urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmeticsus.us Open in urlscan Pro
37.72.142.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.elfcosmeticsus.us/
Effective URL: https://www.elfcosmeticsus.us/
Submission Tags: falconsandbox
Submission: On November 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 3 countries across 46 domains to perform 186 HTTP transactions. The main IP is 37.72.142.213, located in Georgia and belongs to MALAKMADZE, GE. The main domain is www.elfcosmeticsus.us.
TLS certificate: Issued by R10 on September 9th 2024. Valid for: 3 months.
This is the only time www.elfcosmeticsus.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 37.72.142.213 199242 (MALAKMADZE)
2 9 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.18.11.236 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:21d... 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
2 104.26.13.205 13335 (CLOUDFLAR...)
4 151.101.1.21 54113 (FASTLY)
1 23.204.17.176 16625 (AKAMAI-AS)
1 108.139.47.37 16509 (AMAZON-02)
6 172.64.149.149 13335 (CLOUDFLAR...)
2 34.98.67.3 396982 (GOOGLE-CL...)
1 192.229.210.155 15133 (EDGECAST)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 151.101.195.1 54113 (FASTLY)
1 2600:9000:280... 16509 (AMAZON-02)
1 142.251.35.164 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 151.101.129.44 54113 (FASTLY)
1 13.226.94.108 16509 (AMAZON-02)
4 7 68.67.160.137 29990 (ASN-APPNEX)
7 9 3.33.220.150 16509 (AMAZON-02)
3 3 142.251.40.194 15169 (GOOGLE)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 1 207.65.37.184 62713 (AS-PUBMATIC)
2 151.101.1.44 54113 (FASTLY)
1 2600:9000:23c... 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
4 12 142.250.176.198 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 34.49.124.132 396982 (GOOGLE-CL...)
8 18.238.80.118 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
4 141.226.224.48 200478 (TABOOLA-AS)
1 142.251.40.200 15169 (GOOGLE)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 157.240.241.1 32934 (FACEBOOK)
2 2a04:4e42::396 54113 (FASTLY)
3 2620:1ec:33::10 8075 (MICROSOFT...)
21 23.48.224.105 20940 (AKAMAI-ASN1)
2 2600:9000:280... 16509 (AMAZON-02)
1 34.120.253.250 396982 (GOOGLE-CL...)
2 104.18.9.17 13335 (CLOUDFLAR...)
1 1 35.174.249.52 14618 (AMAZON-AES)
1 18.238.80.101 16509 (AMAZON-02)
2 2 35.211.202.130 19527 (GOOGLE-2)
13 34.98.72.95 396982 (GOOGLE-CL...)
2 151.101.193.140 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 104.18.8.17 13335 (CLOUDFLAR...)
1 54.236.132.176 14618 (AMAZON-AES)
6 23.56.163.34 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 34.149.118.140 396982 (GOOGLE-CL...)
1 34.120.16.118 396982 (GOOGLE-CL...)
1 34.149.51.242 15169 (GOOGLE)
2 34.149.130.207 396982 (GOOGLE-CL...)
1 2600:1901:0:5... 15169 (GOOGLE)
6 34.111.8.32 396982 (GOOGLE-CL...)
1 2 34.149.254.212 396982 (GOOGLE-CL...)
1 1 107.178.254.65 15169 (GOOGLE)
186 61
8    37.72.142.213 (Georgia)

ASN199242 (MALAKMADZE, GE)
www.elfcosmeticsus.us
9    2606:4700:4400::ac40:9b23 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
1    2606:4700:4400::ac40:9994 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.c1.amplience.net
1    104.18.11.236 (None, )

ASN13335 (CLOUDFLARENET, US)
edge.curalate.com
2    2606:4700:4400::6812:252f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.static.amplience.net
11    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:21dd:5600:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dynamicyield.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
2    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
4    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    23.204.17.176 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-17-176.deploy.static.akamaitechnologies.com
static.ordergroove.com
1    108.139.47.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-37.jfk50.r.cloudfront.net
websdk.appsflyer.com
6    172.64.149.149 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
2    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
ut.rd.linksynergy.com
tags.rd.linksynergy.com
1    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    151.101.195.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    2600:9000:2807:8200:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
st.dynamicyield.com
1    142.251.35.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f4.1e100.net
www.google.com
2    2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
5    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    13.226.94.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-108.jfk52.r.cloudfront.net
t.contentsquare.net
7    68.67.160.137 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
9    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
3    142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
2    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    207.65.37.184 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
pips.taboola.com
1    2600:9000:23cb:600:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.cnnx.link
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
12    142.250.176.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net
10265292.fls.doubleclick.net
ad.doubleclick.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
2    2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
5    34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com
sgtm.elfcosmetics.com
8    18.238.80.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-118.jfk52.r.cloudfront.net
async-px.dynamicyield.com
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c08::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
4    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    142.251.40.200 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f8.1e100.net
www.googletagmanager.com
2    2600:141b:1c00:258b::1931 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
21    23.48.224.105 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-105.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2600:9000:2807:e200:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.jebbit.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
2    104.18.9.17 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn8.eu.inside.chat
1    35.174.249.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-249-52.compute-1.amazonaws.com
pixel.pointmediatracker.com
1    18.238.80.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-101.jfk52.r.cloudfront.net
cdn.blisspointmedia.com
2    35.211.202.130 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
13    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
2    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
alb.reddit.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    104.18.8.17 (None, )

