x-amz-version-id
v84Dc2W7P.fxitsS1k53Ho6vYuhxtPeW
age
85797
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 05 Sep 2024 10:37:32 GMT
x-served-by
cache-iad-kjyo7100165-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
159, 2725
content-type
application/javascript
x-amz-id-2
TveVv2UkfKR+LyQQuOEfuHXPbKI153T8RlbTqVKWHRce0zl4s0DTDhvhF+2GpG+SquPrPuI2srA=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.518569,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VAE2BCM8T0ETDBQ0
accept-ranges
bytes
access-control-allow-origin
*
content-length
14278
server
AmazonS3
x-amz-server-side-encryption
AES256
src_components_StickyNotification_ActionContent_ActionContent_tsx-src_components_StickyNotifi-b290dd-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.33.0/
18 KB
5 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.33.0/src_components_StickyNotification_ActionContent_ActionContent_tsx-src_components_StickyNotifi-b290dd-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab692ebd1fc9f40badebf9c37e1f2b4857db1c9c05e38675fbe44a129561b5e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"11581d91ccea40b3deb7ce3788dd6144"
x-amz-version-id
VRCtttVZwdwXDqRk55y3WYFlshXoe3oA
age
140126
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 05 Sep 2024 10:37:32 GMT
x-served-by
cache-iad-kjyo7100074-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
159, 2126
content-type
application/javascript
x-amz-id-2
+JsM3XN0mSeIcMzu+1GojftMMfbqVvzJIFUUxsMpBJeZQ8ptqrUEWZaf/NU1M4nfR0wrgxmvc3g=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.519011,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VAEBETR504ATGY7P
accept-ranges
bytes
access-control-allow-origin
*
content-length
4275
server
AmazonS3
x-amz-server-side-encryption
AES256
src_next_features_BootStickyNotifications_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.33.0/
8 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.33.0/src_next_features_BootStickyNotifications_index_tsx-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0950a1f69cc36f07199cbd0a7e9b8540451465f93c4f52a5103252e762d62996

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"1c29971a7f38dc54580bdcc9c2718dda"
x-amz-version-id
YyrqJKGVIrGICbBvFrVYtxxgoV2_BKCE
age
94589
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 05 Sep 2024 10:37:32 GMT
x-served-by
cache-iad-kjyo7100077-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
1, 2049
content-type
application/javascript
x-amz-id-2
1Z+m+w35EAGQIL7FRE3HMBwvwWAx4YMFheDc3/TGkwwUqBW8qsgciKU5aavsK1z2IXrXrXQp9Ms=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.519009,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VAE4JPG1KSDW2DRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2465
server
AmazonS3
x-amz-server-side-encryption
AES256
styles.css
static-cdn.spot.im/production/notifications/tags/v1.33.0/
238 KB
16 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.33.0/styles.css
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39f2e002690dba29d4b3c801ba01944089115cf8820f5124ea12bad71e9162c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"28fe317f2a045efa44176047c98f5710"
x-amz-version-id
4lKjbdFV.F2XGxJeIvN9fEhsMKnCNM1u
age
83711
access-control-allow-methods
GET,HEAD
x-cache
MISS, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 05 Sep 2024 10:37:32 GMT
x-served-by
cache-iad-kiad7000080-IAD, cache-fra-eddf8230036-FRA
x-cache-hits
0, 121
content-type
text/css
x-amz-id-2
+kYuhy7Cum65KzJ1m+OAiLP0sBhakGoM8DhNnPwHpce70K0ga5QyhHKLfrG8p3MvbqsefIvjROQ2hxyypcDmbIPMLcZzk8JY
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.519245,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
A7C4R2EZHYE82MMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
16506
server
AmazonS3
x-amz-server-side-encryption
AES256
pixels
pix.spot.im/api/v1/
0
127 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.208.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-208-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
content-length
23
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/json
vary
Accept-Encoding
vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
static-cdn.spot.im/production/reactions/tags/v4.8.0/
154 KB
46 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.8.0/vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41d8dd3122cfbd196e82467c42bf43c43b5a85f08d66e7134f60a88d332254f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"d1274fd584dcd8967fe76918e21e0b93"
x-amz-version-id
zuo5rUcxczoOoAMgKH5hxWdp1MNAfsNx
age
159369
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 25 Jul 2024 10:40:22 GMT
x-served-by
cache-iad-kjyo7100066-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
50, 146
content-type
application/javascript
x-amz-id-2
sJIJGuvxqKv0w4tGuUwZM7D/G6S4hJ5/rypxxtT6Ly8LiqH6jRyMfv2lsRdU4iQDIofSCrjJZFs=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.527598,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ES5X1NKBA571C5MF
accept-ranges
bytes
access-control-allow-origin
*
content-length
46947
server
AmazonS3
x-amz-server-side-encryption
AES256
src_components_App_App_tsx-src_state_store_ts-src_utils_getConfig_ts-src_utils_scrollToReacti-21c945.js
static-cdn.spot.im/production/reactions/tags/v4.8.0/
35 KB
10 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.8.0/src_components_App_App_tsx-src_state_store_ts-src_utils_getConfig_ts-src_utils_scrollToReacti-21c945.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4e90a49be549d9e7d663c3b2b5147d04449f0efed1174cfdf1d048368cbd48f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"036fded8e706affbc447da476a8547eb"
x-amz-version-id
YPLXhPY8EnNuQJp8C1DODzS4NtgXT5A0
age
92924
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 25 Jul 2024 10:40:22 GMT
x-served-by
cache-iad-kcgs7200164-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
57, 46
content-type
application/javascript
x-amz-id-2
fCqsMF2ZKd9PNhEXV/dLBt4foyFYXxwykrT17UlmjDGWyzuC50Vtnmfu2hqaB9V/WiJeAv/4MnQ=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.527768,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ES5HV6FTNTFQY77A
accept-ranges
bytes
access-control-allow-origin
*
content-length
9456
server
AmazonS3
x-amz-server-side-encryption
AES256
src_boot-next_tsx.js
static-cdn.spot.im/production/reactions/tags/v4.8.0/
5 KB
2 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.8.0/src_boot-next_tsx.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
429c468e04f866ee69773dd2d66d9b0ff372c200bfe1d7a7b58eb0f0e4c8dcfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"04b46b5ebf54a0d5dd28b8507189159e"
x-amz-version-id
E3y8NejkHMuFfYJwVNC1G2gyEmrxIvUW
age
71984
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 25 Jul 2024 10:40:22 GMT
x-served-by
cache-iad-kcgs7200067-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
57, 124
content-type
application/javascript
x-amz-id-2
AET3LTKL569r+LQJDbEuHc/YJ7GTB4jO/FER0ainjO1ol5DosNZnNXlNOHQhabtYpVuesIRYLbE=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.527754,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ES5MQ8RWQHACVZDB
accept-ranges
bytes
access-control-allow-origin
*
content-length
1903
server
AmazonS3
x-amz-server-side-encryption
AES256
styles.css
static-cdn.spot.im/production/reactions/tags/v4.8.0/
112 KB
11 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.8.0/styles.css
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0879fcaba8016e53140269c53c1a7741110771e68e21326b479acfd205c84b01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"5c0954e8757f2fedab93ab4e9e5a62c6"
x-amz-version-id
7zq8DV9nWgrmMH33D6xgD8jiHl49kNQ2
age
147042
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 25 Jul 2024 10:40:22 GMT
x-served-by
cache-iad-kcgs7200089-IAD, cache-fra-eddf8230036-FRA
x-cache-hits
15, 166
content-type
text/css
x-amz-id-2
WonoCw4sSZd6CWoPaK/rmse00rQ9Y4UeSwx3zpm5O+vqOnSgFZtHv0Dcxi4QffpTOuk/GntHv+YR1CrM88DOpNSn5oVi51H8xGi3Y0C6+ec=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.527985,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
KRK5S1E25VR1Q9YF
accept-ranges
bytes
access-control-allow-origin
*
content-length
11050
server
AmazonS3
x-amz-server-side-encryption
AES256
styles-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
41 KB
6 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/styles-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b3e8984d410359941d540deeaebf3106843dd8c75a8a8ef07ba2aae3d75aec4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"66e19c46408410824ade6be6eab87080"
x-amz-version-id
Qs_FzaXFuatT3d_XnUzzH2A5XQvQBc_9
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100116-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
82, 6508
x-amz-id-2
ryQilo242D++tXwn4e1BV5OMfi7WODiZDXcaikagzQxcq0V5FrWABCqzX43F+NgoA4PaC2nUmNs=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.535348,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXNE5600K1G0T5Y
accept-ranges
bytes
access-control-allow-origin
*
content-length
6148
server
AmazonS3
x-amz-server-side-encryption
AES256
vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
381 KB
93 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c2b703ac31c50ee544d925d2b7b017f8902c2908c3ef8096762812087b98d0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"f85eceeb7015512db8b8533a4409d59a"
x-amz-version-id
y6lRzncvTDRqkF9lwWHKCEBjxRxWBCQl
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100075-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
82, 7805
x-amz-id-2
2g2Ly+uP7HyuBQW6ej36bfT36+Jig42H6d8Sb7J0NgyTyj8EGXV9/vI2Avs4lYJWS+atZLhe18E=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.535666,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXVHMFD1SQ4H39E
accept-ranges
bytes
access-control-allow-origin
*
content-length
95089
server
AmazonS3
x-amz-server-side-encryption
AES256
vendors-node_modules_spotim_richie-editor_dist_richie-editor_esm_js-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
634 KB
161 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/vendors-node_modules_spotim_richie-editor_dist_richie-editor_esm_js-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ad88c87af5fd5dfae6220c118cb871eda074169bbf262938bd339c8448a7675

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"5588b9c6ae8dc9daa8b7793e09b3ab3d"
x-amz-version-id
LEMXc.034pJDuWimDh03V4nHbUSFuoJB
age
863823
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100058-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
87, 15
x-amz-id-2
fLKdpPf4pe7vVi8n2NFf2M4gSg9DP+k/3HskcAEf1wEDueclt4yvKMLfFank7yHb6Wz2XcD1Ydc=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.535655,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXVQKW4YR1KPPKS
accept-ranges
bytes
access-control-allow-origin
*
content-length
164383
server
AmazonS3
x-amz-server-side-encryption
AES256
app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
149 KB
40 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a061ecfb7dee9303f28b0b8f05110cb2425c0fcb3aeaf9435f64a4b83e36e91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"956d6af9d39f5428351bb49b24fa098c"
x-amz-version-id
N6de6S4s4O51W33jBrjFiFMP6N8kGrsY
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kiad7000077-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
82, 6986
x-amz-id-2
k9Vn/+9XM/ftvd0KcjNxvcFxFvDnM48ATO7sSynJkFx2Y/fVfkLjg4GL1rRxlq/3VpBtH9jofNlHSvr3daVEZktvgs5cQY69vuyPljGDjmw=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.540676,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXTFPY4K4D4QGXF
accept-ranges
bytes
access-control-allow-origin
*
content-length
40105
server
AmazonS3
x-amz-server-side-encryption
AES256
app_conversation_initialize-store_ts-app_conversation_services_legacy_scroll-to-comments_ts-a-269b0f-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
34 KB
11 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/app_conversation_initialize-store_ts-app_conversation_services_legacy_scroll-to-comments_ts-a-269b0f-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40c0177e5862f636a3366a27ebf7d779a7cc297527f666775752d6e5b935d754

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"b89f4462a2952ea0b1967469be21e982"
x-amz-version-id
LFn5rv9ZDZjY6OaNCUG54baGVbMOp7p1
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100114-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
54, 6589
x-amz-id-2
Pj+gG5Z0eqzHaECulhCv3BXWVg90M9Oyu1o7pYz4stXi0ftLMNCrmm5htyU96KjqykLmHSKWkTjoQwuLSlKFF2I+bzrsFgJBbAKfq8U/DF4=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.540690,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXK236QSS72TCM1
accept-ranges
bytes
access-control-allow-origin
*
content-length
10938
server
AmazonS3
x-amz-server-side-encryption
AES256
conversation-boot-next-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
14 KB
5 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/conversation-boot-next-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3270e5c7424325b3910ea21448ea6804ec1e5c560bc4ac50f633f9b8ffba46a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"5ecfd15739a474c9dd95a01f4cbccb35"
x-amz-version-id
19ceNxCEZ.sxsaYj1dFP1dPfHfmDRLl7
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200084-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
82, 6473
x-amz-id-2
doo6wjHpIXNkEz2ajxCzL0f7/K/dfxHd6MqOe1cCQWCqqMacj4jS3HRfixO3VvMHRTE9GlZAAKr2NP6N9vipnYYlOw/pIgxP
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.540645,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
ZGXG343AJTA9PRJN
accept-ranges
bytes
access-control-allow-origin
*
content-length
4410
server
AmazonS3
x-amz-server-side-encryption
AES256
styles.css
static-cdn.spot.im/production/conversation/tags/v3.106.0/
675 KB
39 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/styles.css
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5f579f78deb453ebba4f33ed8b11136a886deda01fa9441ea260a687de47312