ASN13335 (CLOUDFLARENET, US)
www8.eu.inside.chat
1    54.236.132.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-132-176.compute-1.amazonaws.com
external-api.jebbit.com
6    23.56.163.34 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-34.deploy.static.akamaitechnologies.com
ct.pinterest.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.149.118.140 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 140.118.149.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.120.16.118 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.16.120.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.149.51.242 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 242.51.149.34.bc.googleusercontent.com
view.cdnbasket.net
2    34.149.130.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.130.149.34.bc.googleusercontent.com
pd.cdnwidget.com
idr.cdnwidget.com
1    2600:1901:0:56e0:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
ids.cdnwidget.com
6    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
2    34.149.254.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.254.149.34.bc.googleusercontent.com
pix.cdnwidget.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
Apex Domain
Subdomains		 Transfer
21 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
252 KB
18 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
10265292.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 192
ad.doubleclick.net — Cisco Umbrella Rank: 150
10742279.fls.doubleclick.net — Cisco Umbrella Rank: 359258
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
9231397.fls.doubleclick.net — Cisco Umbrella Rank: 393995
googleads.g.doubleclick.net Failed
5 KB
14 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2308
api.bounceexchange.com — Cisco Umbrella Rank: 2783
394 KB
13 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
psb.taboola.com — Cisco Umbrella Rank: 5951
trc.taboola.com — Cisco Umbrella Rank: 686
trc-events.taboola.com — Cisco Umbrella Rank: 2720
pips.taboola.com — Cisco Umbrella Rank: 1746
cds.taboola.com — Cisco Umbrella Rank: 1697
38 KB
12 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 9046
st.dynamicyield.com — Cisco Umbrella Rank: 8579
async-px.dynamicyield.com — Cisco Umbrella Rank: 9020
258 KB
12 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 13697
cdn.c1.amplience.net — Cisco Umbrella Rank: 27546
cdn.static.amplience.net — Cisco Umbrella Rank: 40972
5 MB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
187 KB
9 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 945
match.adsrvr.org — Cisco Umbrella Rank: 373
6 KB
8 elfcosmeticsus.us
www.elfcosmeticsus.us
2 MB
7 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 479
ib.adnxs.com — Cisco Umbrella Rank: 267
7 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 930
4 KB
6 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2490
1 KB
6 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3226
t.paypal.com — Cisco Umbrella Rank: 3852
126 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
496 KB
5 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2192
593 B
5 cdnwidget.com
pd.cdnwidget.com — Cisco Umbrella Rank: 3732
ids.cdnwidget.com — Cisco Umbrella Rank: 3761
pix.cdnwidget.com — Cisco Umbrella Rank: 4305
idr.cdnwidget.com — Cisco Umbrella Rank: 5386
2 KB
5 elfcosmetics.com
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 154857
4 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 4830
page.cdnbasket.net — Cisco Umbrella Rank: 4844
view.cdnbasket.net — Cisco Umbrella Rank: 4842
1014 B
3 inside.chat
cdn8.eu.inside.chat — Cisco Umbrella Rank: 137286
www8.eu.inside.chat — Cisco Umbrella Rank: 334235
65 KB
3 jebbit.com
js.jebbit.com — Cisco Umbrella Rank: 41381
external-api.jebbit.com — Cisco Umbrella Rank: 38201
61 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
566 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
5 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
761 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 399
889 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 982
25 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
832 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 609
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
12 KB
2 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 9877
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5587
698 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
507 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 751
576 B
1 blisspointmedia.com
cdn.blisspointmedia.com — Cisco Umbrella Rank: 7240
1 KB
1 pointmediatracker.com
pixel.pointmediatracker.com — Cisco Umbrella Rank: 13174
450 B
1 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 3529
6 KB
1 cnnx.link
js.cnnx.link — Cisco Umbrella Rank: 10534
1 KB
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 905
525 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 413
2 KB
1 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3430
88 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
318 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5850
15 KB
1 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 32550
52 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8659
15 KB
1 curalate.com
edge.curalate.com — Cisco Umbrella Rank: 10427
20 KB
186 46
Domain Requested by
21 analytics.tiktok.com www.elfcosmeticsus.us
analytics.tiktok.com
13 assets.bounceexchange.com tag.wknd.ai
assets.bounceexchange.com
11 cdn.cookielaw.org www.elfcosmeticsus.us
cdn.cookielaw.org
9 cdn.media.amplience.net 2 redirects www.elfcosmeticsus.us
8 async-px.dynamicyield.com cdn.dynamicyield.com
8 www.elfcosmeticsus.us www.elfcosmeticsus.us
6 ct.pinterest.com s.pinimg.com
6 match.adsrvr.org 4 redirects www.elfcosmeticsus.us
6 sdk.iad-05.braze.com www.elfcosmeticsus.us
6 www.googletagmanager.com www.elfcosmeticsus.us
www.googletagmanager.com
5 events.bouncex.net
5 sgtm.elfcosmetics.com www.googletagmanager.com
5 secure.adnxs.com 2 redirects www.elfcosmeticsus.us
5 www.paypal.com www.elfcosmeticsus.us
www.paypal.com
4 trc-events.taboola.com cdn.taboola.com
4 10742279.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 ad.doubleclick.net www.elfcosmeticsus.us
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 trc.taboola.com cdn.taboola.com
3 cm.g.doubleclick.net 3 redirects
3 insight.adsrvr.org 3 redirects
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 cdn.dynamicyield.com www.elfcosmeticsus.us
st.dynamicyield.com
2 pix.cdnwidget.com 1 redirects
2 www.facebook.com
2 9231397.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 x.bidswitch.net 2 redirects
2 cdn8.eu.inside.chat www.elfcosmeticsus.us
cdn8.eu.inside.chat
2 js.jebbit.com www.elfcosmeticsus.us
js.jebbit.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 idsync.rlcdn.com 2 redirects
2 analytics.google.com www.elfcosmeticsus.us
2 td.doubleclick.net www.googletagmanager.com
2 10265292.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ib.adnxs.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects www.elfcosmeticsus.us
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 api.ipify.org www.elfcosmeticsus.us
2 cdn.static.amplience.net www.elfcosmeticsus.us
1 idr.cdnwidget.com
1 pippio.com 1 redirects
1 api.bounceexchange.com assets.bounceexchange.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 pd.cdnwidget.com assets.bounceexchange.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 external-api.jebbit.com js.jebbit.com
1 www8.eu.inside.chat cdn8.eu.inside.chat
1 cds.taboola.com cdn.taboola.com
1 alb.reddit.com
1 pixel-config.reddit.com www.redditstatic.com
1 pips.taboola.com cdn.taboola.com
1 cdn.blisspointmedia.com
1 pixel.pointmediatracker.com 1 redirects
1 tag.wknd.ai www.elfcosmeticsus.us
1 tags.rd.linksynergy.com www.elfcosmeticsus.us
1 stats.g.doubleclick.net www.elfcosmeticsus.us
1 js.cnnx.link cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 simage2.pubmatic.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 t.contentsquare.net www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 st.dynamicyield.com www.elfcosmeticsus.us
1 t.paypal.com www.elfcosmeticsus.us
1 geolocation.onetrust.com cdn.cookielaw.org
1 ut.rd.linksynergy.com tag.rmp.rakuten.com
1 websdk.appsflyer.com www.elfcosmeticsus.us
1 static.ordergroove.com www.elfcosmeticsus.us
1 tag.rmp.rakuten.com www.elfcosmeticsus.us
1 edge.curalate.com www.elfcosmeticsus.us
edge.curalate.com
1 cdn.c1.amplience.net www.elfcosmeticsus.us
0 googleads.g.doubleclick.net Failed
186 76
Subject Issuer Validity Valid
www.elfcosmeticsus.us
R10		 2024-09-09 -
2024-12-08		 3 months crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-14		 a year crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-15 -
2025-10-23		 a year crt.sh
edge.curalate.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
cookielaw.org
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M03		 2024-08-18 -
2025-09-16		 a year crt.sh
tag.rmp.rakuten.com
WR3		 2024-09-26 -
2024-12-25		 3 months crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2		 2024-08-09 -
2025-08-20		 a year crt.sh
*.appsflyer.com
Amazon RSA 2048 M03		 2024-02-04 -
2025-03-03		 a year crt.sh
sdk.iad-05.braze.com
WE1		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2024-01-23 -
2025-01-22		 a year crt.sh
geolocation.onetrust.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
t.contentsquare.net
Amazon RSA 2048 M03		 2024-08-13 -
2025-09-10		 a year crt.sh
js.cnnx.link
Amazon RSA 2048 M02		 2024-06-09 -
2025-07-08		 a year crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
sgtm.elfcosmetics.com
WR3		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-14 -
2024-11-12		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.jebbit.com
Amazon RSA 2048 M02		 2024-04-23 -
2025-05-21		 a year crt.sh
tag.wknd.ai
R11		 2024-09-15 -
2024-12-14		 3 months crt.sh
eu.inside.chat
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
assets.bounceexchange.com
WR3		 2024-09-15 -
2024-12-14		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
data.cdnbasket.net
WR3		 2024-10-28 -
2025-01-26		 3 months crt.sh
page.cdnbasket.net
WR3		 2024-09-07 -
2024-12-06		 3 months crt.sh
view.cdnbasket.net
WR3		 2024-11-05 -
2025-02-03		 3 months crt.sh
pd.cdnwidget.com
R11		 2024-09-08 -
2024-12-07		 3 months crt.sh
ids.cdnwidget.com
R11		 2024-09-08 -
2024-12-07		 3 months crt.sh
*.wunderkind.co
R10		 2024-10-01 -
2024-12-30		 3 months crt.sh
idr.cdnwidget.com
R10		 2024-09-08 -
2024-12-07		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://www.elfcosmeticsus.us/
Frame ID: B99139553DD23027472B2C263AE89B6D
Requests: 172 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.12&integrationType=SDK
Frame ID: D20A2E0EA216C9911150779FCCACDB7C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmeticsus.us
Frame ID: 321AA644EFD2DF81D3ACAAE51F998DE8
Requests: 1 HTTP requests in this frame

Frame: https://10265292.fls.doubleclick.net/activityi;dc_pre=CI_f19uuxYkDFfic0QQdCmYpjg;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: 0FFD11792050928143E3E2610863D0E1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: 3F1E65EEA880EBB93AFA9C4FB3ACADF7
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CP-w59uuxYkDFUaG0QQdMOsGsQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: F7831B3E5FD9CDD189DB20AB599D8C66
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: 0D856CA070BD4770473FC3E794C41622
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CNLRzdyuxYkDFTOL0QQdQDgclQ;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: CD59BC2C85CF51D846141E6132B2E186
Requests: 1 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=COWy29yuxYkDFT0jTwgd3sgA2Q;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004702;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: 1F5D9514E4F9D8C4F64B18936D1488E2
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 8AA0A2AE3DB0E18DB95743F61FB27D02
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: CD63DCECB59745A7F5C8ADB1AD1D43DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

e.l.fs. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. Cosmetics

Page URL History Show full URLs

  1. http://www.elfcosmeticsus.us/ HTTP 307
    https://www.elfcosmeticsus.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

186
Requests

94 %
HTTPS

30 %
IPv6

46
Domains

76
Subdomains

61
IPs

3
Countries

8443 kB
Transfer

17541 kB
Size

75
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.elfcosmeticsus.us/ HTTP 307
    https://www.elfcosmeticsus.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080 HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
Request Chain 17
  • https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080 HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
Request Chain 52
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Request Chain 53
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YmY1YmM1NGQtNzg0Mi00NTFkLTlhOTUtZjk4ZTQ4MTRjODBj&gdpr=0&gdpr_consent=&ttd_tdid=bf5bc54d-7842-451d-9a95-f98e4814c80c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=YmY1YmM1NGQtNzg0Mi00NTFkLTlhOTUtZjk4ZTQ4MTRjODBj&gdpr=0&gdpr_consent=&ttd_tdid=bf5bc54d-7842-451d-9a95-f98e4814c80c&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bf5bc54d-7842-451d-9a95-f98e4814c80c&google_error=15 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2I0ZjhhYWYtMWI3OC00YWJlLWFhMTktNzcyMDhiZjAzOTVk&gdpr=0&gdpr_consent=&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208bf0395d HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&google_error=15 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expiration=1733407641&gdpr=0&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expiration=1733407641&gdpr=0&gdpr_consent=&C=1
Request Chain 54
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Request Chain 55
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208bf0395d HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D3b4f8aaf-1b78-4abe-aa19-77208bf0395d HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2817184274968523570&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208bf0395d HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 62
  • https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://10265292.fls.doubleclick.net/activityi;dc_pre=CI_f19uuxYkDFfic0QQdCmYpjg;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 65
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CP-w59uuxYkDFUaG0QQdMOsGsQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 89
  • https://idsync.rlcdn.com/458359.gif?partner_uid=1b84b105-5e6e-4ff5-9215-77c66cf548e0 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDFiODRiMTA1LTVlNmUtNGZmNS05MjE1LTc3YzY2Y2Y1NDhlMBAAGg0Imc2ouQYSBQjoBxAAQgBKAA HTTP 307
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=26bbd131d05edecda0db1d48ad185499830236a258de32d1e54a73c8d0fc4ead6ac34734d8e453ee
Request Chain 103
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CNLRzdyuxYkDFTOL0QQdQDgclQ;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 106
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=17db020e-9f98-45d2-b435-a13eda4360ef&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1814022300 HTTP 302
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif
Request Chain 108
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Request Chain 116
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004702;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=COWy29yuxYkDFT0jTwgd3sgA2Q;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004702;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 173
  • https://pix.cdnwidget.com/redirect?CID=2oQxYBKFXIe4SQ8sXBakgDYEWIh&DID=2oQxYDTnK4TF2AfBdiGL9y7dFV6&v=&iv=&deviceid=6363201125385332221&visitid=1730815644711590&wsid=4142&apikey=2^HIykD HTTP 302
  • https://pippio.com/api/sync?pid=5749 HTTP 307
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Request Chain 187
  • https://www.googleadservices.com/pagead/conversion/698270988/?random=148167278&fst=1730815648056&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&tiba=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&bttype=purchase&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&uip=162.245.206.0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&tag_exp=101823848~101878899~101878944~101925629&s3p=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=545496030&fst=1730815648056&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&tiba=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&uip=162.245.206.0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&tag_exp=101823848~101878899~101878944~101925629&s3p=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCNPFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChEIgKGnuQYQsvLLmf-Zo56BARIdAIF2TynQ0F4-weoVm4FY33Db5IdABI7tKoo1Oxw&pscrd=IhMIhcWZ367FiQMVOwloCB23tTMvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5lbGZjb3NtZXRpY3N1cy51cy8

186 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.elfcosmeticsus.us/
Redirect Chain
  • http://www.elfcosmeticsus.us/
  • https://www.elfcosmeticsus.us/
1019 KB
279 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
fb6f0aea4908f409e88318c237c0056c3fec4e73e99f815d2f20e545bcfa6087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 05 Nov 2024 14:07:16 GMT
etag
W/"66763d5b-feb4f"
last-modified
Sat, 22 Jun 2024 02:56:27 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://www.elfcosmeticsus.us/
Non-Authoritative-Reason
HttpsUpgrades
init.js
www.elfcosmeticsus.us/XT4Gy2ig/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:07:17 GMT
content-type
text/html
server
nginx
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmeticsus.us
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmeticsus.us
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
0624_HPTILE_SPOTLIGHT_SOFTGLAM_D
cdn.media.amplience.net/v/elfcosmetics/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddf771e6fd5c0ff146456f571d974f1a9f5f0aa8ac76f271aeda939bcc075c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
MISS
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
RI6y2x3tD,l4p5bDg2e,lTTxSknl0,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
p3uzEANf6Q
x-amp-source-height
520
x-amp-cf-worker
true
cf-ray
8ddd68c57c460fb5-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
24426
x-amp-published
Mon, 06 May 2024 23:46:56 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
truncated
/ 		37 B
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
ELF_Bronzer_HomepageTile_Comments_1440x1040
cdn.media.amplience.net/v/elfcosmetics/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
MISS
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
image/jpeg
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
bwyX4gLvj,l4p5bDg2e,X_K2lO9lh,k4NPUWi7z
cache-control
s-maxage=86400, max-age=1800
x-req-id
66oY_j1fxi
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8ddd68c57c490fb5-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
37661
x-amp-published
Wed, 05 Jun 2024 19:29:20 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
elf-skin-logo_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/elf-skin-logo_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4526135c25caf69aa3b5ae9c0d208f0f71c4ad23a51a3dacc5875d784f39bf89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
MISS
x-amp-source-width
289
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
iXKo416cD,l4p5bDg2e,xPkOqKkZZ,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
6BTji47-cm
x-amp-source-height
257
x-amp-cf-worker
true
cf-ray
8ddd68c57c4a0fb5-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
2803
x-amp-published
Tue, 02 Apr 2024 23:34:45 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/ 		553 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9994 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
s-maxage=1800, max-age=120
content-encoding
gzip
cf-cache-status
HIT
age
1229
cf-ray
8ddd68c59eee2ab8-LAX
access-control-allow-origin
*
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=1800
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Nov 2024 13:29:26 GMT
vary
Accept-Encoding
server
cloudflare
soft-glam-satin-2024-5-spotlights_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-spotlights_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
MISS
x-amp-source-width
2880
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
image/webp
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
duPuIM7RN,l4p5bDg2e,KQtgulBJr,DtzGFM5oJ
cache-control
s-maxage=86400, max-age=1800
x-req-id
i1vxw4Vqhv
x-amp-source-height
1700
x-amp-cf-worker
true
cf-ray
8ddd68c57c4b0fb5-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
150302
x-amp-published
Mon, 20 May 2024 23:26:06 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
soft-glam-satin-2024-5-background_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-background_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51db2800976ae0311153917c1b90973847211e03c6cafddade13410f9ea3ece0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
MISS
x-amp-source-width
2880
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
o1m8F6mmu,l4p5bDg2e,4wgAmq7JA,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
GFGv763Nhf
x-amp-source-height
662
x-amp-cf-worker
true
cf-ray
8ddd68c57c4d0fb5-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
3526
x-amp-published
Mon, 20 May 2024 23:26:15 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
go-wild-bronzies-2024-06-10-headline-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/go-wild-bronzies-2024-06-10-headline-1_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b60bb652094955b45736f763e9240f61f944c699831d13f14b34721d6560b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
MISS
x-amp-source-width
1136
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
4_KhEaCg0,l4p5bDg2e,QzFMFH4vh,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
r1gKs84_4U
x-amp-source-height
245
x-amp-cf-worker
true
cf-ray
8ddd68c57c4e0fb5-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
31390
x-amp-published
Mon, 03 Jun 2024 23:31:19 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
vendor1a41.js
www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/ 		2 MB
717 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"667540a4-2335b5"
expires
Wed, 06 Nov 2024 02:07:17 GMT
date
Tue, 05 Nov 2024 14:07:17 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 08:58:12 GMT
server
nginx
vary
Accept-Encoding
main1a41.js
www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/ 		2 MB
569 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"66754098-1eb0e7"
expires
Wed, 06 Nov 2024 02:07:17 GMT
date
Tue, 05 Nov 2024 14:07:17 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 08:58:00 GMT
server
nginx
vary
Accept-Encoding
pages-home1a41.js
www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/pages-home1a41.js?yocs=1u_1y_
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"66754099-14c9"
expires
Wed, 06 Nov 2024 02:07:17 GMT
date
Tue, 05 Nov 2024 14:07:17 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 08:58:01 GMT
server
nginx
vary
Accept-Encoding
site.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/ 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"50d92f85574de50a7d4a214fa4131720"
x-amz-version-id
.qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr
age
72
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
content-type
application/javascript
last-modified
Fri, 07 Jun 2024 18:56:15 GMT
vary
Accept-Encoding
x-amz-id-2
ecrdJdLmjBEMndr+z4/0I1ubBWRzk51d+krqqlKuhb2lKmCLxjR0miL1sDszQOpemd3NhdB/JSg=
x-amz-replication-status
COMPLETED
cache-control
max-age=1800,s-maxage=1800
x-amz-request-id
PKQMV8XEDV9JZ3ZK
cf-ray
8ddd68c71f0b2f69-LAX
server
cloudflare
x-amz-server-side-encryption
AES256
ELF_Bronzer_HomepageTile_Comments_1440x1040
cdn.media.amplience.net/v/elfcosmetics/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49764ec01740feb1948116ed1f841b74efb21ff4c074d8e7d9927db585a5ea04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
MISS
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
4tFG1rHSW,l4p5bDg2e,X_K2lO9lh,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
xFn7Ii3Ppz
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8ddd68c67d760fb5-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
13690
x-amp-published
Wed, 05 Jun 2024 19:29:20 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080
  • https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
2606:4700:4400::6812:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
x-amz-version-id
null
etag
"f9cd69df864aaabae94e683234b307a4"
access-control-allow-methods
GET, HEAD
date
Tue, 05 Nov 2024 14:07:18 GMT
content-type
video/mp4
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 06 May 2024 23:46:56 GMT
x-amz-id-2
ckf6svQCdY9fUiKmZA05QS8pG0bruoBRl3UcLsa4PozCPzcFljOVHGDiHAJI8FiWnhcAozLtPOo=
Content-Range
bytes 0-2539191/2539192
x-amz-request-id
FH59B6YSAJDMZE86
cf-ray
8ddd68c958307cf1-LAX
access-control-allow-origin
*
Content-Length
2539192
server
cloudflare

Redirect headers

cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
Nqa1bYrSJ,l4p5bDg2e,lTTxSknl0
cache-control
s-maxage=86400, max-age=1800
location
https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
x-amp-cf-worker
true
cf-ray
8ddd68c68d890fb5-LAX
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
x-amp-srv
CF
server
cloudflare
b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080
  • https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
2606:4700:4400::6812:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
x-amz-version-id
null
etag
"bb4f3cb26295704a9279f0ebaaaca661"
access-control-allow-methods
GET, HEAD
date
Tue, 05 Nov 2024 14:07:18 GMT
content-type
video/mp4
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 05 Jun 2024 19:29:19 GMT
x-amz-id-2
6WKv8+kqAFpSRpBGGNGSXCruAVwMRI0qgyo4WFe8VyEnCxqo7b1txQiw6j5Pg/yag0yGZAezEjQ=
Content-Range
bytes 0-1946953/1946954
x-amz-request-id
FH5BB68JFB166DQB
cf-ray
8ddd68c9582c7cf1-LAX
access-control-allow-origin
*
Content-Length
1946954
server
cloudflare