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"b07cb502ea1c22f513a8438a07d8159d"
x-amz-version-id
w348YiWgpkmqfchCimYalLl8KHEUeVAk
age
438239
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
text/css
x-served-by
cache-iad-kcgs7200083-IAD, cache-fra-eddf8230036-FRA
x-cache-hits
11, 6064
x-amz-id-2
xx6sUEHAq6SDIDfhVj0OlHRlK8GqzoNSvtf9XqIBKLzHZBMRqV9QBZduooExTC/KEJVN1Vf8cp8=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.535638,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
A43Q37D75K5SFXHK
accept-ranges
bytes
access-control-allow-origin
*
content-length
39971
server
AmazonS3
x-amz-server-side-encryption
AES256
pitc-boot-next.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/
14 KB
6 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/pitc-boot-next.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a4590b824fb6f8d43f7d21d87206676ab548a6d57d65d25410ef42fef8d0a0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"467962a11c80e7f3ac1e317b205354a2"
x-amz-version-id
SS5snlK4AlluCIFtW7yt18WxXKG5WbTF
age
91090
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Wed, 13 Mar 2024 13:04:09 GMT
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
36, 240
content-type
application/javascript
x-amz-id-2
RqBlZvzJ7cQlD4stwGEd3ydU5ha2xwhJmYVvzsFIf1kRTDpploB/9G7gE0BAeEezMUc0XFGe0eg=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.547383,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
A3NCW7AXSMXXWF83
accept-ranges
bytes
access-control-allow-origin
*
content-length
5336
server
AmazonS3
x-amz-server-side-encryption
AES256
player.js
player.aniview.com/script/6.1/
47 KB
17 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
be9f103d9adc96a399c3c47c806b1a99e70ea8b560924f0e51bdedda922478f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

x-goog-metageneration
2
Access-Control-Expose-Headers
Content-Type
Content-Encoding
gzip
x-goog-hash
crc32c=KeBXyQ==, md5=XR75NIZ6VU5HYC/HGkCZIw==
ETag
"5d1ef934867a554e47602fc71a409923"
x-goog-stored-content-encoding
gzip
Expires
Mon, 30 Sep 2024 09:10:23 GMT
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
16444
Date
Mon, 30 Sep 2024 08:55:23 GMT
Last-Modified
Thu, 26 Sep 2024 13:55:56 GMT
Content-Type
text/javascript; charset=UTF-8
Vary
Accept-Encoding
X-GUploader-UploadID
AD-8ljsVpKMKrb0M0TiM0TTnw8otFcXvfu92Mn_09U1Hd-ZGI_GiStEotcqrNJasRz1ey4gEk5o
Cache-Control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-goog-generation
1727358956865596
Content-Length
16444
Server
UploadServer
track
track1.aniview.com/
0
169 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=61fc06c32ddbaf55f57fd628&e=playerLoaded&cb=1727686523536&r=https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Mon, 30 Sep 2024 08:55:23 GMT
track
track1.aniview.com/
0
168 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6284bc9a6cef1100a45979c6&e=playerLoaded&cb=1727686523538&r=https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Mon, 30 Sep 2024 08:55:23 GMT
hbp_master_270443_6630.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame AF8A
449 KB
142 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/479912/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b9c010e2daf38cfceee7fffc891dde7eabf6675400ed291de865f35826d7166b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f2b7d9-702a6"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Sep 2024 13:00:09 GMT
server
nginx
hbw_master_270443_6630.js
player.spotim.market/prebidlink/E-uEd/ Frame AF8A
316 KB
60 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/479912/wrapper_hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bda3cdc8fdd4f815ad781fa4a2f2011909fca7f98780d3301c1617343d5129c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f6cd17-4f199"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 15:19:51 GMT
server
nginx
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 4D7A
672 KB
219 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e8df1f2d678c2b3cf6356c75fb7083149f470e4dba61d341983dc7c6416ed61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
uSISo3.v0MDal1mtXKjcjZykM8XmwIx1
etag
W/"bf7cfca855dd28a906754a99ffd824bb"
age
1921
x-cache
Hit from cloudfront
x-amz-cf-id
u8duQ3Ory-nWKw78-xyYtQLqa9J9CMfQezQBO8uw0539E_69VBMZzA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:00:51 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame C7F0
672 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e8df1f2d678c2b3cf6356c75fb7083149f470e4dba61d341983dc7c6416ed61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
uSISo3.v0MDal1mtXKjcjZykM8XmwIx1
etag
W/"bf7cfca855dd28a906754a99ffd824bb"
age
1921
x-cache
Hit from cloudfront
x-amz-cf-id
u8duQ3Ory-nWKw78-xyYtQLqa9J9CMfQezQBO8uw0539E_69VBMZzA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:00:51 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409240101/ Frame D90B
478 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409240101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35e9ccb1d2b7a55ac143b6ba8704e240ae9217d76f1db2cb735501af0b5eb765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
etag
11534241471022370290
age
21865
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 02:50:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 30 Sep 2024 02:50:58 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152927
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409240101/ Frame AF8A
478 KB
0
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409240101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35e9ccb1d2b7a55ac143b6ba8704e240ae9217d76f1db2cb735501af0b5eb765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
etag
11534241471022370290
age
21865
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 02:50:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 30 Sep 2024 02:50:58 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152927
x-xss-protection
0
server
cafe
/
api-2-0.spot.im/v1.0.0/reactions/config/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 30 Sep 2024 08:55:23 GMT
server
fasthttp
x-cache-status
Bypass
/
api-2-0.spot.im/v1.0.0/reactions/config/
560 B
1020 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
4710bbf612179a2f4f75d675151fa577df0edec3d4355e736978c3bf8d1b37a1

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

x-cache-status
Miss
access-control-max-age
86400
x-request-id
bafc9829-7f09-11ef-828c-ee6cc15006fd
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-cache-key
e6d37e2e3bee259082788b09c719ea5e5a749ee63b2ebc601f29c70fc62370d3
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
fasthttp
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
hbp_master_270443_6630.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame D90B
449 KB
0
Script
General
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b9c010e2daf38cfceee7fffc891dde7eabf6675400ed291de865f35826d7166b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f2b7d9-702a6"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Sep 2024 13:00:09 GMT
server
nginx
hbw_master_270443_6630.js
player.spotim.market/prebidlink/E-uEd/ Frame D90B
316 KB
0
Script
General
Full URL
https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bda3cdc8fdd4f815ad781fa4a2f2011909fca7f98780d3301c1617343d5129c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f6cd17-4f199"
expires
Tue, 01 Oct 2024 08:55:23 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 15:19:51 GMT
server
nginx
555.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/
51 KB
20 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/555.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7caa9c706169a8418230f53f329ec3b9c1624567d4f21542282d4c42a262c834

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"ca44ce2cb039cb6226cd8e1587b86b37"
x-amz-version-id
wN1SFUUHaSaSOFgLZ515cVRxSwyIDQMg
age
72645
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Wed, 13 Mar 2024 13:04:08 GMT
x-served-by
cache-iad-kiad7000026-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
46, 18
content-type
application/javascript
x-amz-id-2
QWl0GFkkLlqoZYQ57Ov/Y7kgpC0Zv9CiioqU2JiQkUHIDmfmgeT2R8lBc8Vrk5J9/R0V1CWvPgzpRZCcyVy4pQ==
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.939338,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VVR62T4Z63ARX06W
accept-ranges
bytes
access-control-allow-origin
*
content-length
19968
server
AmazonS3
x-amz-server-side-encryption
AES256
963.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/
26 KB
9 KB
Script
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcd876a8f2be07904a3dea9595eac8c552272aa2dcac324e73a27976183017f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"549d93ed59f13018e7c331d672e9ed3b"
x-amz-version-id
Orb7bi6m63SXr7VXnRw3rSP4UxLMl9Wh
age
62001
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Wed, 13 Mar 2024 13:04:08 GMT
x-served-by
cache-iad-kiad7000109-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
46, 66
content-type
application/javascript
x-amz-id-2
kA3kji+16mO9RIxnGTbynjet8FSySzrHl6qOVmdUtY4n0LV51g3MKGbTZSUv3L0a6z+PTdeKTPk=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.939483,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
VVR4ZX5KF3ZBNFXW
accept-ranges
bytes
access-control-allow-origin
*
content-length
8969
server
AmazonS3
x-amz-server-side-encryption
AES256
963.css
static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/
18 KB
3 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.32.0/963.css
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"60e07ba3f7bef94388f0baafe0a17a75"
x-amz-version-id
aOjT7Rbb_HXW63pozsSqyJw0UMoNt5NF
age
94776
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:23 GMT
last-modified
Wed, 13 Mar 2024 13:04:08 GMT
x-served-by
cache-iad-kjyo7100102-IAD, cache-fra-eddf8230036-FRA
x-cache-hits
17, 82
content-type
text/css
x-amz-id-2
LZqeARyiWoEo2EdKsDq0AUFYaR7+AXmhg59/f2cqlpGzrGZa9IPw8ihLKmx9p9a1oL/jBDwo35i60JEzwfaKuQ==
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686524.968763,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
Q8PKCW8N6KJ6AZ7X
accept-ranges
bytes
access-control-allow-origin
*
content-length
2472
server
AmazonS3
x-amz-server-side-encryption
AES256
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 30 Sep 2024 08:55:24 GMT
server
fasthttp
strict-transport-security
max-age=31536000
read
api-2-0.spot.im/v1.0.0/conversation/realtime/
59 B
438 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
e2688aca6e032dd2c057fcbbe4c16a98785a90e0653086f6d2c6b0c1244e918c

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bb0dd94c-7f09-11ef-8bc5-925b9bbde920
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
x-spotim-networkid
spotim
content-length
59
x-spotim-token
012409309O0UKM.c2054f7c2babe3c7ffb227953481f8e7bff838763a2215fef82afa9427ac0506
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
server
fasthttp
config.json
player.adtelligent.com/exchange_rates/279896/ Frame AF8A
2 KB
1 KB
Fetch
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.refinery29.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c82e7a153bb9250eab8ea6090fdfbf420e89ecaf5a2b7567dff018b89b976e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f94192-80a"
expires
Tue, 01 Oct 2024 08:55:24 GMT
x-proxy-cache
HIT
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
last-modified
Sun, 29 Sep 2024 12:01:22 GMT
server
nginx
apstag.js
c.amazon-adsystem.com/aax2/ Frame AF8A
324 KB
80 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f2dd6786b4537f2bb6a3e22886b855f2"
age
2412
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Dc2JMhvSw0FuaYvL_Z3qROpx_ZLk8lQNmlZtVFRwq_6AxGZTgOUaKA==
date
Mon, 30 Sep 2024 08:15:13 GMT
content-type
application/javascript
last-modified
Wed, 28 Aug 2024 22:46:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/25d9563d-75eb-4bf7-88d6-ff77920e491c/ Frame AF8A
317 KB
94 KB
Script
General
Full URL
https://rumcdn.geoedge.be/25d9563d-75eb-4bf7-88d6-ff77920e491c/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3790e7a5aad6749077df9d3ad668d73e54626a0357ed0c57938bfaa222bb46d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
x-amz-version-id
sYwOmA3HlscFrfpskz2ugdDod0Y1VBsu
etag
W/"5829f04985f5de8ce44a0e9abb2538b6"
age
1921
x-cache
Hit from cloudfront
x-amz-cf-id
VnGBVARDLr_iZtUk1mOXOlH07Bbu654i5GsJBiSnI_O-9Su-4TJBzA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:18:30 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame AF8A
629 KB
206 KB
Script
General
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70ff6b131726a24391337b60d6c45f63b61b17a58ff533b9c6cf79c0c2789bfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
x-amz-version-id
QtVyapK0NRq1ajLUCfzmgch7CL7tRwLJ
etag
W/"c7661581a7c247a3f254d34975daa556"
age
1920
x-cache
Hit from cloudfront
x-amz-cf-id
OdA_t_wrfSTAULsduHtDdRneDrE2zwpVIkhkjy-6l21T5-7muIrOIA==
date
Mon, 30 Sep 2024 08:23:24 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:00:42 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
AVmanager.js
player.aniview.com/script/6.1/ Frame 2A2D
509 KB
148 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5d96eaca742b61edbc2cc651eb79a74b56ee94ce9b5756297c9d3d00e10be6b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=zBEvsA==, md5=eJWzzGhxYm5iNDIZLYIp8Q==
etag
"7895b3cc6871626e623432192d8229f1"
x-goog-stored-content-encoding
gzip
expires
Mon, 30 Sep 2024 09:10:24 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
151014
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 26 Sep 2024 13:55:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljsAQXHTnfBUTqMFCHuUwxWD_1E9-LqBxEoULaNo25UHBw2VSNmLdWpsSVMpFwzrqMhaDsw
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727358956552512
content-length
151014
server
UploadServer
AVmanager.js
player.aniview.com/script/6.1/ Frame 9F5D
509 KB
0
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5d96eaca742b61edbc2cc651eb79a74b56ee94ce9b5756297c9d3d00e10be6b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=zBEvsA==, md5=eJWzzGhxYm5iNDIZLYIp8Q==
etag
"7895b3cc6871626e623432192d8229f1"
x-goog-stored-content-encoding
gzip
expires
Mon, 30 Sep 2024 09:10:24 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-goog-stored-content-length
151014
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 26 Sep 2024 13:55:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljsAQXHTnfBUTqMFCHuUwxWD_1E9-LqBxEoULaNo25UHBw2VSNmLdWpsSVMpFwzrqMhaDsw
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727358956552512
content-length
151014
server
UploadServer
config.json
player.adtelligent.com/exchange_rates/279896/ Frame D90B
2 KB
0
Fetch
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.refinery29.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c82e7a153bb9250eab8ea6090fdfbf420e89ecaf5a2b7567dff018b89b976e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"66f94192-80a"
expires
Tue, 01 Oct 2024 08:55:24 GMT
x-proxy-cache
HIT
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
last-modified
Sun, 29 Sep 2024 12:01:22 GMT
server
nginx
apstag.js
c.amazon-adsystem.com/aax2/ Frame D90B
324 KB
0
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f2dd6786b4537f2bb6a3e22886b855f2"
age
2412
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Dc2JMhvSw0FuaYvL_Z3qROpx_ZLk8lQNmlZtVFRwq_6AxGZTgOUaKA==
date
Mon, 30 Sep 2024 08:15:13 GMT
content-type
application/javascript
last-modified
Wed, 28 Aug 2024 22:46:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/25d9563d-75eb-4bf7-88d6-ff77920e491c/ Frame D90B
317 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/25d9563d-75eb-4bf7-88d6-ff77920e491c/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3790e7a5aad6749077df9d3ad668d73e54626a0357ed0c57938bfaa222bb46d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
x-amz-version-id
sYwOmA3HlscFrfpskz2ugdDod0Y1VBsu
etag
W/"5829f04985f5de8ce44a0e9abb2538b6"
age
1921
x-cache
Hit from cloudfront
x-amz-cf-id
VnGBVARDLr_iZtUk1mOXOlH07Bbu654i5GsJBiSnI_O-9Su-4TJBzA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:18:30 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame D90B
629 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70ff6b131726a24391337b60d6c45f63b61b17a58ff533b9c6cf79c0c2789bfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
x-amz-version-id
QtVyapK0NRq1ajLUCfzmgch7CL7tRwLJ
etag
W/"c7661581a7c247a3f254d34975daa556"
age
1920
x-cache
Hit from cloudfront
x-amz-cf-id
OdA_t_wrfSTAULsduHtDdRneDrE2zwpVIkhkjy-6l21T5-7muIrOIA==
date
Mon, 30 Sep 2024 08:23:24 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:00:42 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
/
sghb.spotim.market/geo/ Frame AF8A
165 B
474 B
XHR
General
Full URL
https://sghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Spotim /
Resource Hash
591b027f75c01e1d4bb0fd0360fe2c99dfeb332c9f19462c2e1af3abf1440159