Redirect headers

cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:17 GMT
edge-control
max-age=86400
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
RJ2EA5tGN,l4p5bDg2e,X_K2lO9lh
cache-control
s-maxage=86400, max-age=1800
location
https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
x-amp-cf-worker
true
cf-ray
8ddd68c68d8b0fb5-LAX
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
x-amp-srv
CF
server
cloudflare
experience.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/ 		0
0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCFC9F5ED5E337
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
44209
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
application/javascript
last-modified
Mon, 04 Nov 2024 07:07:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ae139fa6-f01e-00d5-73d5-2edb57000000
cf-ray
8ddd68d0db601000-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
gtm.js
www.googletagmanager.com/ 		552 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
670100fdff5d70442f026e50e0e8917e1efde3e595e2f3bd65a8a3fd8b3bc53f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 05 Nov 2024 14:07:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
146118
x-xss-protection
0
server
Google Tag Manager
api_dynamic.js
cdn.dynamicyield.com/api/8772046/ 		572 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
031891366cb372682dad9fd5caab813101f2e6cf0554376b28413cf277d29dd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=30
content-encoding
gzip
etag
W/"6768bb3660d73c681249a7dcb6add360"
age
7
via
1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
-DTwoywLI49TakaG0pdYEP4cv77r9PGYSJdith63JY138wqT2PXMmA==
date
Tue, 05 Nov 2024 14:07:13 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Nov 2024 12:52:47 GMT
server
DYCDN
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
api_static.js
cdn.dynamicyield.com/api/8772046/ 		395 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
72ff5a1f7f8d2a84d8976552d8a42bb69c9ff70656b0c902af9c57902de5b3c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=28800
content-encoding
gzip
etag
W/"15bb49298c3e6444486bceb2176f1eaa"
age
19476
via
1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
n06wiuxrzqFUfLyQ-DgFPiOj55LY1QngOSDYn3257v4bWr8YFNnPAA==
date
Tue, 05 Nov 2024 08:42:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 15:26:16 GMT
server
DYCDN
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
110221.ct.js
tag.rmp.rakuten.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
a4082e2251f7f6b4f042842260bac0fb0a9ad35e03752c79f2aabbe18f458d85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=86400
content-encoding
gzip
x-samesite
secure
via
1.1 google
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
hit
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
text/javascript
last-modified
Tue, 05 Nov 2024 14:07:19 GMT
/
api.ipify.org/ 		24 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a51c02ded3766cce9d32ec5d0829a6f762d321ac17d1e1b2451e193625e8313

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ddd68d12aa4092c-LAX
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=72570&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3968&recv_bytes=2242&delivery_rate=55502&cwnd=253&unsent_bytes=0&cid=441e675579252aa3&ts=172&x=0"
content-length
24
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api.ipify.org/ 		24 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a51c02ded3766cce9d32ec5d0829a6f762d321ac17d1e1b2451e193625e8313

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ddd68d22baf092c-LAX
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=72348&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4332&recv_bytes=2303&delivery_rate=55502&cwnd=256&unsent_bytes=0&cid=441e675579252aa3&ts=324&x=0"
content-length
24
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
application/json
vary
Origin
server
cloudflare
js
www.paypal.com/sdk/ 		425 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fa4a24e56a5f43d0a2382698cabcd2605b99d72bfc04510e148775bc91347eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f9480946e20f2
content-encoding
gzip
etag
W/"1d85c-vSAYDxzp7DNTcynG/Z16cKn0qwE"
age
8689
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f9480946e20f2-eeaada35b6e3ca28-01
server-timing
"traceparent;desc="00-0000000000000000000f9480946e20f2-23ae146c60dc9fa3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-bur-kbur8200156-BUR, cache-bur-kbur8200156-BUR
x-cache-hits
2, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730815639.248025,VS0,VE4
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
120924
x-xss-protection
1; mode=block
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.17.176 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-17-176.deploy.static.akamaitechnologies.com
Software
nginx / Express
Resource Hash
0c22692fd69ca82d18566270bcbf1bd4c8b2f53fcc163cbd2dbffd6dfd0f8c5e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Strict-Transport-Security
max-age=15768000
Vary
Accept-Encoding
Cache-Control
must-revalidate, max-age=900
Content-Encoding
gzip
Connection
keep-alive
Expires
Tue, 05 Nov 2024 14:22:19 GMT
Access-Control-Allow-Origin
*
Content-Length
53116
Date
Tue, 05 Nov 2024 14:07:19 GMT
Content-Type
application/javascript;charset=UTF-8
X-Powered-By
Express
Server
nginx
X-Frame-Options
SAMEORIGIN
/
websdk.appsflyer.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-37.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-cf-pop
JFK50-P1
content-encoding
br
etag
W/"7ee104753099f9f00003724eb0a4c433"
age
2002
via
1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yI7vUzxd0ERePgx9CZVqs4ZrjyRLiX-lOLXkwwvJ-IU7zoRSoS7yCQ==
date
Tue, 05 Nov 2024 13:33:58 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Tue, 01 Oct 2024 07:07:49 GMT
x-amz-server-side-encryption
AES256
authorize
www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		548 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=GOxy3XsrHmOkzgre_lLRjAMZfoSzadMqEAJN1jVaj2k
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
text/html
server
nginx
/
sdk.iad-05.braze.com/api/v3/data/ 		709 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ce398755176d7bb65a5a106fd0e3a165297640d7f21323c1509c5d5a0fe794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmeticsus.us/
X-Braze-TriggersRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
85700fa1-e627-46e4-91fd-8f8233e03267
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"c3ce398755176d7bb65a5a106fd0e3a1"
access-control-allow-methods
POST, GET
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.451716
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1730815641
cf-ray
8ddd68d3afbe2aac-LAX
x-ratelimit-remaining
491.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8ddd68d2aecd2aac-LAX
content-encoding
gzip
date
Tue, 05 Nov 2024 14:07:19 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
aY7kJA0jlzEL9QWHODNZDw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA5D566A7B63C
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:07:19 GMT
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:25:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
c6645a48-e01e-00a7-2285-29aa69000000
cf-ray
8ddd68d2689a100f-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
1832
x-ms-blob-type
BlockBlob
server
cloudflare
jsp
ut.rd.linksynergy.com/ 		148 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/110221.ct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
b6eb2a8922105cc7773fbdcaaf0d8a14a3074a7765a5a86f8314ed757c12a2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
date
Tue, 05 Nov 2024 14:07:20 GMT
x-samesite
secure
content-type
text/plain; charset=utf-8
local
www.paypal.com/credit-presentment/experiments/ Frame D20A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.12&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lac/55A7) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
61032
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1525
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
correlation-id
09782978a3a86
date
Tue, 05 Nov 2024 14:07:19 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"1479-ja17EHo6zEJH7yS4xSzusGhAbHs"
last-modified
Mon, 04 Nov 2024 21:10:08 GMT
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
09782978a3a86
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (lac/55A7)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000009782978a3a86-dca8cfb1d2508213-01
vary
Accept-Encoding
x-cache
HIT
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmeticsus.us&t=xo&v=5.0.463&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ffhLnTf/AS26j+xiEoyKiZuVcAf7mTEKFNCPITfsRaz/RgfQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

paypal-debug-id
f9374340bc1ce
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
56245
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f9374340bc1ce-2a1abfa82573356c-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-bur-kbur8200156-BUR, cache-bur-kbur8200156-BUR
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ffhLnTf/AS26j+xiEoyKiZuVcAf7mTEKFNCPITfsRaz/RgfQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730815640.585985,VS0,VE5
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		71 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8ddd68d63ba67c2a-LAX
access-control-allow-origin
*
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
ts
t.paypal.com/ 		42 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1730815639717&g=600&completeurl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&ru=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f397c5aeeb87f
correlation-id
f397c5aeeb87f
expires
Tue, 05 Nov 2024 14:07:20 GMT
traceparent
00-0000000000000000000f397c5aeeb87f-712460578517ef3b-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000f397c5aeeb87f-c81005142fab19cb-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200125-BUR
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1730815640.037576,VS0,VE42
via
1.1 varnish
accept-ranges
bytes
authorize
www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		548 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=9cDYj28ZOKFyg7j94U4wAVAlI_hDPNDYNq9MdVej0dA
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:07:19 GMT
content-type
text/html
server
nginx
st
st.dynamicyield.com/ 		160 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=un2etqaej7fd0j9268cjnr1ryb6ckplu&ref=&scriptVersion=2.44.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:8200:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7bba9d275e45b01f602d977f57a9a5b85c53e5fbb49778fdf08248805433429e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
content-encoding
gzip
via
1.1 bcba63317be8c4e9a4e9a6f5ec2b6c14.cloudfront.net (CloudFront)
expires
Tue, 05 Nov 2024 14:07:19 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-amz-cf-id
JiEhOUS3tmK43h9aDlfbqGUf5PIQ306boMi9xFwQpIXZPmOY3WNvLQ==
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P6
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee66778dba8431b64c285bbfcc94d437a298b46e129512f2371e3c7d13a2bcd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
58773
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=461723
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
68f325c9-c01e-007c-2313-240ebf000000
cf-ray
8ddd68d7db461000-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cd5544b8b64680ce3c136ed86a694a364dc6bbb272252f83ceeb30627a9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmeticsus.us/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
29
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
5b430f76-392b-4a21-a1cd-4700a7e5fda8
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"81cd5544b8b64680ce3c136ed86a694a"
access-control-allow-methods
POST, GET
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.055356
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1730815641
cf-ray
8ddd68d8fd662aac-LAX
x-ratelimit-remaining
483.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ 		20 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmeticsus.us/
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
28
X-Braze-FeatureFlagsRequest
true
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
cdb62104-9519-4368-ac98-972730d12f8e
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"e92f434a50c76d6e52d0d3cc91cdf185"
access-control-allow-methods
POST, GET
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.052588
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1730815641
cf-ray
8ddd68d8fd622aac-LAX
x-ratelimit-remaining
486.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8ddd68d7ec2b2aac-LAX
content-encoding
gzip
date
Tue, 05 Nov 2024 14:07:20 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8ddd68d7ec2e2aac-LAX
content-encoding
gzip
date
Tue, 05 Nov 2024 14:07:20 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		315 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af30ad09ee7c61a2827e7df6838b13fb1c8a63b46d781c979c0906b5de54bb89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 05 Nov 2024 14:07:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107588
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1495882517.1730815640&auid=1010929284.1730815640&npa=0&gtm=45He4au0v896608294za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730815640318&tfd=3875&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options
nosniff
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires
Tue, 05 Nov 2024 14:07:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
destination
www.googletagmanager.com/gtag/ 		229 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6c946495756908ed51228da25f1282815c6a71e8e045a8c43d28d71c92e44a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 05 Nov 2024 14:07:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83645
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75af44c111fb56615680a1ace75c374177bb7f7d1a6bc7132227df732be79443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 05 Nov 2024 14:07:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85011
x-xss-protection
0
server
Google Tag Manager
tfa.js
cdn.taboola.com/libtrc/unip/1691051/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
902be7e3440e4c3a980af18149fdaedc6bacb12e778d070683bf7ada4f8ff606