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

X-Robots-Tag
noindex
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Access-Control-Allow-Origin
https://www.refinery29.com
Content-Length
165
Date
Mon, 30 Sep 2024 08:55:24 GMT
Content-Type
application/json
Server
Spotim
tracking
sghb.spotim.market/adunit/ Frame AF8A
43 B
468 B
XHR
General
Full URL
https://sghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=6630&strategyId=0&pbjsv=v8.52.4&full_page_url=https%3A%2F%2Fwww.refinery29.com&adid=ory5of.5p&features=82144&utm_source=email&utm_medium=editorial&vpbv=m326&lifecycle_tte=602
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

X-Robots-Tag
noindex
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Access-Control-Allow-Origin
https://www.refinery29.com
Content-Length
43
Date
Mon, 30 Sep 2024 08:55:24 GMT
Content-Type
image/gif
Server
Spotim
/
sghb.spotim.market/geo/ Frame D90B
165 B
474 B
XHR
General
Full URL
https://sghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Spotim /
Resource Hash
591b027f75c01e1d4bb0fd0360fe2c99dfeb332c9f19462c2e1af3abf1440159

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

X-Robots-Tag
noindex
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Access-Control-Allow-Origin
https://www.refinery29.com
Content-Length
165
Date
Mon, 30 Sep 2024 08:55:24 GMT
Content-Type
application/json
Server
Spotim
tracking
sghb.spotim.market/adunit/ Frame D90B
43 B
468 B
XHR
General
Full URL
https://sghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=6630&strategyId=0&pbjsv=v8.52.4&full_page_url=https%3A%2F%2Fwww.refinery29.com&adid=ory5r6.c5&features=82144&utm_source=email&utm_medium=editorial&vpbv=m326&tte=627&lifecycle_tte=632
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Spotim /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

X-Robots-Tag
noindex
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Access-Control-Allow-Origin
https://www.refinery29.com
Content-Length
43
Date
Mon, 30 Sep 2024 08:55:24 GMT
Content-Type
image/gif
Server
Spotim
async
api-2-0.spot.im/v1.0.0/conversation/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 30 Sep 2024 08:55:24 GMT
server
fasthttp
strict-transport-security
max-age=31536000
async
api-2-0.spot.im/v1.0.0/conversation/
3 B
2 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bb248474-7f09-11ef-b67f-96eaf6523a60
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-spotim-networkid
spotim
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
content-length
3
x-spotim-token
012409309O0UKM.c2054f7c2babe3c7ffb227953481f8e7bff838763a2215fef82afa9427ac0506
server
fasthttp
ad-container-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
682 B
763 B
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/ad-container-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c738fe44dcc53a9105bc99fd7b224095f954350650bfba09d4b5d4fd0a2c46b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"3368e5b6517bd637f49ea80bd97803bb"
x-amz-version-id
hCkGjNjl6tOl9TyYeb.Ije7DKHvhMrA.
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kjyo7100100-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
80, 6093
x-amz-id-2
vLvnxwn0t+48pWUKoi3/6f2WNZYsRD5JmDRm0ySsxfgFyOwXwr+k+2IjbNz6F29weHIl5YsK0E4=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686524.220340,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
HKQ1JX94TMAHRH1S
accept-ranges
bytes
access-control-allow-origin
*
content-length
415
server
AmazonS3
x-amz-server-side-encryption
AES256
read
api-2-0.spot.im/v1.0.0/conversation/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 30 Sep 2024 08:55:24 GMT
server
fasthttp
strict-transport-security
max-age=31536000
read
api-2-0.spot.im/v1.0.0/conversation/
772 B
3 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
23ebea2bf52d1e258d30d5969d84585911cc7e05536aa4077e23acd2b9ff3b56
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bb359ac9-7f09-11ef-b679-924b27bd4ed9
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
content-encoding
gzip
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-spotim-networkid
spotim
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
vary
Accept-Encoding
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
x-spotim-token
012409309O0UKM.c2054f7c2babe3c7ffb227953481f8e7bff838763a2215fef82afa9427ac0506
server
fasthttp
pixels
pix.spot.im/api/v1/
0
127 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/137-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.208.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-208-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
content-length
23
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
vary
Accept-Encoding
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame AF8A
563 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-65.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
ba555fcd02d602a56995e08ab5571347f369f0bf95bd57b9ee91b87f1a90c5a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=3600
age
1996
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
D0LZvJOmL1o5Jb6ZM221Ec3O0GN8zMnpH4kt_PXeT8lOBy-LnE876Q==
date
Mon, 30 Sep 2024 08:22:08 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ Frame AF8A
3 KB
4 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.refinery29.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c5b09247941b8b953cccb151f60f94cab5e7ace48fa78f737420ec067540e156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
17234
access-control-allow-credentials
true
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Hit from cloudfront
content-length
3518
x-amz-cf-id
5-QSLcxOG_OmcmGoV5MkJuTwakv69kvufkpXE7gSSnMCfDXpjI2qYw==
date
Mon, 30 Sep 2024 04:08:09 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA2-C1
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AF8A
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
27083
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
SJQAH5kiB5X3E19XV6hYW_RNzybFy45Sc5m7YvPUTPDj7gkB_gknUQ==
date
Mon, 30 Sep 2024 01:24:02 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame D90B
563 B
0
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-65.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
ba555fcd02d602a56995e08ab5571347f369f0bf95bd57b9ee91b87f1a90c5a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=3600
age
1996
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
D0LZvJOmL1o5Jb6ZM221Ec3O0GN8zMnpH4kt_PXeT8lOBy-LnE876Q==
date
Mon, 30 Sep 2024 08:22:08 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ Frame D90B
3 KB
0
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.refinery29.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c5b09247941b8b953cccb151f60f94cab5e7ace48fa78f737420ec067540e156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
17234
access-control-allow-credentials
true
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Hit from cloudfront
content-length
3518
x-amz-cf-id
5-QSLcxOG_OmcmGoV5MkJuTwakv69kvufkpXE7gSSnMCfDXpjI2qYw==
date
Mon, 30 Sep 2024 04:08:09 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA2-C1
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D90B
6 KB
0
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
27083
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
SJQAH5kiB5X3E19XV6hYW_RNzybFy45Sc5m7YvPUTPDj7gkB_gknUQ==
date
Mon, 30 Sep 2024 01:24:02 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
default
api-2-0.spot.im/v1.0.0/reactions/stats/
130 B
808 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/default
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
95a5debf033854aa510093ac2334c71a291c43ffc8b5c48433e486a3f412f3d2

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bb3c9316-7f09-11ef-8bc5-925b9bbde920
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
x-spotim-networkid
spotim
content-length
130
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json; charset=utf-8
server
fasthttp
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
default
api-2-0.spot.im/v1.0.0/reactions/stats/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 30 Sep 2024 08:55:24 GMT
server
fasthttp
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame AF8A
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
17407
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame AF8A
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
20082
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
QvmurSd0fS0qlq4g2kMz24JyqGzxeOR2bswJ_yq8vsqTDMF2VDvuag==
date
Mon, 30 Sep 2024 03:20:43 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ Frame AF8A
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&ref=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&_it=amazon&partner_id=471
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
6626
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
cf-ray
8cb2fe6948d0d2df-FRA
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame AF8A
98 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

x-amz-id-2
vsMC2MMgt2n6nv7dCKbMqlVEKvTxY9NA7nLuaFzZ2n0KUD3O71Qa/AZfl0KB3qR06loriruePfjUDSrzOp3tpevvbNbKMIe3h3KIsqGzVK0=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"6f43174cf2798dcd024756859322fc73"
age
2279
x-amz-request-id
QA6X6RQ05N4WFQJY
cf-ray
8cb2fe693f9d9956-FRA
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
text/javascript;charset=utf-8
last-modified
Mon, 16 Sep 2024 11:24:35 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame AF8A
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
5252
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
papi.js
rumcdn.geoedge.be/ Frame 9F5D
6 KB
3 KB
Script
General
Full URL
https://rumcdn.geoedge.be/papi.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07d2fef28f9f90958a61b7e1d5c4378f2ba1addc13cc092328462f9a0973937e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
iQew8K1LLhC2j0wO6L4.9CdCEJ.xtRxj
etag
W/"e5a99c825d19c71eddcf4031a21ee795"
age
1922
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
k5l1JIAi6aZsiC6WwhNhGKiACdAGGtesSQN14vJ20UPTQEVJjCM5vA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 11:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
/
go1.aniview.com/api/adserver/tag/
54 KB
7 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_8qxEpddu&AV_CDIM2=Desktop&AV_CDIM3=conversation&AV_CDIM4=c269507f-1dfa-4e55-8528-4d32eac5d527&AV_CDIM5=Fzhh4z3OdGUnMEdUXNlihPj3zudB55sQSzs-Q4G7wXwvN7RZs3gXeCnJV8UEMlc3&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=21698916284&AV_CDIM10=v22.19.3&AV_CDIM13=false&AV_CDIM14=sp_rexLo99v&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&AV_DNTCHECK=1&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_rexLo99v%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=de&AV_URL=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bc9a6cef1100a45979c6&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.refinery29.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6284bc9a6cef1100a45979c6/www.refinery29.com&d36=6.2.250&responsive=1&sver=5&avtoken=524311&omv=1.0.1&clsid=fac84112-9a23-44c7-be9a-58c4c79f8e8e&rando=98&rando1=25&rando2=85&scnt=1&AV_WIDTH=878&AV_HEIGHT=494&AV_GPP=DBAA&AV_GPP_SID=-1&AV_CCPA=1---&AV_DNT=0&cb=1727686524313&wfc=1
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
f2b537e44fdc85f1b7526709e66e1788a4058b0579141f092a7f79ac5b54dfe2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
1728000
content-encoding
gzip
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expires
Wed, 18 Sep 2024 19:08:44 GMT
alt-svc
h3=":443";ma=60;
date
Mon, 30 Sep 2024 08:55:24 GMT
x-bamboo-c-s
BYPASS
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
x-bamboo-c-skst
1
cache-control
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe
1
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
track
track1.aniview.com/
0
168 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.refinery29.com&sn=&cd1=sp_8qxEpddu&cd2=Desktop&cd3=conversation&cd4=c269507f-1dfa-4e55-8528-4d32eac5d527&cd5=Fzhh4z3OdGUnMEdUXNlihPj3zudB55sQSzs-Q4G7wXwvN7RZs3gXeCnJV8UEMlc3&cd6=stable&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&cd9=21698916284&cd10=v22.19.3&cd13=false&cd14=sp_rexLo99v&cd15=ads&cd16=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&ic=0&tgt=0&app=&wi=878&he=494&test=&d36=6.2.250&apppkg=&fv=1&proto=https&clsid=fac84112-9a23-44c7-be9a-58c4c79f8e8e&rando=98&rando1=25&rando2=85&scnt=1&pid=5e0e296628a061270b21ccab&cid=6284bc9a6cef1100a45979c6&stagid=&stplid=&e=inventory&vi=0&plt=4&cb=1727686524312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Mon, 30 Sep 2024 08:55:24 GMT
papi.js
rumcdn.geoedge.be/ Frame 2A2D
6 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/papi.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07d2fef28f9f90958a61b7e1d5c4378f2ba1addc13cc092328462f9a0973937e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
iQew8K1LLhC2j0wO6L4.9CdCEJ.xtRxj
etag
W/"e5a99c825d19c71eddcf4031a21ee795"
age
1922
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
k5l1JIAi6aZsiC6WwhNhGKiACdAGGtesSQN14vJ20UPTQEVJjCM5vA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 11:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
/
go1.aniview.com/api/adserver/tag/
49 KB
7 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_8qxEpddu&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=c269507f-1dfa-4e55-8528-4d32eac5d527&AV_CDIM5=Fzhh4z3OdGUnMEdUXNlihPj3zudB55sQSzs-Q4G7wXwvN7RZs3gXeCnJV8UEMlc3&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=21698916284&AV_CDIM10=v22.19.3&AV_CDIM13=false&AV_CDIM14=sp_rexLo99v&AV_CDIM15=ads&AV_CDIM16=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&AV_DNTCHECK=1&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_rexLo99v%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=de&AV_URL=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61fc06c32ddbaf55f57fd628&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.refinery29.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/61fc06c32ddbaf55f57fd628/www.refinery29.com&d36=6.2.250&responsive=1&sver=5&avtoken=524319&omv=1.0.1&clsid=1f389a1c-6730-4d7a-aaed-ead455500c33&rando=86&rando1=68&rando2=7&scnt=1&AV_WIDTH=400&AV_HEIGHT=300&AV_GPP=DBAA&AV_GPP_SID=-1&AV_CCPA=1---&AV_DNT=0&cb=1727686524320&wfc=1
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
15bbc8833c761bb2b10c807627118f5071a9a9138381f4c6730b42915a8a855b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
1728000
content-encoding
gzip
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expires
Wed, 18 Sep 2024 19:08:44 GMT
alt-svc
h3=":443";ma=60;
date
Mon, 30 Sep 2024 08:55:24 GMT
x-bamboo-c-s
BYPASS
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
x-bamboo-c-skst
1
cache-control
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe
1
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
track
track1.aniview.com/
0
168 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.refinery29.com&sn=&cd1=sp_8qxEpddu&cd2=Desktop&cd3=reactions&cd4=c269507f-1dfa-4e55-8528-4d32eac5d527&cd5=Fzhh4z3OdGUnMEdUXNlihPj3zudB55sQSzs-Q4G7wXwvN7RZs3gXeCnJV8UEMlc3&cd6=stable&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&cd9=21698916284&cd10=v22.19.3&cd13=false&cd14=sp_rexLo99v&cd15=ads&cd16=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.250&apppkg=&fv=1&proto=https&clsid=1f389a1c-6730-4d7a-aaed-ead455500c33&rando=86&rando1=68&rando2=7&scnt=1&pid=5e0e296628a061270b21ccab&cid=61fc06c32ddbaf55f57fd628&stagid=&stplid=&e=inventory&vi=0&plt=4&cb=1727686524320
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Mon, 30 Sep 2024 08:55:24 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame D90B
54 KB
0
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
17407
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame D90B
43 KB
0
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
20082
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
QvmurSd0fS0qlq4g2kMz24JyqGzxeOR2bswJ_yq8vsqTDMF2VDvuag==
date
Mon, 30 Sep 2024 03:20:43 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ Frame D90B
56 KB
0
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&ref=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&_it=amazon&partner_id=471
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
6626
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
cf-ray
8cb2fe6948d0d2df-FRA
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame D90B
98 KB
0
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

x-amz-id-2
vsMC2MMgt2n6nv7dCKbMqlVEKvTxY9NA7nLuaFzZ2n0KUD3O71Qa/AZfl0KB3qR06loriruePfjUDSrzOp3tpevvbNbKMIe3h3KIsqGzVK0=
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"6f43174cf2798dcd024756859322fc73"
age
2279
x-amz-request-id
QA6X6RQ05N4WFQJY
cf-ray
8cb2fe693f9d9956-FRA
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
text/javascript;charset=utf-8
last-modified
Mon, 16 Sep 2024 11:24:35 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame D90B
14 KB
0
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
5252
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
grumi.js
rumcdn.geoedge.be/ba2454c4-6774-4f05-8bdc-06147119265e/ Frame A7B1
605 KB
198 KB
Script
General
Full URL
https://rumcdn.geoedge.be/ba2454c4-6774-4f05-8bdc-06147119265e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/papi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1580703b49de1eacf6b9a3832d3415f64554570f300e32b8f82844247cb863c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
Jwtf21nea9zSekieLlwRGvgKv46Ffi3x
etag
W/"c9419adf8f137d0e10cb348bf283ed93"
age
1922
x-cache
Hit from cloudfront
x-amz-cf-id
7cL4IoEMJFJ1Ka48A_pWR3a_KcoXGxusR7JWxzDnBUjWclgT57iPWA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:19:17 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
grumi.js
rumcdn.geoedge.be/ba2454c4-6774-4f05-8bdc-06147119265e/ Frame 8FE9
605 KB
0
Script
General
Full URL
https://rumcdn.geoedge.be/ba2454c4-6774-4f05-8bdc-06147119265e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/papi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1580703b49de1eacf6b9a3832d3415f64554570f300e32b8f82844247cb863c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
Jwtf21nea9zSekieLlwRGvgKv46Ffi3x
etag
W/"c9419adf8f137d0e10cb348bf283ed93"
age
1922
x-cache
Hit from cloudfront
x-amz-cf-id
7cL4IoEMJFJ1Ka48A_pWR3a_KcoXGxusR7JWxzDnBUjWclgT57iPWA==
date
Mon, 30 Sep 2024 08:23:23 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 08:19:17 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
hadron.json
id.hadron.ad.gt/v1/ Frame AF8A
124 B
280 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.refinery29.com&url=https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&ref=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&_it=amazon&partner_id=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70da92d5438317fd586b45ed6ac224395706fed9686eacb5a2ecf85020f852cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.refinery29.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8cb2fe6afb06d2e2-FRA
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
authorization,content-type
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.refinery29.com&url=https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8cb2fe6a28b8d2e2-FRA
content-length
0
content-type
application/json
date
Mon, 30 Sep 2024 08:55:24 GMT
debug
OPTIONS block
expires
Tue, 30 Sep 2025 08:55:24 GMT
server
cloudflare
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame AF8A
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
17042
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame D90B
49 KB
0
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
17042
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame AF8A
190 B
465 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Mon, 30 Sep 2024 09:25:24 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
190
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
vary
Origin
server
nginx
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame D90B
190 B
0
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Mon, 30 Sep 2024 09:25:24 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
190
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json
vary
Origin
server
nginx
vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-5aa122-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
42 KB
13 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-5aa122-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c45e27e11d1acb1b08d49a15b3629b8df3c209cf92556777b831e7517617e6ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"ed5887929deda236e779f9677505ae0d"
x-amz-version-id
xZq_m.T_.i7GO.tJIbt2.2jGWTup8e3r
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200160-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
82, 6244
x-amz-id-2
NVxzXprCcQJAcT3986e0ucQrhPXkAbaS5AkbQObmYW5PrCSzDawU3IhvCTuawm/XEs6h4ElIuOE=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686525.502949,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
9PS72EJVT2TBDXSG
accept-ranges
bytes
access-control-allow-origin
*
content-length
13352
server
AmazonS3
x-amz-server-side-encryption
AES256
conversation-component-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.106.0/
126 KB
33 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.106.0/conversation-component-bundle.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c7690197a89a0bca3df58ab494b4fd89610d3a9c4a75b5e234c9788554ebb16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"db2098a1d19abed089e195e1f5eaedfd"
x-amz-version-id
1b0mROcj5lBLGoMi8Z62chK01b_T9l2p
age
863822
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 19 Sep 2024 08:06:13 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200071-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
82, 6520
x-amz-id-2
iqvz4OG2NV0tfxftki+TDllM+LtHiqu3ZMIPtRqQVQoM1p6ugtPAWhWxz4HxYnM2L/RUhuSBSy0=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
x-ioriver
Fastly
x-timer
S1727686525.502982,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
9PS7D7C99H9RGHGQ
accept-ranges
bytes
access-control-allow-origin
*
content-length
33423
server
AmazonS3
x-amz-server-side-encryption
AES256
bid
aax.amazon-adsystem.com/e/dtb/ Frame AF8A
23 B
377 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&pid=4LzRIVmYrrUnd&cb=0&ws=336x280&v=24.827.1552&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1595432533481-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%22%7D%5D&schain=1.0%2C1%21spotim.market%2Csp_rexLo99v%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprc=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.8.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-8-164.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
lEvtQJgMyuo1zju1cBd6m4GFyUhbDwo5A3mvjCkVmVLAj1RoB30NbQ==
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
src_components_ReactionStatic_ReactionStatic_tsx.js
static-cdn.spot.im/production/reactions/tags/v4.8.0/
502 B
639 B
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.8.0/src_components_ReactionStatic_ReactionStatic_tsx.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd7dec0ecc59a583992b5def44364f473d9636faa527ea23dad3baf553559954

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"8c001843ee9bb298cbaf456003db4159"
x-amz-version-id
LpwNxxiBgKwodgnUfknfAx1hbcBh2IDL
age
97885
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 25 Jul 2024 10:40:22 GMT
x-served-by
cache-iad-kcgs7200171-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
4, 120
content-type
application/javascript
x-amz-id-2
qdLlOqkEoROLzc0YbZqERylYEl4F+SnI0CLVumoE6PYysRActwMO2eG0OpIWRRBOqX9EyBeeAoUylHU/2hmGwVkBO3yItesQCe+Mclf3z9c=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.540250,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
15AB03E7SGZA2KXX
accept-ranges
bytes
access-control-allow-origin
*
content-length
284
server
AmazonS3
x-amz-server-side-encryption
AES256
6a1e0d2999d91f6db2aa.png
static-cdn.spot.im/production/reactions/tags/v4.8.0/
6 KB
6 KB
Image
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.8.0/6a1e0d2999d91f6db2aa.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de67ae51bc8d62963652060c12aa77245a10d5393eabd1642ae620dcb6884da7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
etag
"d71b039b9e729e85c53e6423312ca068"
x-amz-version-id
FC313.jQTt3uLoN41GZNEillvgJlM.Uq
age
67215
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 25 Jul 2024 10:40:22 GMT
x-served-by
cache-iad-kcgs7200157-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
57, 33
content-type
image/png
x-amz-id-2
idShVPrFu8GqHOU2ek9Eq0a+NQa+9z0CcO0WmoDudR9v+7t4zVxvpun9h4n5ESnYHvjIiGrtmSw=
access-control-allow-headers
*
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.544152,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
MFJXG3B67Z6E653A
accept-ranges
bytes
access-control-allow-origin
*
content-length
6243
server
AmazonS3
x-amz-server-side-encryption
AES256
bid
aax.amazon-adsystem.com/e/dtb/ Frame D90B
23 B
378 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&pid=JRTWy67zBL9eX&cb=0&ws=728x280&v=24.827.1552&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1695209757521-0%22%2C%22s%22%3A%5B%22320x250%22%2C%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%22%7D%5D&schain=1.0%2C1%21spotim.market%2Csp_rexLo99v%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprc=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.8.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-8-164.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
-J0gX3kDdwQmAXZu914ghD_hHcZRoU_ELiqN5A0MznQkmmT5Fpbb7A==
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
1647540049533.png
static-cdn.spot.im/custom-content/sp_8qxEpddu/
2 KB
2 KB
Image
General
Full URL
https://static-cdn.spot.im/custom-content/sp_8qxEpddu/1647540049533.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48113d6034b5583001210e46e5b3b9782dc3c177ab26e5eafca3ea5d7b5236cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
etag
"3a583f54aa5f15cef83592dae51f477d"
x-amz-version-id
SRWQfpZp_GRXBhpAkFsAy0xOAPIeMGE5
age
1023
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 17 Mar 2022 18:00:53 GMT
x-served-by
cache-iad-kjyo7100149-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
26, 1
content-disposition
attachment
x-amz-id-2
vvImfQIQniRn5dTCvfwGN7ibKXcP5mBxd+tJF4bWTsPseDfKFrALh1kgUROhE+UT/gtwc0wDLHc=
access-control-allow-headers
*
content-type
binary/octet-stream
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.604393,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-request-id
A06YRADRDZ9VDVEH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1568
server
AmazonS3
x-amz-server-side-encryption
AES256
1647540057630.png
static-cdn.spot.im/custom-content/sp_8qxEpddu/
1 KB
2 KB
Image
General
Full URL
https://static-cdn.spot.im/custom-content/sp_8qxEpddu/1647540057630.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
877198ceb279879530b98ddaa05918613f1636a41d0ee1ea11aa26b738e0c8bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
etag
"beaa5856b7fe4765a007d1e30e359aeb"
x-amz-version-id
JU_OCcBXD.wJBF78xOxUOS.gkbPz_NDM
age
146538
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 17 Mar 2022 18:01:01 GMT
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
27, 1
content-disposition
attachment
x-amz-id-2
JMCHCnCR6FNd6iBwqfTW72NKVc8J/8LN4xTXo1rvGwWcdQNylCLGMARxnLrJIgo4TN/HkrgNdcY=
access-control-allow-headers
*
content-type
binary/octet-stream
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.604352,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-request-id
A06JG66JEG4GARZ9
accept-ranges
bytes
access-control-allow-origin
*
content-length
1358
server
AmazonS3
x-amz-server-side-encryption
AES256
1647540071302.png
static-cdn.spot.im/custom-content/sp_8qxEpddu/
2 KB
2 KB
Image
General
Full URL
https://static-cdn.spot.im/custom-content/sp_8qxEpddu/1647540071302.png
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/346-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
773d4669ddf6a972d5413965cec731c4f39af2c19519ea181a99e0f324babfd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
etag
"7e7f57fad597e37d1ede98918cf74edf"
x-amz-version-id
u1co8.ZVqticEGOnLiNI21qKXRFqUM30
age
154932
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 17 Mar 2022 18:01:15 GMT
x-served-by
cache-iad-kiad7000138-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
28, 1
content-disposition
attachment
x-amz-id-2
tXspVEFGJxCsWaUrK6HkqPcY/kTYWsaltBAi3l1ufFBrrZX6ztIFwYC8Re3+JCxPoWSgpeGBYl0=
access-control-allow-headers
*
content-type
binary/octet-stream
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.605395,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-request-id
A06ZSJAK35JDZ6SZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1582
server
AmazonS3
x-amz-server-side-encryption
AES256
1647540076224.png
static-cdn.spot.im/custom-content/sp_8qxEpddu/
2 KB
2 KB
Image
General
Full URL
https://static-cdn.spot.im/custom-content/sp_8qxEpddu/1647540076224.png
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.27.0/launcher/346-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
260c4ff5c6b5b694b9b398f57eaa4929295450daedef69f5b943a69dfaa1f2a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
etag
"9d1c86a51d74b5c93be96385b4072bae"
x-amz-version-id
49hW3HZjVQZ_hunBkvQvYKd4ceBCLeyg
age
84850
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Thu, 17 Mar 2022 18:01:20 GMT
x-served-by
cache-iad-kjyo7100106-IAD, cache-fra-eddf8230039-FRA
x-cache-hits
28, 1
content-disposition
attachment
x-amz-id-2
qaaVWS6ckUtG/0IPT+ir7n0ejR9KIz4aOkoDVjBumIL8Q5lu6HeyblcWWlo3dzweSipF5OnveGM=
access-control-allow-headers
*
content-type
binary/octet-stream
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.606414,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-request-id
A06XNWSFNEEGFRSH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1645
server
AmazonS3
x-amz-server-side-encryption
AES256
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame AF8A
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
67550
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame D90B
229 KB
0
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Mon, 30 Sep 2024 09:10:24 GMT
accept-ranges
bytes
content-length
67550
date
Mon, 30 Sep 2024 08:55:24 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
471
a.ad.gt/api/v1/u/matches/ Frame AF8A
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eafa6ec729cd6d3d2d65982e0839d340fa24e6d16f25e322a20499b5089182ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
296
cross-origin-resource-policy
cross-origin
cf-ray
8cb2fe6c1c636aba-FRA
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 08:49:34 GMT
vary
Accept-Encoding
server
cloudflare
read
api-2-0.spot.im/v1.0.0/conversation/realtime/
5 KB
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
af80c62a54c13ee667fc2c6e8269bfe684828e4aa7fd3a9705e0e777cc2e2761