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
"adb5c9ead829e9477719146e238a6c9e"
x-amz-version-id
yEdOa1CqhNvZuF0vXSiObR9ghJ8Ym0aq
age
75
x-cache
HIT
date
Tue, 05 Nov 2024 14:07:20 GMT
last-modified
Sun, 03 Nov 2024 11:10:53 GMT
x-served-by
cache-bur-kbur8200154-BUR
x-cache-hits
0
content-type
application/javascript; charset=utf-8
x-amz-id-2
Pq2T+w3LPGGyn/hoGSelyNs9Puq5dqAVAbxapF4vYz459ojN36BW0NU9uQiuzk7S2HRj/4Juolw=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1730815641.543861,VS0,VE3
via
1.1 varnish
x-amz-request-id
P1R101HF7BC8GEEW
accept-ranges
bytes
access-control-allow-origin
*
abp
88
content-length
25631
server
AmazonS3
x-amz-server-side-encryption
AES256
1a8bfa042c9c5.js
t.contentsquare.net/uxa/ 		371 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-108.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dc33809c863fbdc63a5ba93cd0bbe8e10f205991697350cf44b14a5572a83ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
etag
"7b2fb62ade7a1c27cef402b5eea0ceb1"
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
_Ixw2Z7pk_6tylNCw_9H_99ugeZcglu4PejZzbJpE8t2LX-yjGqY2Q==
date
Tue, 05 Nov 2024 13:36:21 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding, Origin
last-modified
Wed, 30 Oct 2024 13:35:12 GMT
cache-control
max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 362959a363a9e00db2805e8d1241fa20.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
89847
x-amz-cf-pop
JFK52-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
68.67.160.137 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.249; 162.245.206.249; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
e454e6d5-f763-4361-a95f-a549dba68939
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:07:20 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.249; 162.245.206.249; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
7865b383-65a9-4514-ab55-d11c1dc1bddd
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:07:20 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YmY1YmM1NGQtNzg0Mi00NTFkLTlhOTUtZjk4ZTQ4MTRjODBj&gdpr=0&gdpr_consent=&ttd_tdid=bf5bc54d-7842-451d-9a95-f98e4...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=YmY1YmM1NGQtNzg0Mi00NTFkLTlhOTUtZjk4ZTQ4MTRjODBj&gdpr=0&gdpr_consent=&ttd_tdid=bf5bc54d-7842-451d-9a95-f98...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bf5bc54d-7842-451d-9a95-f98e4814c80c&google_error=15
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2I0ZjhhYWYtMWI3OC00YWJlLWFhMTktNzcyMDhiZjAzOTVk&gdpr=0&gdpr_consent=&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&google_error=15
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expiration=1733407641&gdpr=0&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expiration=1733407641&gdpr=0&gdpr_consent=&C=1
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expiration=1733407641&gdpr=0&gdpr_consent=&C=1
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FQv5SzCPQ%2F6Zt5VNZmY5pWx47Xp4uTT6RZmMesra8j07MSS4xzYnCl1FMwdMBZj5XCi1efVK5LlFctbZRkuii4CjevZYV%2FBQ9PVRVqNkAIWalyUJY5My1B%2BSFIOiNEd6G%2FpMQYmf0YCbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddd68e39d8e7d86-LAX
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 05 Nov 2024 14:07:22 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/rum?cm_dsp_id=39&external_user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expiration=1733407641&gdpr=0&gdpr_consent=&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avjtrRfr5XjnsS3IhCEuVdw3cGQBYz9MEoAQ%2B%2FaH8fFS9mLwH0Va5hfkNkTLgNiutT5aNI4c9Tv84O8SWIJbsdT9cRzYkB9dOPFtjGgGHU%2FOWeK%2F09WVao0ZD0ulzODzdcp%2Bb6qOof%2BUng%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddd68e2fd007d86-LAX
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 05 Nov 2024 14:07:22 GMT
vary
Accept-Encoding
server
cloudflare
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
68.67.160.137 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.249; 162.245.206.249; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
10a590e6-9f80-4227-80ac-76633e3531da
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:07:20 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.249; 162.245.206.249; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
b3d765a8-7b18-4775-90df-e50933fa4e39
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:07:20 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208bf0395d
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D3b4f8aaf-1b78-4abe-aa19-77208bf0395d
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2817184274968523570&ttd_tdid=3b4f8aaf-1b78-4abe-aa19-77208bf0395d
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
70
date
Tue, 05 Nov 2024 14:07:22 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 05 Nov 2024 14:07:22 GMT
server
nginx
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 321A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmeticsus.us
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:20 GMT
expires
Wed, 05 Nov 2025 14:07:20 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-4242-7b08-962b-1b36bd38c178/ 		230 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-4242-7b08-962b-1b36bd38c178/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fcec3362c6e4f01b70b0c1b03c3892318f16ba44995683422daeb59552642c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
KPGY3GMDj7sSbC8xjf6+Kw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA5D56C43B421
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 14:07:20 GMT
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:25:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
99c8748a-401e-0044-6a2c-2d4fe6000000
cf-ray
8ddd68d9182e100f-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
40699
x-ms-blob-type
BlockBlob
server
cloudflare
topics_api
psb.taboola.com/ 		65 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1730815641.864008,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-lax-kwhp1940086-LAX
server
Varnish
x-cache-hits
0
cnxtag-min.js
js.cnnx.link/roi/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:600:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
max-age=600
content-encoding
gzip
age
376
via
1.1 google, 1.1 e60ffc5cb1078c77d0ecabfc06b14cd0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
UbJemogdX1HkNp-BjTq4gYujuOija9vEtoniiua487n5kMh-FGdrCQ==
date
Tue, 05 Nov 2024 14:01:04 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
JFK50-P1
unip
trc.taboola.com/1691051/log/3/ 		0
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Fwww.elfcosmeticsus.us%252F&data=%257B%2522timestamp%2522%253A%252211%252F5%252F2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1730815640610&mrir=u&vi=1730815640598&cv=20241102-3-RELEASE&tos=8&ssd=1&scd=0&it=JS_PIXEL&psb=true
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 05 Nov 2024 14:07:20 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200154-BUR
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
910
pragma
no-cache
x-timer
S1730815641.893301,VS0,VE4
x-vcl-time-ms
4
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.elfcosmeticsus.us
x-service-version
v1
server
nginx
unip
trc.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Fwww.elfcosmeticsus.us%252F&data=%257B%2522timestamp%2522%253A%252211%252F5%252F2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1730815640610&mrir=u&vi=1730815640598&cv=20241102-3-RELEASE&tos=8&ssd=1&scd=0&it=JS_PIXEL&psb=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmeticsus.us
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 05 Nov 2024 14:07:20 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-to-nlb-rtt
702
x-served-by
cache-bur-kbur8200037-BUR
x-service-version
v1
x-timer
S1730815641.819308,VS0,VE2
x-vcl-time-ms
2
activityi;dc_pre=CI_f19uuxYkDFfic0QQdCmYpjg;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
10265292.fls.doubleclick.net/ Frame 0FFD
Redirect Chain
  • https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
  • https://10265292.fls.doubleclick.net/activityi;dc_pre=CI_f19uuxYkDFfic0QQdCmYpjg;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10265292.fls.doubleclick.net/activityi;dc_pre=CI_f19uuxYkDFfic0QQdCmYpjg;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
369
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:21 GMT
expires
Tue, 05 Nov 2024 14:07:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10265292.fls.doubleclick.net/activityi;dc_pre=CI_f19uuxYkDFfic0QQdCmYpjg;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=...
td.doubleclick.net/td/fls/rul/ Frame 3F1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10265292;type=conte0;cat=homep0;ord=3695894012324;npa=0;auiddc=1010929284.1730815640;ps=1;pcor=1048176601;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:07:20 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"6792274348241251264"}],"aggregatable_trigger_data":[{"filters":[{"14":["10220349"]}],"key_piece":"0xa5a65f0fe11f4bdd","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x64e3eafd3534fec8","not_filters":{"14":["10220349"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6410697289542289803","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6792274348241251264","filters":[{"14":["10220349"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6792274348241251264","filters":[{"14":["10220349"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6792274348241251264","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6792274348241251264","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10265292"]}}
content-type
image/png
x-xss-protection
0
server
cafe
activityi;dc_pre=CP-w59uuxYkDFUaG0QQdMOsGsQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;u...
10742279.fls.doubleclick.net/ Frame F783
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=8210758...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CP-w59uuxYkDFUaG0QQdMOsGsQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfc...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CP-w59uuxYkDFUaG0QQdMOsGsQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
377
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:21 GMT
expires
Tue, 05 Nov 2024 14:07:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CP-w59uuxYkDFUaG0QQdMOsGsQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;ua...