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bb994a73-7f09-11ef-80bc-cec0ca24e28a
content-encoding
gzip
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
x-spotim-networkid
spotim
x-spotim-token
012409309O0UKM.c2054f7c2babe3c7ffb227953481f8e7bff838763a2215fef82afa9427ac0506
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
fasthttp
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
entry$11478122
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_8qxEpddu/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_8qxEpddu/entry$11478122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.refinery29.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 30 Sep 2024 08:55:25 GMT
server
fasthttp
strict-transport-security
max-age=31536000
entry$11478122
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_8qxEpddu/
34 KB
12 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_8qxEpddu/entry$11478122
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
7d4afd6bd3f4680c379a05bc0921f214f3565cff0f14226f4999fd368dd7c132
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bbafc721-7f09-11ef-b39e-9a815bd5315a
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
content-encoding
gzip
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-spotim-networkid
spotim
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name, x-openweb-module-version,x-full-url, x-tc-string, x-consent-type, x-api-token
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
x-spotim-token
012409309O0UKM.c2054f7c2babe3c7ffb227953481f8e7bff838763a2215fef82afa9427ac0506
server
fasthttp
openweb-symbol-v2.svg
static-cdn.spot.im/production/icons/custom/
6 KB
2 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-symbol-v2.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"09ba69b6c3a7136d63fe98562c0114af"
x-amz-version-id
a4LwvXxBiI2uL8zrMqiGV0xmsVieM496
age
85734
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:25 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
x-served-by
cache-iad-kjyo7100096-IAD, cache-fra-eddf8230036-FRA
x-cache-hits
33, 1527
content-type
image/svg+xml
x-amz-id-2
n4vG2rtBmCHEHt54UbchchN0e+ucfvpCKvh2PUOf8jUUSgJAZfbc+ccuhm9RZOmI11j2IrVNWyg=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.044110,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
7K33ZKYEAKGFV61Q
accept-ranges
bytes
access-control-allow-origin
*
content-length
2253
server
AmazonS3
openweb-text-v2.svg
static-cdn.spot.im/production/icons/custom/
4 KB
2 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-text-v2.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4e::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
600
content-encoding
br
etag
"9fc6e633e804dd0fd3d6d352bac7c139"
x-amz-version-id
tIeb0BF074BwTuW6cmg0uAMaxL6ImEvW
age
85347
access-control-allow-methods
GET,HEAD
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 08:55:25 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
x-served-by
cache-iad-kjyo7100067-IAD, cache-fra-eddf8230036-FRA
x-cache-hits
33, 1518
content-type
image/svg+xml
x-amz-id-2
hSRf8AEmb+tnUC5IE0ZYQHZx6UlJ5+aSkhboVn1YcbAfb9rEzO/rLyaciWkDiFVux2laT994+ETSlToNVURUG5z5wDRw+ScRB1LlOqsc9/c=
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-ioriver
Fastly
x-timer
S1727686525.044102,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
7K356K2RSRZAGKHS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1705
server
AmazonS3
i.png
trx-hub.com/i/m/
128 B
464 B
Image
General
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5QBXCAW1gGdEToBjAUyJEfLCwBsQAaEMyuUbYS5FsKwRkWMNz4DY9RDgiMVLEgGte-CorDkADhzw4WAJgAsABgCc52wFpGneI6VUhELPSqPojABuWIwoAPcA-QC9kTHRAI6xsZpJ0QCesSAAvnxeYBiQYESgYGQAFsgsAGpqJFQABADqygR8htBY7NBp9GVgODguVCwAQoylEGk6hiQARpxYVGXCBaoWAGz1AMoAogAKACo7ALIjOwBK9ebWVtl83uS4BMQ5-NCcw8QgAfCM0AHQFg6RawGAAD1gPz+AKI8FkVEYr0gMFgYEMhjUGGKr2MeEYoOgYCYRAA2qAaHRiYQQGUoIYqIQAPSMlCsgB0P1wfzSDjZSnIjLUjjws0FrnciE8jG8vn8QRCKAA-AoKQxGABeNgcTgAMgUQhE5E12CkHVker0ShUagg6q0Fso9AMxiwpnVVjsDmc4o8Xh8fgCwVCAFIdgAxYMjCMjAAioej0bj4cjifi8ZTkaTCczmnTUczecTaULmYA3CXYxWsxnY5pGToof8-kC+Mi4EhUOhsPhirpKKqqax2FwdPqJKJxCbpLJR5blKp1NStLPHc6TGZqR77E4XG5fdL-XKg+FoqkoolT9EUpeohlotksgBdPj0OpSQTSoovNrQRAY6CTLAWBYtSeznAA8nsFwHAAmrAACSMY6K+VDvn8QEgSAwRMLAADs9DrBgtiQow8Bct0DjIcBhgAIwsNh+L4YRthURghjmCwnKDBRLF8AOzDUrSED0kyLLslx3K8vygo4MKoq7hKUoygG8qhMqej8Zqw66mOhrGpI046XO1oqHamgOvoRjru6Njbt6e6Sn6sqBgqVZucm+axmmHmJlWuY+QWAWxsWQUxuWoXudmtb1nwQQ2qCaQYiwnTtIwVBUFgygNqR0LNtSOgTBUgLUjUOB1E0LTTB0XQ9H0AxDKM4xkFMbRzAsSwrJAAkgOYmy7IcJxnJc1y3C+CzxQ83UjZYjh2I4ADM1gHNYAAchAAKzrYQ5jrWyljmLhABa0xgHioKSJw3UHMs9Q0ZY9RjKh9R7L+GAkPQEANAciAPSQaT1GGv7kPUjBspwbLwGy9QAMKOQevjAsByXATRuEHesK3rOtO37bhp1YNkQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-124.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
age
84401
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
128
x-amz-cf-id
EgmgMlaROs-5rSPjQPAeyAcx1d_YJ-h6G3xEWtkWKwAW8itmJqYWLQ==
date
Sun, 29 Sep 2024 09:28:45 GMT
content-type
image/png
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
vary
Accept-Encoding
i.png
trx-hub.com/i/x/
128 B
464 B
Image
General
Full URL
https://trx-hub.com/i/x/i.png?q=N4IgDglgJiBcIDcIGMCmB9A7MgbFAnOgE6oBmEAdqkQJ4BM+IANCBNHK9AIyZ2Y4AOHAFY6wgCx8AhgHMIzEAA9oAZzihSRHn0EixknKmSkOACwAu5sCtgB6WwHcnAOlQAbUsgD2KgLapzFBVnb2cAVwBrWwVNbX4hUQk6HBlkGTNLaztHF3dPH39A5GDQyNtTKTcvAFoZKodqtwgARzDoavI3c2pbATouLgBmZwtfNxitXni9JJxkACsAIwyrG3snBxCKoirLAIg3RbDaEK9fWzKwIi8oMORzcq83NxoHLxuOtykHN1QVFQ6B26RGqKgqUFQ1XE1X8UAgYV8EziukSBggUlMKyy61yHm8fn2xVO4SidS8DRISAQ1EaEDA1S8B16dAADCzxCNzGMkVMUfpkqg5Fi1rYZF5nCoIhBfCQVF5jmgSmdbAB+aAAXkGLLoAkGAA0uElBuIuAAyRQqdVm45udUWVYAUkGAEEHXQAGJu90bCWoMCmLxEKTEyJesBegAiAEkAPIAJWqzoj0YAwgAVaoAGTp1QA4vVqjGDtVBsJ0gBfctAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-124.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
age
28645
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
128
x-amz-cf-id
2ckeKBCupYxQVvP2tZXzJtTuWuGpgvSesIDbARFNyWb3IVAVBMvQvg==
date
Mon, 30 Sep 2024 04:22:36 GMT
content-type
image/png
last-modified
Mon, 24 Aug 2020 04:40:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
vary
Accept-Encoding
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame AF8A
212 B
464 B
Fetch
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
d53be85195780b39c49893e92fb2a83a8455951e17dda43ebb6fb6294b6d63b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.refinery29.com
content-length
212
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
server
nginx
v1
prg.smartadserver.com/prebid/ Frame AF8A
358 B
698 B
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.197.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-32-197.eu
Software
/
Resource Hash
c8c060ead23d6182f913beb6caf29659336b5ebe09d2d8e4e437a11248b9e7c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

transfer-encoding
chunked
cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 30 Sep 2024 08:55:24 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
prebid
ib.adnxs-simple.com/ut/v3/ Frame AF8A
137 B
708 B
Fetch
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b943d4874733e670e89c6cee68e0c55fbd6b1d00f489b963b19b3588d09f9847
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.refinery29.com
an-x-request-uuid
41d22546-8732-4efe-9882-532e0aa602e5
content-length
137
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 30 Sep 2024 08:55:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
cdb
bidder.criteo.com/ Frame AF8A
0
196 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.4&cb=25457638448&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/ Frame AF8A
83 B
629 B
Fetch
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-91.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
99f71347da1fb77b27076845fc364d7e37f16ae976fd9a67bd22f769a5b68a6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Miss from cloudfront
content-length
108
x-amz-cf-id
0-8W8wmZZGTI-iB6njqrZ4jvc0AXa-2eaActtF5yuyNvp3aQNyQnzQ==
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P4
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
auction
tlx.3lift.com/header/ Frame AF8A
19 B
678 B
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.4&referrer=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tmax=2000&gdpr=true&cmp_cs=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.230.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-230-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent
access-control-allow-credentials
true
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.refinery29.com
x-auction-status
29
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame AF8A
0
197 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.4&cb=79996512613&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame AF8A
714 B
766 B
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&PageUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&PageReferrer=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&CanonicalUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
bc6512c2e1b12011f5b6175840005d0a155e00f1ae9475a7c793771235b0fdf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
57
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
access-control-allow-origin
https://www.refinery29.com
content-length
714
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
ayl-lb-fra02
access-control-allow-headers
Accept-Encoding, Content-Type
prebid
ib.adnxs-simple.com/ut/v3/ Frame AF8A
250 B
821 B
Fetch
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d8476923e18628ab5964fcbdfc275c1570fed0891be036fb3bfd9cb9eccc594c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.refinery29.com
an-x-request-uuid
74037c77-ab81-4dc7-83d0-56e1ed90dac7
content-length
250
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 30 Sep 2024 08:55:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
hb-multi
hb.openwebmp.com/ Frame AF8A
83 B
630 B
Fetch
General
Full URL
https://hb.openwebmp.com/hb-multi
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f000:7:aedc:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
71adaabcda51aff47a367e698b1a231ce49073edcbe20dd33b8c53c2569e0d87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Miss from cloudfront
content-length
108
x-amz-cf-id
zBSn9uhCnLHVdXkOzEASeHeSpp8rE5Vg46sq7lhfGseMqiL9H8KT6A==
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P2
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
translator
hbopenbid.pubmatic.com/ Frame AF8A
0
115 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:24 GMT
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame AF8A
0
227 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.52.4&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1595432533481-0%22%2C%22callback_id%22%3A%2231ae15f0654b958%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B320%2C250%5D%5D%2C%22ym_placement_id%22%3A%223545261743410192971%22%2C%22gpid%22%3A%22%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0%22%7D%5D&page_url=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&bust=1727686525550&dnt=false&description=&tmax=2000&userConsent=%7B%22gdprApplies%22%3Atrue%2C%22cmp%22%3A%22CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%2014%20Best%20Products%20To%20Buy%20From%20e.l.f.%20Cosmetics&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_rexLo99v%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.81.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-81-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
access-control-request-headers
Cache-Control, Pragma
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
prebidjs
rtb.openx.net/openrtbb/ Frame AF8A
53 B
276 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d24ba79e824335051f5f208b8783a8466b49d1bc563dbc3bd09ba9380daf3dd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
x-forwarded-for
217.114.215.131
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
text/plain
vary
Origin
c
prebid.a-mo.net/a/ Frame AF8A
0
44 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.34 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
x-envoy-upstream-service-time
30
vary
origin, accept-encoding, Accept-Encoding
server
envoy
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame AF8A
1 KB
718 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.52.4
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.72.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-72-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f3ae5a060aec846288404f2b139c967c3a1ed540edd996ad29c136fb3a0311bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://www.refinery29.com
content-length
454
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AF8A
655 B
866 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=453a714ca2ba168&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&m_ch_mobile=%3F0&slots=1&rand=0.21951389030941204
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
df104b209bc5dea0b8995bc69abcce639be0b24795420d3bbec62fa36b2a30cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
655
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AF8A
656 B
690 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=46f9b7396a93bcf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&m_ch_mobile=%3F0&slots=1&rand=0.4115471078022981
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
efa41faf12342657f397be701d57a99a555b9ca9949eb91544ebaea573a74861

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
656
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AF8A
656 B
690 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=476948e3551dee8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&m_ch_mobile=%3F0&slots=1&rand=0.7853395456422931
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
644495130c2c225a3c462cef52ac974c8c55db5dddec596af8ac4ccbd185f363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
656
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AF8A
656 B
690 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=4856bbf18c88c7a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FReactions%2FReact-Refinery29%23div-gpt-ad-1595432533481-0&m_ch_mobile=%3F0&slots=1&rand=0.3904157595920599
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
90273ff1b0b294097fae1f73de02053d422e68a2b9c69833e5c128a21997cd90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
656
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
read
api-2-0.spot.im/v1.0.0/conversation/realtime/
59 B
437 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.49.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-49-144.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
1665ed627fdd8d784808ad95c765070927535a8d9d8618776d82c63e9d27e9ee

Request headers

x-post-id
entry$11478122
Referer
https://www.refinery29.com/
x-spotim-page-view-id
c269507f-1dfa-4e55-8528-4d32eac5d527
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
x-spot-id
sp_8qxEpddu

Response headers

access-control-max-age
86400
x-request-id
bbeeed65-7f09-11ef-828c-ee6cc15006fd
x-guid
b2c88900-7095-4b73-896e-2217649fda42
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
x-spotim-networkid
spotim
content-length
59
x-spotim-token
012409309O0UKM.c2054f7c2babe3c7ffb227953481f8e7bff838763a2215fef82afa9427ac0506
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
x-spotim-device-uuid
b2c88900-7095-4b73-896e-2217649fda42
server
fasthttp
prebid
prebid.media.net/rtb/ Frame D90B
56 B
558 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
via
1.1 google
expires
Mon, 30 Sep 2024 08:55:25 GMT
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json;charset=utf-8
server
envoy
c
prebid.a-mo.net/a/ Frame D90B
0
20 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.34 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
x-envoy-upstream-service-time
68
vary
origin, accept-encoding, Accept-Encoding
server
envoy
access-control-allow-credentials
true
hb-multi
hb.openwebmp.com/ Frame D90B
82 B
629 B
Fetch
General
Full URL
https://hb.openwebmp.com/hb-multi
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f000:7:aedc:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9af9258b137e7f0d96e6a5b723be64e5f1dff10da5053a16816abe5d925ed175

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
65
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Miss from cloudfront
content-length
107
x-amz-cf-id
pFPs_2YIYfLzDHRNZm8IU9ibW_ql_EMpY3Siyv1xeuELIP3l-O8b4A==
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P2
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
prebid
ib.adnxs-simple.com/ut/v3/ Frame D90B
248 B
819 B
Fetch
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a5f5ec4d014895d5473994645a8b16f27380804918c09a7f7d8856a19d87eae1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.refinery29.com
an-x-request-uuid
395637d7-7571-4a54-98bb-00fc338a78a0
content-length
248
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 30 Sep 2024 08:55:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D90B
666 B
700 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=11f8fa42746be09&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&m_ch_mobile=%3F0&slots=1&rand=0.5756554637069764
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6f208c9e9dbf22b84ec4bd3717a89c66d70d38a204368200a34750a4e882cb70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
666
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D90B
667 B
701 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=12083204c118429&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&m_ch_mobile=%3F0&slots=1&rand=0.20730873433094232
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bb470eef962d834599dab789d927e90f2809d6c41a57259e5818b988056176d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
667
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D90B
667 B
701 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=13381e1b91ac4a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&m_ch_mobile=%3F0&slots=1&rand=0.2027013998748073
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dbf19ba1953101563a5e6b51a0243eaed8c9eb9c7f1a6046cf5edc14e7fe550e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
667
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D90B
667 B
701 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=2%2C16%2C159&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.domain=refinery29.com&tg_i.page=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tg_i.pbadslot=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&tk_flint=pbjs_lite_v8.52.4&l_pb_bid_id=143ffa521facaaa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0&m_ch_mobile=%3F0&slots=1&rand=0.2891426444754306
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e5dc78e1b83723328691fb691def1aaef95d2a8a1465c8d614a9d3711f998db0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.refinery29.com
content-length
667
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
prebidjs
rtb.openx.net/openrtbb/ Frame D90B
53 B
130 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
c986e3b2ba9fa7bb7909f4b809191b373e4fa7fb2839ca697e52da6765fa6150

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
x-forwarded-for
217.114.215.131
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.refinery29.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
text/plain
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame D90B
0
59 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/ Frame D90B
83 B
629 B
Fetch
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-91.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
849ff0db258e5535efd54864361746b78c452c6f0ad39def097fce5d7a062d4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.refinery29.com
x-cache
Miss from cloudfront
content-length
108
x-amz-cf-id
SS2CdNoizRL4GuaPc1596djdjsnkPhf7_HhDA85NLFOlfn4UihAGgg==
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P4
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
prebid
ads.yieldmo.com/exchange/ Frame D90B
0
226 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.52.4&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1695209757521-0%22%2C%22callback_id%22%3A%22289216b40cccf67%22%2C%22sizes%22%3A%5B%5B320%2C250%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223545261743410192971%22%2C%22gpid%22%3A%22%2F39694909%2C21698916284%2FConversationDisplay%2FCD-Refinery29US%23div-gpt-ad-1695209757521-0%22%7D%5D&page_url=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&bust=1727686525577&dnt=false&description=&tmax=2000&userConsent=%7B%22gdprApplies%22%3Atrue%2C%22cmp%22%3A%22CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%2014%20Best%20Products%20To%20Buy%20From%20e.l.f.%20Cosmetics&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_rexLo99v%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.81.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-81-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
access-control-request-headers
Cache-Control, Pragma
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame D90B
714 B
1 KB
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&PageUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&PageReferrer=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&CanonicalUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
31033663c1d7003924239848039e367883c116bad3788d1a0e91f57b5b28876f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
34
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
access-control-allow-origin
https://www.refinery29.com
content-length
714
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
ayl-lb-fra02
access-control-allow-headers
Accept-Encoding, Content-Type
v1
prg.smartadserver.com/prebid/ Frame D90B
358 B
698 B
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.197.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-32-197.eu
Software
/
Resource Hash
c8c060ead23d6182f913beb6caf29659336b5ebe09d2d8e4e437a11248b9e7c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

transfer-encoding
chunked
cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.refinery29.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D90B
0
181 B
Fetch
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame D90B
0
196 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.4&cb=68469653588&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:25 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame D90B
0
177 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.34 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:24 GMT
x-envoy-upstream-service-time
23
vary
origin, accept-encoding, Accept-Encoding
server
envoy
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame D90B
19 B
656 B
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.4&referrer=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&tmax=2000&gdpr=true&cmp_cs=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.230.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-230-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
access-control-allow-credentials
true
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.refinery29.com
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
/
ghb.adtelligent.com/v2/auction/ Frame D90B
121 B
450 B
Fetch
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Adtelligent /
Resource Hash
1e6cf0ae9456b212b43bffddc6bc3d1c5e9c3d00940563bfcce885aeb2f0beed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

X-Robots-Tag
noindex
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Access-Control-Allow-Origin
https://www.refinery29.com
Content-Length
121
Date
Mon, 30 Sep 2024 08:55:25 GMT
Content-Type
application/json; charset=UTF-8
Server
Adtelligent
bid
ap.lijit.com/rtb/ Frame D90B
1 KB
718 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.52.4
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.72.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-72-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2331fb928e9e4f30e0aa01f8cc2ae9b15b375ada6b30b084ace9533a0a313d66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://www.refinery29.com
content-length
455
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
cdb
bidder.criteo.com/ Frame D90B
0
196 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.4&cb=90424057549&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.refinery29.com
date
Mon, 30 Sep 2024 08:55:24 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
prebid
ib.adnxs-simple.com/ut/v3/ Frame D90B
139 B
711 B
Fetch
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b55c527eca0fa4608b641f04f2ad2c4de03c67edf476a1f07fee88dffe536ef1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.refinery29.com
an-x-request-uuid
ec1bcb32-8b1b-454e-9f21-3c10d016d978
content-length
139
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 30 Sep 2024 08:55:25 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame D90B
300 B
552 B
Fetch
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
9ecb85e31697a93619b3d59dd5644deb41622514c0c4680e804d07a54a927ca9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.refinery29.com
content-length
300
date
Mon, 30 Sep 2024 08:55:25 GMT
content-type
application/json
server
nginx
multitracking
sghb.spotim.market/adunit/ Frame AF8A
0
264 B
XHR
General
Full URL
https://sghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Spotim /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

Connection
Keep-Alive
Permissions-Policy
browsing-topics=()
X-Robots-Tag
noindex
Access-Control-Allow-Origin
https://www.refinery29.com
Date
Mon, 30 Sep 2024 08:55:26 GMT
Server
Spotim
Access-Control-Allow-Credentials
true
multitracking
sghb.spotim.market/adunit/ Frame D90B
0
264 B
XHR
General
Full URL
https://sghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/E-uEd/hbw_master_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Spotim /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.refinery29.com/

Response headers

Connection
Keep-Alive
Permissions-Policy
browsing-topics=()
X-Robots-Tag
noindex
Access-Control-Allow-Origin
https://www.refinery29.com
Date
Mon, 30 Sep 2024 08:55:26 GMT
Server
Spotim
Access-Control-Allow-Credentials
true
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VFL3LEQ5LG&gtm=45je49p0v9187798456za200zb831751480&_p=1727686521506&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101671035~101747727&cid=841723337.1727686522&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1727686522&sct=1&seg=0&dl=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&dt=The%2014%20Best%20Products%20To%20Buy%20From%20e.l.f.%20Cosmetics&en=scroll&epn.percent_scrolled=90&_et=13&tfd=6936
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.refinery29.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 08:55:27 GMT
content-type
text/plain
server
Golfe2
publishertag.prebid.144.js
static.criteo.net/js/ld/ Frame AF8A
96 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 01 Oct 2024 08:55:27 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:27 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
publishertag.prebid.144.js
static.criteo.net/js/ld/ Frame D90B
96 KB
0
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 01 Oct 2024 08:55:27 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 08:55:27 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
pbcas
ads.yieldmo.com/ Frame D5E7
0
0
Document
General
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&type=iframe
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.181.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

date
Mon, 30 Sep 2024 08:55:28 GMT
isyn
prebid.a-mo.net/ Frame E131
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Sep 2024 08:55:28 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
0
beacon
ce.lijit.com/ Frame 2FEF
0
0
Document
General
Full URL
https://ce.lijit.com/beacon?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.236.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date
Mon, 30 Sep 2024 08:55:29 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding
pd
spot-im-d.openx.net/w/1.0/ Frame 568C
0
0
Document
General
Full URL
https://spot-im-d.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Mon, 30 Sep 2024 08:55:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame F5D0
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 30 Sep 2024 08:55:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A434
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=128563
content-encoding
gzip
content-length
5633
content-type
text/html
date
Mon, 30 Sep 2024 08:55:28 GMT
expires
Tue, 01 Oct 2024 20:38:11 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isync
visitor.omnitagjs.com/visitor/ Frame 3DAC
0
0
Document
General
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 -, , ASN (),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
54
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 08:55:28 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
usync.html
eus.rubiconproject.com/ Frame 4653
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 08:55:28 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user-sync
sync.adkernel.com/ Frame AF8A
0
134 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?zone=221544&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D159%26partneruserid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.67.200.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Cache-Control
no-store
Content-Length
0
Date
Mon, 30 Sep 2024 08:55:28 GMT
Server
nginx
Connection
close
isyn
prebid.a-mo.net/ Frame 1210
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Sep 2024 08:55:28 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 13E9
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 08:55:28 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
spot-im-d.openx.net/w/1.0/ Frame E0D1
0
0
Document
General
Full URL
https://spot-im-d.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Mon, 30 Sep 2024 08:55:29 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isync
visitor.omnitagjs.com/visitor/ Frame 1D98
0
0
Document
General
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 -, , ASN (),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
54
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 08:55:28 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
pbcas
ads.yieldmo.com/ Frame B5DF
0
0
Document
General
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&type=iframe
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.181.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

date
Mon, 30 Sep 2024 08:55:29 GMT
beacon
ce.lijit.com/ Frame 2AF1
0
0
Document
General
Full URL
https://ce.lijit.com/beacon?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.236.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date
Mon, 30 Sep 2024 08:55:29 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame FA48
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---&
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 30 Sep 2024 08:55:29 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5D54
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=128563
content-encoding
gzip
content-length
5633
content-type
text/html
date
Mon, 30 Sep 2024 08:55:28 GMT
expires
Tue, 01 Oct 2024 20:38:11 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame EED1
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=CQFwyQAQFwyQAAGABCENBJFgAAAAAEPgAAYgAAARvgIAAKAAuACQAFwARwBHACcAHIAO4AgEBBwEIAI4AdsBagDFgI3gDBIAYAjgB3AEAHQAwAXACcAHcQgBgAuAEcAO4lABAEcVAAgAKLQAQB3A.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.32 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Sep 2024 08:55:28 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
0
user-sync
sync.adkernel.com/ Frame D90B
0
134 B
Image
General
Full URL
https://sync.adkernel.com/user-sync?zone=221544&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D159%26partneruserid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.67.200.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Cache-Control
no-store
Content-Length
0
Date
Mon, 30 Sep 2024 08:55:29 GMT
Server
nginx
Connection
close
track
track1.aniview.com/ Frame 9F5D
0
0

track
track1.aniview.com/ Frame 2A2D
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/c/5283/cc.js?ns=_cc5283
Domain
ad.crwdcntrl.net
URL
https://ad.crwdcntrl.net/5/c=5285/pe=y/var=ccauds
Domain
wms-na.amazon-adsystem.com
URL
https://wms-na.amazon-adsystem.com/20070822/GB/js/auto-tagger.js?tag=rf29amazon-21&locale=GB&overwrite=1
Domain
direct-events-collector.spot.im
URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?r=www.refinery29.com&sn=&cd1=sp_8qxEpddu&cd2=Desktop&cd3=conversation&cd4=c269507f-1dfa-4e55-8528-4d32eac5d527&cd5=Fzhh4z3OdGUnMEdUXNlihPj3zudB55sQSzs-Q4G7wXwvN7RZs3gXeCnJV8UEMlc3&cd6=stable&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&cd9=21698916284&cd10=v22.19.3&cd13=false&cd14=sp_rexLo99v&cd15=ads&cd16=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&ic=0&tgt=0&app=&wi=878&he=494&test=&d36=6.2.250&apppkg=&fv=1&proto=https&clsid=fac84112-9a23-44c7-be9a-58c4c79f8e8e&rando=98&rando1=25&rando2=85&scnt=1
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?r=www.refinery29.com&sn=&cd1=sp_8qxEpddu&cd2=Desktop&cd3=reactions&cd4=c269507f-1dfa-4e55-8528-4d32eac5d527&cd5=Fzhh4z3OdGUnMEdUXNlihPj3zudB55sQSzs-Q4G7wXwvN7RZs3gXeCnJV8UEMlc3&cd6=stable&cd7=row1-column1&cd8=sliding%3Afalse%3Bsticky%3Afalse%3Btakeover%3Afalse&cd9=21698916284&cd10=v22.19.3&cd13=false&cd14=sp_rexLo99v&cd15=ads&cd16=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.250&apppkg=&fv=1&proto=https&clsid=1f389a1c-6730-4d7a-aaed-ead455500c33&rando=86&rando1=68&rando2=7&scnt=1

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA function| loadAdLib object| regeneratorRuntime object| __AdLib object| _sp_ function| _typeof function| __tcfapi function| __uspapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp object| _sp_queue object| _sp_wp_jsonp string| __SENTRY_ADDRESS__ object| webpackJsonp number| adBundleLoadTime object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill function| _ function| globalSkimlinksDataCallback object| _VICEsp_ object| Raven object| __dateFnsLocales__ function| ga object| _dataLayer object| dataLayer object| _sf_async_config object| _cbq number| _sf_endpt object| _comscore object| streamsense function| pintrk function| twq object| dataLayerMetadata object| ccauds object| SPOTIM object| _cb_shared object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| _cbm number| PIN_19996 function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| Sailthru object| COMSCORE object| ns_p object| PIN_1727686522195 string| value function| refreshPinterestEmbeds object| PinUtils object| __twttrll object| twttr object| __twttr object| google_tag_manager function| postscribe object| google_tag_manager_external function| snaptr object| r object| GTM_page_load object| analytics function| fbq function| _fbq object| scrEm object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| __OPEN_WEB__ object| htlbid function| onYouTubeIframeAPIReady object| tagConfig object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| _scPxHelper object| _scPxTeller object| trx function| md5 object| process string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ object| _anonymised_tag object| googletag function| owActionQueue object| webpackChunknotifications function| __SPOTIM_DISABLE_ADS__ object| webpackChunkreactions object| webpackChunkconversation object| webpackChunkpitc function| avPlayer object| __SPOTIM_DEV_STORE__ object| storageAni object| hadron boolean| __halo_loaded__ object| au