td.doubleclick.net/td/fls/rul/ Frame 0D85 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafv...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flhp;ord=5863236644879;npa=0;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=82107581;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:07:21 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"18102616217813264656"}],"aggregatable_trigger_data":[{"filters":[{"14":["12142143"]}],"key_piece":"0x4ebbd8ce23de2c1b","source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]},{"key_piece":"0x2d398dcd9707c6e2","not_filters":{"14":["12142143"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20457392":34,"20457393":34,"20457394":34,"20457395":3345,"21":6356,"22981708":131,"22981709":131,"22981710":131,"22981711":12713,"24748276":32,"24748277":32,"24748278":32,"24748279":3177,"628477676":32,"628477677":32,"628477678":32,"628477679":3177,"628627208":32,"628627209":32,"628627210":32,"628627211":3177,"642003348":32,"642003349":32,"642003350":32,"642003351":3177,"642003440":32,"642003441":32,"642003442":32,"642003443":3177,"642887056":65,"642887057":65,"642887058":65,"642887059":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"9887547132846956693","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"18102616217813264656","filters":[{"14":["12142143"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"18102616217813264656","filters":[{"14":["12142143"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"18102616217813264656","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"18102616217813264656","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10742279"]}}
content-type
image/png
x-xss-protection
0
server
cafe
collect
sgtm.elfcosmetics.com/g/ 		694 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1348800163.1730815641&ecid=1669047066&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.rnd=1495882517.1730815640&sst.adr=1&sst.ude=0&_s=1&sid=1730815640&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4508&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0f548aae1077d2026e94c4d109d920c5911b0a5543f7d99d4771bf5722165b83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
text/plain
server
Google Frontend
collect
sgtm.elfcosmetics.com/g/ 		65 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1348800163.1730815641&ecid=1669047066&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.rnd=1495882517.1730815640&sst.adr=1&sst.ude=0&_s=2&sid=1730815640&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=pageview&ep.vendor_id=pinterest&ep.email=&ep.event_id=1730816529392_17308165227889&ep.external_id=&ep.pinterest_pixel_id=549755876323&_et=5&tfd=4526&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
text/plain
server
Google Frontend
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.44.0/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Requested by
Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=un2etqaej7fd0j9268cjnr1ryb6ckplu&ref=&scriptVersion=2.44.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
2ec6c83ec1824898d15400462916551bf6761d2772bc3baec5b8fba523e03eb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"90e4adaea90c4ceca44f62f926a57eab"
age
184317
via
1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
nYmwl_mBWCjE-YjCverTFV-4OjaMnYucEXc6fhO5mZBV1OBYsYMuMw==
date
Sun, 03 Nov 2024 10:55:25 GMT
content-type
text/javascript
last-modified
Sun, 13 Oct 2024 09:14:17 GMT
server
DYCDN
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56B3084E2
x-ms-lease-status
unlocked
cf-cache-status
HIT
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
6c32a2f1-801e-00bc-6585-2984fb000000
cf-ray
8ddd68dcbc6a100f-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
3003
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
LtDYZmcfPNW39lMw/Yu0RQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56C7CC8BB
x-ms-lease-status
unlocked
cf-cache-status
HIT
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
9fbf8ef9-901e-0046-2c60-2b4d1c000000
cf-ray
8ddd68dcbc6d100f-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
12723
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
051f6356-f01e-00d5-4d85-29db57000000
cf-ray
8ddd68dcbc6e100f-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
www-widgetapi.js
www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
age
32278
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 05:09:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 05:09:23 GMT
last-modified
Wed, 30 Oct 2024 04:17:07 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10143
x-xss-protection
0
server
sffe
uia
async-px.dynamicyield.com/ 		0
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1730815641256
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 bf4deffb26a744d2f90bfb71c1b673b2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
w0dayZkOgNiKFE2hF_zRcCp0omyHMHIOejdt530T9spbyjLcTX1LwQ==
date
Tue, 05 Nov 2024 14:07:21 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=568184&uid=-3134505098400881000&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=b813d6c2e1e739e8a37e69e736df6bf6&expSes=79358&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8592033227884631785&cgtgDecisionId=8592033228268778306&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730815640277&rri=7442196
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 bf4deffb26a744d2f90bfb71c1b673b2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
aWmEtbw07Wm_rvcWOCcPBphge1DUtrEBtIBFOuJ2aK2Ryv02eRwZ0Q==
date
Tue, 05 Nov 2024 14:07:21 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=392061&uid=-3134505098400881000&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=b813d6c2e1e739e8a37e69e736df6bf6&expSes=79358&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8592033225095171286&cgtgDecisionId=8592033228262444296&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730815640278&rri=3955387
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 bf4deffb26a744d2f90bfb71c1b673b2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
NZNIdrjbFwHNnDHBtigEYeihaYsKTHfDKh7WplUnB2cg4b_-GECq6w==
date
Tue, 05 Nov 2024 14:07:21 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=37441&uid=-3134505098400881000&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=b813d6c2e1e739e8a37e69e736df6bf6&expSes=79358&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8592033224987137886&cgtgDecisionId=8592033228392120862&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730815640279&rri=195498
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 bf4deffb26a744d2f90bfb71c1b673b2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
x4H9-RJpXPoSMf2GqlSDiz14Kjebt85iNBmAfmalzDXgFweSe7S8PQ==
date
Tue, 05 Nov 2024 14:07:21 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=663367&uid=-3134505098400881000&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28207095%5D&ses=b813d6c2e1e739e8a37e69e736df6bf6&expSes=79358&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8592033228688428982&cgtgDecisionId=8592033225267245829&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730815640280&rri=97806
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 bf4deffb26a744d2f90bfb71c1b673b2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
_OeAfpgenFy_9lqk4IROsmZ_LkzQ9IIdWEoUHAbhSKJR6K8OB3kvaw==
date
Tue, 05 Nov 2024 14:07:21 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=963002&uid=-3134505098400881000&sec=8772046&t=ri&e=1750936&p=1&ve=13617998&va=%5B28818377%5D&ses=b813d6c2e1e739e8a37e69e736df6bf6&expSes=79358&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8592033225034856391&cgtgDecisionId=8592033225110093515&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730815640281&rri=804085
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 bf4deffb26a744d2f90bfb71c1b673b2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
YUO7_DNF6OUsOIuButvKCRbI_81Qf1HYgCRaVAXhKFIKoMw9l7Xcrg==
date
Tue, 05 Nov 2024 14:07:21 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=52594&uid=-3134505098400881000&sec=8772046&t=ri&e=1750954&p=1&ve=13618112&va=%5B28973875%5D&ses=b813d6c2e1e739e8a37e69e736df6bf6&expSes=79358&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=8592033227210120912&cgtgDecisionId=8592033226951303482&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730815640281&rri=5773220
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 bf4deffb26a744d2f90bfb71c1b673b2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
AkgezszkeNULXEcrlSZGctI_JwkFKhCux7sC_RC5jeh7N4YSGL9cxQ==
date
Tue, 05 Nov 2024 14:07:21 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
82573
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
image/svg+xml
last-modified
Sat, 02 Nov 2024 02:18:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
812d9f92-a01e-0001-4157-2d9277000000
cf-ray
8ddd68de7bcf1000-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
image/svg+xml
last-modified
Mon, 04 Nov 2024 17:30:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
a0d8a51a-f01e-009a-7760-2f1f4f000000
cf-ray
8ddd68de9e61100f-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCFAE4A9298BCE
age
77917
cf-cache-status
HIT
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
image/png
last-modified
Sat, 02 Nov 2024 02:18:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
d61733a2-b01e-0096-2852-2df1be000000
cf-ray
8ddd68debc0b1000-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
4036
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
5133
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
image/svg+xml
last-modified
Mon, 04 Nov 2024 07:07:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c8c8d831-b01e-00fb-2ede-2e5b90000000
cf-ray
8ddd68debc0d1000-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
batch
async-px.dynamicyield.com/ 		0
384 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1730815641363_5627
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-118.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
jRGzw6pdDD09sgUgBu4BL2Hb_L6y3RyO9jForJylgBLs0g1JO_w9Mw==
date
Tue, 05 Nov 2024 14:07:22 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
collect
analytics.google.com/g/s/ 		0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.google.com/g/s/collect?dma=0&npa=0&gcs=G111&gcd=13t3t3t3t5l1&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&tag_exp=101823848~101878899~101878944~101925629&_gsid=5D80LRC85NKE0YcrqdqIj21VfR8Dq8kA