34 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 4f26a86677b44583916a962f613d6d1c
www.refinery29.com/ Name: X-GeoIP-Country-Code
Value: DE
www.refinery29.com/ Name: X-GeoIP-Region-Code
Value: BW
www.refinery29.com/ Name: _vice_from_GDPR_region
Value: true
.refinery29.com/ Name: _vice_cmp_fb_ldu
Value: false
www.refinery29.com/ Name: consentUUID
Value: 9cf93b81-79af-47e7-b09e-b44e04a80cdb
.www.refinery29.com/ Name: R29_CEXP_V1
Value: []
.refinery29.com/ Name: _cb
Value: BXWkAwBC7RYcC1NJBW
.refinery29.com/ Name: _chartbeat2
Value: .1727686521704.1727686521704.1.BCYpQXD0uEgiC6nVh8B4iRa_CQrOwC.1
.refinery29.com/ Name: _cb_svref
Value: external
www.refinery29.com/ Name: sailthru_pageviews
Value: 1
www.refinery29.com/ Name: sessionId
Value: 1727686522254.vax0kvue
.refinery29.com/ Name: _ga
Value: GA1.1.841723337.1727686522
.refinery29.com/ Name: _pin_unauth
Value: dWlkPVpHTXdOelkyWkRjdFlXUTJNeTAwWkRWakxXRmpZbVF0TkRjek1EWm1aREk0TlRRNA
.refinery29.com/ Name: _ga_VFL3LEQ5LG
Value: GS1.1.1727686522.1.0.1727686522.60.0.0
.refinery29.com/ Name: _scid
Value: reWST8LjqH_Exivow7Kkj5_6XskRRSDU
.refinery29.com/ Name: _scid_r
Value: reWST8LjqH_Exivow7Kkj5_6XskRRSDU
.pinterest.com/ Name: ar_debug
Value: 1
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSY5eVQ4WnFPZU1qWHQvUzVKZ3RIN0lsL2VLVXdvSm5XdjVyQzlCaEtKY1hZd0diNFNCWEVCUlJCanhJV2JDd3BDTzBzdG5NeU5HcWVqeUtwM3AzT2dUTmdBTEZOOTZ3ODBXZUZkQWRiQ1podz0mbUpIQ010SkhMZmZQUktkL2ZkdjE3ZW1BZCtNPQ=="
.refinery29.com/ Name: _fbp
Value: fb.1.1727686522391.663722556643755444
.refinery29.com/ Name: ajs_anonymous_id
Value: a6907626-4a82-4720-8cf2-291ad3cb04e6
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172768652247448765
.twitter.com/ Name: guest_id_ads
Value: v1%3A172768652247448765
.twitter.com/ Name: personalization_id
Value: "v1_Z8JrzIcnoCMKGHH9/VdBVQ=="
.twitter.com/ Name: guest_id
Value: v1%3A172768652247448765
.t.co/ Name: muc_ads
Value: 86c8cebe-1609-44e2-9397-adaf60661e42
.t.co/ Name: __cf_bm
Value: 9JG2AM4Ny5MDeYnk7iEVfrBfwR2uDb8_hvTCULXCVRY-1727686522-1.0.1.1-aQo3MUs6FlGWQ049Hm4q0q3g8U.ooAdRdk3T5kjNpHVcSB7kqoJudZWahY9H3JKfIcfHUljhNk4KaIh3BfoePg
.refinery29.com/ Name: _ScCbts
Value: %5B%5D
www.refinery29.com/ Name: sailthru_content
Value: ba6f62b704ed2d211e8a6fc0ba22f051
www.refinery29.com/ Name: sailthru_visitor
Value: 262fe852-75e1-4a8d-866b-c1770ff08ffe
.spot.im/ Name: device_uuid
Value: b2c88900-7095-4b73-896e-2217649fda42
.refinery29.com/ Name: spotim_visitId
Value: {%22visitId%22:%22b2c88900-7095-4b73-896e-2217649fda42%22%2C%22creationDate%22:%22Mon%20Sep%2030%202024%2010:55:23%20GMT+0200%20(Mitteleurop%C3%A4ische%20Sommerzeit)%22%2C%22duration%22:0}
.spot.im/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfOElyYzdGZlo0bFJBIiwiZGlzcGxheV9uYW1lIjoiUGVhY2VmdWxTaGFkZXMiLCJ1c2VyX25hbWUiOiJQZWFjZWZ1bFNoYWRlcyIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNQZWFjZWZ1bC1TaGFkZXMiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJsb2NhdGlvbiI6IiIsImlzX21vZGVyYXRpb25fdmlld2VyIjpmYWxzZSwic3BvdF9pZCI6InNwXzhxeEVwZGR1IiwibGFzdF9jaGVjayI6MTcyNzY4NjUyMywidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTI0MDkzMDlPMFVLTS5jMjA1NGY3YzJiYWJlM2M3ZmZiMjI3OTUzNDgxZjhlN2JmZjgzODc2M2EyMjE1ZmVmODJhZmE5NDI3YWMwNTA2IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX3NNOTU0NGwyS00ySHhsUjdNeFdhIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoic3BvdGltIiwibmV0d29ya19uYW1lIjoic3BvdGltIiwibmV0d29ya19pbWFnZV9pZCI6Imljb24tc3BvdGltXzJ4X21wc250ayIsIm5ldHdvcmtfY29sb3IiOiIjMzA3RkUyIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzU2MTA4NTIzLCJzdWIiOiJ1XzhJcmM3RmZaNGxSQSJ9.YDBDzmnX74KMDfkXjkktJKTU2VRJinQDtpUpuI8kOJA
.ad.gt/ Name: au_3p_check
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://wms-na.amazon-adsystem.com/20070822/GB/js/auto-tagger.js?tag=rf29amazon-21&locale=GB&overwrite=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://c.fqtag.com/tag/implement-r.js?org=wyyD4RGnhdGTMfWepGLG&fmt=banner&rd=https%3A%2F%2Fwww.refinery29.com%2Fen-gb%2Felf-cosmetics-review%3Futm_source%3Demail%26utm_medium%3Deditorial%26utm_content%3Duk%26utm_campaign%3D240929-elf-cosmetics-review%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDq%25EF%25BF%25BD%25EF%25BF%25BDk%25EF%25BF%25BD%25EF%25BF%25BDy%25EF%25BF%25BD%3B%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDk%2F&rt=display&sl=1&fq=1&p=www.refinery29.com
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://www.refinery29.com/en-gb/elf-cosmetics-review?utm_source=email&utm_medium=editorial&utm_content=uk&utm_campaign=240929-elf-cosmetics-review%EF%BF%BD%EF%BF%BD%EF%BF%BDq%EF%BF%BD%EF%BF%BDk%EF%BF%BD%EF%BF%BDy%EF%BF%BD;%EF%BF%BD%EF%BF%BD%EF%BF%BDk/
Message:
Access to XMLHttpRequest at 'https://direct-events-collector.spot.im/api/v2/events?stream_name=init' from origin 'https://www.refinery29.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ad.crwdcntrl.net
ads.pubmatic.com
ads.yieldmo.com
aegis.anonymised.io
ak.sail-horizon.com
analytics.tenmges.refinery29.com
analytics.twitter.com
ap.lijit.com
api-2-0.spot.im
api.sail-personalize.com
api.tenmges.refinery29.com
assets.pinterest.com
bam.nr-data.net
bidder.criteo.com
c.amazon-adsystem.com
c.fqtag.com
cdn-magiclinks.trackonomics.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.privacy-mgmt.com
cdn.segment.com
ce.lijit.com
config.aps.amazon-adsystem.com
connect.facebook.net
ct.pinterest.com
direct-events-collector.spot.im
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
go1.aniview.com
hb-api.omnitagjs.com
hb.openwebmp.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlbid.com
ib.adnxs-simple.com
id.hadron.ad.gt
js-agent.newrelic.com
launcher.spot.im
log.pinterest.com
m.skimresources.com
mab.chartbeat.com
material.anonymised.io
p.skimresources.com
ping.chartbeat.net
pix.spot.im
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.spotim.market
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
publisher-assets.spot.im
r.skimresources.com
region1.analytics.google.com
rtb.openx.net
rumcdn.geoedge.be
s.pinimg.com
s.skimresources.com
sb.scorecardresearch.com
sc-static.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sghb.spotim.market
spot-im-d.openx.net
static-cdn.spot.im
static.ads-twitter.com
static.anonymised.io
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync.adkernel.com
t.co
t.skimresources.com
tags.crwdcntrl.net
tlx.3lift.com
tr.snapchat.com
tr6.snapchat.com
track1.aniview.com
trx-hub.com
visitor.omnitagjs.com
web-statics-cdn.refinery29.com
web.hb.ad.cpe.dotomi.com
wms-na.amazon-adsystem.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.refinery29.com
ad.crwdcntrl.net
direct-events-collector.spot.im
tags.crwdcntrl.net
track1.aniview.com
wms-na.amazon-adsystem.com
103.67.200.72
104.244.42.195
108.138.8.164
13.224.186.120
13.32.27.47
13.35.58.148
151.101.129.55
151.101.193.55
151.101.193.91
151.101.64.84
162.159.140.229
162.247.243.29
163.5.194.32
163.5.194.34
167.235.37.234
172.240.45.75
172.240.45.81
178.32.197.49
18.157.230.4
18.244.18.27
18.245.31.65
18.245.60.124
18.245.60.29
18.66.112.84
18.66.147.27
18.66.147.49
184.30.211.26
185.184.8.90
185.255.84.151
185.255.84.152
185.64.189.112
185.89.211.84
199.232.188.157
2001:4860:4802:32::36
23.35.236.201
2600:1901:0:7628::
2600:9000:223c:f000:7:aedc:4e00:93a1
2600:9000:2359:ea00:e:cdcc:4380:93a1
2600:9000:236e:1200:1d:8c8c:47c0:93a1
2600:9000:2491:9200:4:b37b:9440:93a1
2600:9000:2646:5c00:18:1fcd:354:4b41
2602:803:c003:200::21
2602:816:5001::39
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:445
2a00:1450:4001:803::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c1d::9c
2a02:2638:3::3
2a02:2638:3::39
2a02:26f0:3500:3::b818:4d44
2a02:fa8:8806:21::1780
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::84
2a04:4e42:400::714
2a04:4e42:400::84
2a04:4e42:4e::820
3.161.82.29
3.163.248.4
34.107.217.107
34.117.250.57
34.120.127.138
34.120.63.153
34.196.228.185
34.227.208.232
34.250.181.32
34.98.64.218
35.190.43.134
35.190.59.101
35.190.72.161
35.190.91.160
35.201.67.47
35.227.252.103
45.133.44.3
45.133.44.4
52.10.98.83
52.213.72.128
52.222.236.91
52.49.236.173
52.50.81.5
54.197.49.144
65.9.66.104
75.2.40.13
76.223.111.18
95.101.149.233
03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07d2fef28f9f90958a61b7e1d5c4378f2ba1addc13cc092328462f9a0973937e
083e0546508057cb1c5fc4878232027c3b702b7754c97bac348022cd67ca4417
0879fcaba8016e53140269c53c1a7741110771e68e21326b479acfd205c84b01
0950a1f69cc36f07199cbd0a7e9b8540451465f93c4f52a5103252e762d62996
0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7
0feac81d322833d855ff54fba980e2cbbaad89d6f5e60a1d6c64e1c501852fbe
1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed
1272dca7cfd9ed1d1335d738a2fe09be6cebccec87fabe2b3d4dc111abc43a98
12c8a53ada66a82e9c1ac5dab600e79aa74f0945afb06586c26b3db08e3de1e8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13dccfe951d07a748b0d61c6379ac032ffded5418e1dfc6b32f8c8167a667fbe
14ca75dc9c800aaf07a86c49084ab186b71d7f2a477e48625c2e89be07b013c3
1580703b49de1eacf6b9a3832d3415f64554570f300e32b8f82844247cb863c2
15bbc8833c761bb2b10c807627118f5071a9a9138381f4c6730b42915a8a855b
1665c0edd577ae8c4d0867779a88d15befe5a5126b9590e5364a76f6113501c5
1665ed627fdd8d784808ad95c765070927535a8d9d8618776d82c63e9d27e9ee
167422f9a1a89f8df2d51908c362a3058da461c734bc4323db6ee039c6159f45
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18de2f92c4cd97aaf4b2a950859995b681f1b24fad046e04fac3f16ddcd7dc28
19256d0c7f647ac7dfd1e4cd57e90fa207bc3b53b2240584735fe5ea008ef130
1b2b9a11ab423ff724b4d1e67b226f557ccef9e3480d667b8940c0bd429da8cc
1bded7deabc190fda2fe2b646d2fcc241fd10440a702375c22154776409b572a
1bdf68fa2da2f1b1958416356c34819d5f26da8235aedb55876cd13b6b3d9a83
1c82e7a153bb9250eab8ea6090fdfbf420e89ecaf5a2b7567dff018b89b976e1
1e6cf0ae9456b212b43bffddc6bc3d1c5e9c3d00940563bfcce885aeb2f0beed
1e996f787ec1fc3de2ed8741380926113f912b10ee646f5b7e2d4065e23a659a
21b8cd46744aee7ba46becc2740ec9d24dcea6865622574781d73f92f2ff288a
21bb8ff5960eb6c50d56fdcbf8112fc73086683bb1ca213b108e2282a5de6831
22ef86528d44fe99539473a20c4cdc6c97854c3ac292c4690882a4e83fe417f7
2331fb928e9e4f30e0aa01f8cc2ae9b15b375ada6b30b084ace9533a0a313d66
23ebea2bf52d1e258d30d5969d84585911cc7e05536aa4077e23acd2b9ff3b56
260c4ff5c6b5b694b9b398f57eaa4929295450daedef69f5b943a69dfaa1f2a2
2735444e3ad514ca327cca9f0177c04ffbced1b2612a201f3d1c152f95cce3a2
27414ea251d106225537a6983ca7dec9260034db8e4926032d1313030f2c14f6
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2bebdff9a8d14a584340d840172e79de24abef6002d3ee18f155d108d9b62039
2c2dfe6e5ac215728c72b90926e35a22da1e6a5424094bb20d80bc78c5280f03
2c468e83e946a81e04d1dbb7a40ed421f07099ad343cffcb0ff1e552dab5b707
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8c58d152dcc706c0663dcd7fbcddd8873c09795b0b7a227a5dcc9f8947b0e2
2f03f08aba143992ca4676ea1fe48dcd40abb0cba56a78087f31b0de827c9357
2f6e41f66e70d5e030908e8f8ce058f35a019aaf6eaeabd216cecc9c01745396