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=0&npa=0&gcs=G111&gcd=13t3t3t3t5l1&tid=G-5D80LRC85N&cid=Tv2ToJmjW%2BoXAsB7GXX81jh2LP%2FVwr%2F1nr1e5x2n%2BOs%3D.1730815641&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&tag_exp=101823848~101878899~101878944~101925629&aip=1
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:21 GMT
content-type
text/plain
server
Golfe2
cs
tags.rd.linksynergy.com/
Redirect Chain
  • https://idsync.rlcdn.com/458359.gif?partner_uid=1b84b105-5e6e-4ff5-9215-77c66cf548e0
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDFiODRiMTA1LTVlNmUtNGZmNS05MjE1LTc3YzY2Y2Y1NDhlMBAAGg0Imc2ouQYSBQjoBxAAQgBKAA
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=26bbd131d05edecda0db1d48ad185499830236a258de32d1e54a73c8d0fc4ead6ac34734d8e453ee
37 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=26bbd131d05edecda0db1d48ad185499830236a258de32d1e54a73c8d0fc4ead6ac34734d8e453ee
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Tue, 05 Nov 2024 14:07:22 GMT
x-samesite
secure
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=26bbd131d05edecda0db1d48ad185499830236a258de32d1e54a73c8d0fc4ead6ac34734d8e453ee
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 05 Nov 2024 14:07:21 GMT
unip
trc-events.taboola.com/1691051/log/3/ 		0
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1727&scd=0&ssd=1&est=1730815640602&ver=36&isls=true&src=i&invt=1500&msa=3297&rv=1&tim=1730815642330&mrir=u&vi=1730815640598&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-origin
https://www.elfcosmeticsus.us
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 05 Nov 2024 14:07:23 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1727&scd=0&ssd=1&est=1730815640602&ver=36&isls=true&src=i&invt=1500&msa=3297&rv=1&tim=1730815642330&mrir=u&vi=1730815640598&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmeticsus.us
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 05 Nov 2024 14:07:23 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
destination
www.googletagmanager.com/gtag/ 		229 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.200 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
04334c34f7229a84060088639a8d17485457ebc64ab8561ee5b3c0d9eea1da0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 05 Nov 2024 14:07:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83635
x-xss-protection
0
server
Google Tag Manager
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:258b::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
82750f27be03d4b9e57a91dfa19180873ddbb22dd81aba6854dd7b7ea08c1e9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
86400
cache-control
max-age=7200
access-control-expose-headers
X-CDN
content-encoding
br
etag
"ff059a8682cea8fb697d8b71b2e62b93"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
1879
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-6yyxX4cF' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-6yyxX4cF' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
MODERATE; q=0.3, rtt=157, rtx=0, c=26, mss=1232, tbw=8308, tp=15, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
/2ZzuL7sF4iO6hJSisAvyTCo45x10jfPEWvGbLAkVwkkekpiyU62n+49pZTJLBFUMYGNPJO6qJFBHvn+9pCEAg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Tue, 05 Nov 2024 14:07:23 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0AEFF97CFB324FAB9C94A6FB3A48237C Ref B: LAXEDGE1707 Ref C: 2024-11-05T14:07:23Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
json
trc.taboola.com/1691051/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1691051/trc/3/json?tim=1730815642711&data=%7B%22id%22%3A229%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1730815640598%2C%22cv%22%3A%2220241102-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Delfcosmetics-sccnx%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1730815642710%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22tos%22%3A2107%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8e8937329a5e80c3bc2548bb977f5b412aeff1ac9abd9f00ce804a714ba2bdc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 05 Nov 2024 14:07:22 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-bur-kbur8200154-BUR
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
887
x-timer
S1730815643.755461,VS0,VE12
x-vcl-time-ms
12
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.17325
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
events.js
analytics.tiktok.com/i18n/pixel/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3d42bf8ac5acf2201b231087ffc10134ff57df335baf6182d69a6786dc6d155e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires
Tue, 05 Nov 2024 14:07:23 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=38, origin; dur=8, inner; dur=3
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
17d0f94f.3043ef0a
x-tt-trace-host
0118a3145b56de05206e89162174ff475cde8b29451a7448e8ff6c9f9d9bc7b193ed9947fd51ea3c7a9e2545f1969d193e5f92b9331c12054cc859bf7f66f5ddce792e5f548ebb6a2c3ef7e79c62278a99b5213f3587691c3af3d5e49741e352faf774972631c75961a21128bf4120a649
x-origin-response-time
8,23.218.220.145
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2411051407230978138B7B06E3B8A712-2750B6E3675CBE64-00
content-length
2426
x-parent-response-time
28,23.195.36.73
x-tt-logid
202411051407230978138B7B06E3B8A712
server
nginx
events.js
analytics.tiktok.com/i18n/pixel/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
505055f4069ad1e3da1addb9f24df73d5c6db6937b071b56015216704acd07c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires
Tue, 05 Nov 2024 14:07:23 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=9, origin; dur=8, inner; dur=5
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
17d0f893.3043ef09
x-tt-trace-host
0118a3145b56de05206e89162174ff475cde8b29451a7448e8ff6c9f9d9bc7b193ed9947fd51ea3c7a9e2545f1969d193ef1b12decbde15bee4cb2f20a18dd3c18c4ed991a56c1ea6622db06923c46ce3d42a794251b4941f485a8c1224500b078e9393b98111d2772c31a628bb74325b5
x-origin-response-time
9,23.218.220.145
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2411051407231E68BC0994B54F82A2D6-1EEE44A453298FC0-00
content-length
2401
x-parent-response-time
16,23.195.36.73
x-tt-logid
202411051407231E68BC0994B54F82A2D6
server
nginx
widget.js
js.jebbit.com/companion/v1/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:e200:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
M.fQKrXkVHcvymDK9D8bU4BvoS660wdj
etag
"9ee6264c1a592ca4976fb94c91ef8c87"
age
47404
via
1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
45384
x-amz-cf-id
IgQ4SXnYTVYtgWyuQ9GWZDxffnPOO1oMsAvd_fLu8l6Hx80W3_Q5LA==
date
Tue, 05 Nov 2024 00:57:20 GMT
content-type
text/javascript
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
i.js
tag.wknd.ai/4142/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/4142/i.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
de9c3c4ac891a0938c75ce0f455c92bfd86ca7adaf1aebcda0888f817b243cd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
e8a95b77284131
age
54
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:06:29 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
cache-control
public,max-age=60
timing-allow-origin
*
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
access-control-allow-origin
*
content-length
5949
server
istio-envoy
x-region
us-central1
include.js
cdn8.eu.inside.chat/gtm/IN-1011171-EC/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"01e251ada13db1:0"
age
483
cf-cache-status
HIT
expires
Tue, 05 Nov 2024 15:07:23 GMT
cf-polished
origSize=38567
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 08:15:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=3600
cf-ray
8ddd68e9d97adbd1-LAX
server
cloudflare
activityi;dc_pre=CNLRzdyuxYkDFTOL0QQdQDgclQ;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;...
10742279.fls.doubleclick.net/ Frame CD59
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=19055933...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CNLRzdyuxYkDFTOL0QQdQDgclQ;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfco...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CNLRzdyuxYkDFTOL0QQdQDgclQ;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
379
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:23 GMT
expires
Tue, 05 Nov 2024 14:07:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CNLRzdyuxYkDFTOL0QQdQDgclQ;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
sgtm.elfcosmetics.com/g/ 		350 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1348800163.1730815641&ecid=1669047066&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=IA&sst.rnd=1495882517.1730815640&sst.adr=1&sst.ude=0&_s=3&sid=1730815640&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=view_promotion&ep.promotions=%5Bobject%20Object%5D&ep.promotion_name=2024-04-makeupRemoverAcneFocus-tile2%20-%20Banner%20Side%20By%20Side%20(v2)&ep.promotion_id=51900033-4b71-48b7-9139-a1faa2b92b79&ep.creative_name=Banner%20Side-by-Side&_et=2&tfd=6306&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
aec35878546fa0cd152b7bddac4e953952216849d12b60960feff0ce8a0b7fd2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:22 GMT
content-type
text/plain
server
Google Frontend
collect
sgtm.elfcosmetics.com/g/ 		65 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1348800163.1730815641&ecid=1669047066&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=1495882517.1730815640&sst.adr=1&sst.ude=0&_s=4&sid=1730815640&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&ep.vendor_id=facebook&ep.event_id=1730816529392_173081652278828&ep.email=&ep.phone=&ep.facebook_pixel_id=1638306756445368&_et=1771&tfd=6306&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
text/plain
server
Google Frontend
pixel.gif
cdn.blisspointmedia.com/assets/img/
Redirect Chain
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=17db020e-9f98-45d2-b435-a13eda4360ef&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=un...
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif
807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blisspointmedia.com/assets/img/pixel.gif
Protocol
H2
Server
18.238.80.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-101.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
null
etag
"18b3e43abad26bdac6f4cea944777b62"
age
29578
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
807
x-amz-cf-id
H9G1H-zvpHTZ9b0eE6QTiz8Nxf7ps0tm3zWoHSeAkehHvnEUK6tjIw==
date
Tue, 05 Nov 2024 05:54:27 GMT
content-type
image/gif
last-modified
Mon, 08 Apr 2019 16:24:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5