2f9520d26f111f4b056ee632480a08195afc1f8292723db1df90c8cde43e0abf
304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5
31033663c1d7003924239848039e367883c116bad3788d1a0e91f57b5b28876f
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126
3270e5c7424325b3910ea21448ea6804ec1e5c560bc4ac50f633f9b8ffba46a5
336e624766f4d2eff6c85301f831bbaf2d640556581d3df97513b13c6aee4e79
345d1a6c51de60f1b1bc0ad74792b4cf90c26af5fe2a77b0a59fdc7c27c9490b
34f8460eddfbd82488a6e3d183b669f2ef432b19ea623e359294d988e924bf80
35e9ccb1d2b7a55ac143b6ba8704e240ae9217d76f1db2cb735501af0b5eb765
36ad7ddb62991d6a8f22dac6cacb980fc427002e2b57859af88571576256e2ab
3790e7a5aad6749077df9d3ad668d73e54626a0357ed0c57938bfaa222bb46d6
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed
39f2e002690dba29d4b3c801ba01944089115cf8820f5124ea12bad71e9162c3
3ad88c87af5fd5dfae6220c118cb871eda074169bbf262938bd339c8448a7675
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c7690197a89a0bca3df58ab494b4fd89610d3a9c4a75b5e234c9788554ebb16
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
40c0177e5862f636a3366a27ebf7d779a7cc297527f666775752d6e5b935d754
41d8dd3122cfbd196e82467c42bf43c43b5a85f08d66e7134f60a88d332254f1
429c468e04f866ee69773dd2d66d9b0ff372c200bfe1d7a7b58eb0f0e4c8dcfb
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4529c1ef78d62024544db9de70b8e3a1e205a89c11079db9cbd9234af888d89b
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
4710bbf612179a2f4f75d675151fa577df0edec3d4355e736978c3bf8d1b37a1
48113d6034b5583001210e46e5b3b9782dc3c177ab26e5eafca3ea5d7b5236cf
488ceaf71204354cd30b4cf226e6e26e70360a2fefa0417cacca873202dfface
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b722df4f2c7d7644424419af60bc483b43099062c54c0db12d94e96b44e4216
4c2b703ac31c50ee544d925d2b7b017f8902c2908c3ef8096762812087b98d0c
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b
54f40adf370f78076ee0efc8c190db7fb777e031c54a9771ff756d96aad3018c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56769e2ae90139ce45c0c3803de15b44cc95a7e114d92305fae6d7f69fa58022
575edff17970a52418f03ae82e9629298cb266a4ed0d6c446de75f7008eb366f
58aece29ac204388dcdd51306337449523673218264c98b3e6aff65b6057213e
591b027f75c01e1d4bb0fd0360fe2c99dfeb332c9f19462c2e1af3abf1440159
593567d422fc48644190a2d5f6b28ee51a85dcfd7da6be123cc3156cb5e015d7
59395593630c937c765fce293bbd3e71a559a4345cc953df838211190de07571
5a35822400fb5e9d95cbc01a42c1807bed8f1fb1ad436dabb0e084172f5deb86
5cb5bb12f14018bbe44f2718091ebf346bd74dad71fd986ec8ed23443172b8cd
5d96eaca742b61edbc2cc651eb79a74b56ee94ce9b5756297c9d3d00e10be6b1
5e8df1f2d678c2b3cf6356c75fb7083149f470e4dba61d341983dc7c6416ed61
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
5f5084c17f11ff76d1f999b39e66e3becd2b75c6cf6ed00c63e9333960495b03
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
644495130c2c225a3c462cef52ac974c8c55db5dddec596af8ac4ccbd185f363
664ea793b11d14b85e39c167d3404271735a2bae369aa89881c3dbb62510f9b9
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced
6b3e8984d410359941d540deeaebf3106843dd8c75a8a8ef07ba2aae3d75aec4
6bf85b78af2c57698124b684059009e5c4fb11b614c94824183f47f79e5a6fe1
6f208c9e9dbf22b84ec4bd3717a89c66d70d38a204368200a34750a4e882cb70
70da92d5438317fd586b45ed6ac224395706fed9686eacb5a2ecf85020f852cc
70ff6b131726a24391337b60d6c45f63b61b17a58ff533b9c6cf79c0c2789bfb
71adaabcda51aff47a367e698b1a231ce49073edcbe20dd33b8c53c2569e0d87
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72bfc1d7ca2927ca0e966143da567506e1347e02dd8cda77c778710415ea532e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
773d4669ddf6a972d5413965cec731c4f39af2c19519ea181a99e0f324babfd7
79e9f1410dfcf6f141bae90a3c3195c275ec390f5d35fce5bcba4b4927a1a7e1
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
7caa9c706169a8418230f53f329ec3b9c1624567d4f21542282d4c42a262c834
7d4afd6bd3f4680c379a05bc0921f214f3565cff0f14226f4999fd368dd7c132
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8422d6185eb88db7e74dbe210cf91d91a8444d8bc583e43682b029efef0aaf17
849ff0db258e5535efd54864361746b78c452c6f0ad39def097fce5d7a062d4e
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
877198ceb279879530b98ddaa05918613f1636a41d0ee1ea11aa26b738e0c8bc
8820f4143a7de019e031f352a07493075bcd55dee2393d253bb01239d33e6af3
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
89083775a105fd1809c0bdc70b8f0bc6f1a66204e3c03573bbd274f7cb06450c
89f9523ed6ee42db29969af142573a35a677d32f880875f4a0ca50c894d9faf3
8af3e315d35d120dd008e9eb06084091f1358839999e1f5fd452b9949d9776b8
8c738fe44dcc53a9105bc99fd7b224095f954350650bfba09d4b5d4fd0a2c46b
8cfb7e7f5b3c8f288b75cc0a9a78887117ab71bb3cc78f0af72fc0470044f346
8cfdc32b795c426f373583227ec3a6444a8f91169fc2508c2fb24989cc13c43d
8fc6ea49fb076738c04a252d29a955561c2f6767474fbbd18461a1527f99f4dc
90273ff1b0b294097fae1f73de02053d422e68a2b9c69833e5c128a21997cd90
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94c6bf29d75024a735daaa728ab032afcd5d6e6266f4d9fb990fdd6919ab68a5
95a5debf033854aa510093ac2334c71a291c43ffc8b5c48433e486a3f412f3d2
981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae
99f71347da1fb77b27076845fc364d7e37f16ae976fd9a67bd22f769a5b68a6a
9a061ecfb7dee9303f28b0b8f05110cb2425c0fcb3aeaf9435f64a4b83e36e91
9a4590b824fb6f8d43f7d21d87206676ab548a6d57d65d25410ef42fef8d0a0d
9af9258b137e7f0d96e6a5b723be64e5f1dff10da5053a16816abe5d925ed175
9b72413bc0e16407a93a071286585f1b0227d6c2f1c70de51f9bf71a81cad49e
9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642
9c8af49ca8b8929d1921986d6f673f81d860a1dd1fd878c29d4ff1796a533e92
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9e4222c3558ac331fdc7985027e9cb1ddb49207ba356aa511dc73706234fcf59
9ecb85e31697a93619b3d59dd5644deb41622514c0c4680e804d07a54a927ca9
a34555c835456da14aa43746608b1dbefcf11baea4e862f4fa3d3480dc43d9fd
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a5f5ec4d014895d5473994645a8b16f27380804918c09a7f7d8856a19d87eae1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab651b30a03d6ef88757b92dd46c5c3ae6c446679258eba411b61163443e3db7
ab692ebd1fc9f40badebf9c37e1f2b4857db1c9c05e38675fbe44a129561b5e5
ab978c762fdaa8725c3622bb6b8e777572a384619b8339bd1bf2c7c4c41fc6b1
ac54d02a25ae7dfc8f67c69892113e554173984e1fe97271e2ef936a3bc7fca2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af80c62a54c13ee667fc2c6e8269bfe684828e4aa7fd3a9705e0e777cc2e2761
b02428d357bda2001de83fb8d4f693592f0348d9f8fd6adb1700ad5bcea20357
b0ee2b1e5281ff25b48ec791dad8c05333f787cd13eb5b17e8647d684a5062b8
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b55c527eca0fa4608b641f04f2ad2c4de03c67edf476a1f07fee88dffe536ef1
b5f579f78deb453ebba4f33ed8b11136a886deda01fa9441ea260a687de47312
b8d5c95452b721ce8c8604ace1a12ed5ed0cc4bb298cfd699504c29b08a13dc0
b9248405b3acab9dc40c5fc49315cf0f38b2ac530e394d945a60319f8f1074b9
b943d4874733e670e89c6cee68e0c55fbd6b1d00f489b963b19b3588d09f9847
b9c010e2daf38cfceee7fffc891dde7eabf6675400ed291de865f35826d7166b
ba555fcd02d602a56995e08ab5571347f369f0bf95bd57b9ee91b87f1a90c5a2
bb470eef962d834599dab789d927e90f2809d6c41a57259e5818b988056176d0
bc6512c2e1b12011f5b6175840005d0a155e00f1ae9475a7c793771235b0fdf1
bc823035ea4af3a6897a2030b99b416a617d3caf19cf4d96fb21bcb73d53bfe7
bda3cdc8fdd4f815ad781fa4a2f2011909fca7f98780d3301c1617343d5129c8
bdcb1178f97c4f90c9d4b0078e989cc53346e95a7a67f5af1e50d3ff51e0e515
be9f103d9adc96a399c3c47c806b1a99e70ea8b560924f0e51bdedda922478f4
bf800886dd4845d29fc5de388363642218fa7236665cd984414a4a2a1607a9e3
c14545eab3af723092389ef69c6a9ee065adeee1312418e52dae59592db1764d
c1ad27795450dffa2b3ffb530a6a66f36cce98180fe34faa4f5da818066b0b5b
c40913898959deb876305198c67290fc6527a25db1a6c28325be92de2bed52cb
c45e27e11d1acb1b08d49a15b3629b8df3c209cf92556777b831e7517617e6ec
c5b09247941b8b953cccb151f60f94cab5e7ace48fa78f737420ec067540e156
c5daadda1c4c2757e68a92a072bce0ac2a3923a0734dcf5e90cc43627c5d0ce8
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c8c060ead23d6182f913beb6caf29659336b5ebe09d2d8e4e437a11248b9e7c0
c933b27d7336ddfbf60583d2f6aeb5e2d4ac5aa9d006aa07b3f9157de998f1de
c9698212c09e034e327b9f30a05c19257552182c95ed3327de39e94b922f2de2
c986e3b2ba9fa7bb7909f4b809191b373e4fa7fb2839ca697e52da6765fa6150
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5b3049da362eb6cd5de082302797d42f568ef1882554832c0715d33c9ae026
cbd0291febbcbd205b0eb6f458c68fdc8dbcbe55b4683e1a54b65c89950e5056
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08da3992e4d77eafa3d9c1ac3ac57a4ee09804b5d39ab975451cb1af9ed8ceb
d24ba79e824335051f5f208b8783a8466b49d1bc563dbc3bd09ba9380daf3dd9
d262580e6766f65ee8db4f7465c47b6473da2e6c63ec8302786f7b55a2b09135
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3e573254f95ff9a37e8b3b91cbee1b95df6171ee1935869d240b9a2b498e5da
d4e90a49be549d9e7d663c3b2b5147d04449f0efed1174cfdf1d048368cbd48f
d53be85195780b39c49893e92fb2a83a8455951e17dda43ebb6fb6294b6d63b8
d8476923e18628ab5964fcbdfc275c1570fed0891be036fb3bfd9cb9eccc594c
da20aad92ff5801fb2533cd2211769e1c39dca54844a9521b33d88654b652f0b
dbf19ba1953101563a5e6b51a0243eaed8c9eb9c7f1a6046cf5edc14e7fe550e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcefe47c37b1606f8c2f07fe2500c08ece8a86495ed10d5903e1a85f41650638
dd16d1f33373ad008d0e5897e7185fd176fc36bc2505b28e853c2c1d5900f84b
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a
dd7dec0ecc59a583992b5def44364f473d9636faa527ea23dad3baf553559954
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de67ae51bc8d62963652060c12aa77245a10d5393eabd1642ae620dcb6884da7
df104b209bc5dea0b8995bc69abcce639be0b24795420d3bbec62fa36b2a30cb
e2688aca6e032dd2c057fcbbe4c16a98785a90e0653086f6d2c6b0c1244e918c
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05
e5dc78e1b83723328691fb691def1aaef95d2a8a1465c8d614a9d3711f998db0
e66b0cf46fd5b859ffe1dca65988cf01c4c2dbc0c7d955c80efea9e2c221828c
ea8a6feac11ff04a6e6810f3e328723cc8040effc3e0476acba7a2574fa82e18
eafa6ec729cd6d3d2d65982e0839d340fa24e6d16f25e322a20499b5089182ec
eafd73bf2e1ff78c1a441307c1ea2f1180b5b078bdeb924a5096e1a66fe87255
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec94fbdfdbd0aa951230ccce7e4b3546ffddf7411121a4fa979fb18d151aa153
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e
eedcaa6452da11dea027dc1886c79b7e7447a5a823401718b23363e85a15c3fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa41faf12342657f397be701d57a99a555b9ca9949eb91544ebaea573a74861
f0161d2339f23d79eb6d4f5e637b80231f67dde4c9fbea7897363faa77708bfa
f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f280a2e38f285caa8e8e3144daf9e7d8fcc39e5347b6c0b948f8e18773d07571
f2b537e44fdc85f1b7526709e66e1788a4058b0579141f092a7f79ac5b54dfe2
f3ae5a060aec846288404f2b139c967c3a1ed540edd996ad29c136fb3a0311bd
fb4ead2b7b86443b57b7846344745bf76f82cebed5347155c996123726caf58d
fc81615fd34840e761389edd85973392f30221b10635bce7dbb76bc94245deb9
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcd876a8f2be07904a3dea9595eac8c552272aa2dcac324e73a27976183017f9
fff7d4a8d62ea3ab4170bf11ba1d85a05f7fc2fb7ee76b08533648d89bb07e95