Redirect headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
location
https://cdn.blisspointmedia.com/assets/img/pixel.gif
x-amz-apigw-id
Axr4UEl2IAMENVg=
x-amzn-trace-id
Root=1-672a269b-2cebf52405e642a150ef7e76;Parent=4b3b2d07f51a3e09;Sampled=0;Lineage=1:07bbc27a:0
x-amzn-requestid
23279f09-742d-44f6-b1a0-43c0da628fec
access-control-allow-origin
*
content-length
2
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/json
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.249; 162.245.206.249; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
619dc5bc-572e-4e1e-8214-935edd7681c3
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:07:22 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=3b4f8aaf-1b78-4abe-aa19-77208bf0395d&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
70
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
image/gif
server
Kestrel

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:23 GMT
activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;uaa=;uab=;uaf...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=643499785258;npa=1;auiddc=1010929284.1730815640;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1905593303;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:07:22 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"5172020981385849206"}],"aggregatable_trigger_data":[{"filters":[{"14":["12119809"]}],"key_piece":"0xc590256f79404a73","source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]},{"key_piece":"0x42ca465d2505809f","not_filters":{"14":["12119809"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20457392":34,"20457393":34,"20457394":34,"20457395":3345,"21":6356,"22981708":131,"22981709":131,"22981710":131,"22981711":12713,"24748276":32,"24748277":32,"24748278":32,"24748279":3177,"628477676":32,"628477677":32,"628477678":32,"628477679":3177,"628627208":32,"628627209":32,"628627210":32,"628627211":3177,"642003348":32,"642003349":32,"642003350":32,"642003351":3177,"642003440":32,"642003441":32,"642003442":32,"642003443":3177,"642887056":65,"642887057":65,"642887058":65,"642887059":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6008264949432370434","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5172020981385849206","filters":[{"14":["12119809"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5172020981385849206","filters":[{"14":["12119809"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5172020981385849206","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5172020981385849206","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10742279"]}}
content-type
image/png
x-xss-protection
0
server
cafe
logger
www.paypal.com/xoplatform/logger/api/ 		982 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86c24ea8fc0b45f10691129152f3d471c05a4265841725b98549f401e2260712
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmeticsus.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f10613781c88a
content-encoding
br
etag
W/"3d6-jO5nH7Ot0jM+JdVze+hFnpr7Bm8"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f10613781c88a-65d6babef559b6fe-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-bur-kbur8200156-BUR, cache-bur-kbur8200156-BUR
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730815643.107953,VS0,VE65
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.elfcosmeticsus.us
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.elfcosmeticsus.us
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 05 Nov 2024 14:07:23 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f1061375a06c6
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f1061375a06c6-ef71831e2cba25db-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-bur-kbur8200156-BUR, cache-bur-kbur8200156-BUR
x-timer
S1730815643.996280,VS0,VE38
favicon.ico
www.elfcosmeticsus.us/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
text/html
server
nginx
collect
analytics.google.com/g/s/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.google.com/g/s/collect?dma=0&npa=0&gcs=G111&gcd=13t3t3t3t5l1&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&tag_exp=101823848~101878899~101878944~101925629&_gsid=5D80LRC85Nnbw1BS2rCNxeFkiumOCGjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
text/plain
server
Golfe2
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
2511
x-cache
HIT
date
Tue, 05 Nov 2024 14:07:23 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-bur-kbur8200154-BUR
x-cache-hits
2916
content-type
application/javascript
x-amz-id-2
SACt85CI0K5OLAHhszwHrwb8pbnWwEvvTFoIIJdCNtNj52zCqttY2wweih/7jBqm+Sr+WDLdnBHbS+13We6M/MUq/6IhO9bT
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1730815643.064105,VS0,VE0
via
1.1 varnish
x-amz-request-id
4SBPEX2WQATCY4Q8
accept-ranges
bytes
access-control-allow-origin
*
abp
86
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
"2fdf3e79d5e851201a0d52a886453d8b"
x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
age
6818
x-cache
HIT
x-tbl-debug
bestatus=200,beresp=OK
date
Tue, 05 Nov 2024 14:07:23 GMT
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
x-served-by
cache-bur-kbur8200154-BUR
x-cache-hits
4812
content-type
application/javascript
x-amz-id-2
v1ILSaCeIi0DxI83Bwhmib6K7CptYBwLAmkt5g4rVQ2c9DhFIxbkuKVLkL5lYc85r3/OYhBs3jM=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1730815643.064093,VS0,VE0
via
1.1 varnish
x-amz-request-id
TB150GK9NF1159T6
accept-ranges
bytes
access-control-allow-origin
*
abp
22
content-length
6467
server
AmazonS3
x-amz-server-side-encryption
AES256
activityi;dc_pre=COWy29yuxYkDFT0jTwgd3sgA2Q;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=117400470...
9231397.fls.doubleclick.net/ Frame 1F5D
Redirect Chain
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004...
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=COWy29yuxYkDFT0jTwgd3sgA2Q;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=un...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9231397.fls.doubleclick.net/activityi;dc_pre=COWy29yuxYkDFT0jTwgd3sgA2Q;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004702;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
445
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:23 GMT
expires
Tue, 05 Nov 2024 14:07:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9231397.fls.doubleclick.net/activityi;dc_pre=COWy29yuxYkDFT0jTwgd3sgA2Q;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004702;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004702;uaa=;uab=;u...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=1820217871217;npa=1;auiddc=1010929284.1730815640;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1174004702;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:07:23 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"4308251234855330716"}],"aggregatable_trigger_data":[{"filters":[{"14":["8259474"]}],"key_piece":"0xb9654a92cc244722","source_keys":["12","13","14","15","16","17","18","19","20","21","22938932","22938933","22938934","22938935","628473576","628473577","628473578","628473579","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","641998712","641998713","641998714","641998715","642025028","642025029","642025030","642025031","643969340","643969341","643969342","643969343"]},{"key_piece":"0x8e35906a51ae25c0","not_filters":{"14":["8259474"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22938932","22938933","22938934","22938935","628473576","628473577","628473578","628473579","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","641998712","641998713","641998714","641998715","642025028","642025029","642025030","642025031","643969340","643969341","643969342","643969343"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22938932":34,"22938933":34,"22938934":34,"22938935":3345,"628473576":32,"628473577":32,"628473578":32,"628473579":3177,"628795380":32,"628795381":32,"628795382":32,"628795383":3177,"628812176":32,"628812177":32,"628812178":32,"628812179":3177,"641998712":32,"641998713":32,"641998714":32,"641998715":3177,"642025028":34,"642025029":34,"642025030":34,"642025031":3345,"643969340":32,"643969341":32,"643969342":32,"643969343":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"160428797466912415","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4308251234855330716","filters":[{"14":["8259474"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"4308251234855330716","filters":[{"14":["8259474"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"4308251234855330716","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"4308251234855330716","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9231397"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
pips.taboola.com/ 		4 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store
retry-after
0
access-control-allow-methods
GET
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.elfcosmeticsus.us
x-cache
HIT
content-length
4
date
Tue, 05 Nov 2024 14:07:23 GMT
x-served-by
cache-lax-kwhp1940086-LAX
server
Varnish
x-cache-hits
0
runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		908 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=zwy9lg==, md5=HCxXU9+1dkCoulTxEZNLMA==
etag
"1c2c5753dfb57640a8ba54f111934b30"
age
43565
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
509
date
Tue, 05 Nov 2024 02:01:18 GMT
last-modified
Thu, 31 Oct 2024 19:40:36 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY0_t_5UHUL1e7WVgHjb6UaJfPJeEO4T33wx_DuXIrfoaKymYe0bWef7pUuh-xC_p6Df0A8
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403635956853
content-length
509
server
UploadServer
config
pixel-config.reddit.com/pixels/t2_16331p/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_16331p/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/json
t2_16331p_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1730815643222&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=974f436e0968fd42f0e8a1706750aac3726a1240b5ee9996554c53910cc1ff22&uuid=0cb2721b-eb72-428b-8799-67efb618aec5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
image/gif
server
Varnish
ig.js
cdn8.eu.inside.chat/ 		167 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat/ig.js
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf055e03c860dd88d9d4017203050548dc930d6b78749b07320c9b08f3625071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=3600
content-encoding
gzip
cf-cache-status
HIT
etag
75fd15fd6fcf6083994b9a43ad8e8323
age
336
cf-ray
8ddd68ea6a1ddbd1-LAX
expires
Tue, 05 Nov 2024 15:07:23 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
59762
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-origin
*
cache-control
no-store
date
Tue, 05 Nov 2024 14:07:23 GMT
server
nginx
5013978.js
bat.bing.com/p/action/ 		364 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5013978.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B102681744614ED18275FFB8B19451A2 Ref B: LAXEDGE1707 Ref C: 2024-11-05T14:07:23Z
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
main.be180668.js
s.pinimg.com/ct/lib/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.be180668.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:258b::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3afb9988267a380488bd5d0cc82ef645c2c96093316c97c10b636a8c09b0682b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
86400
cache-control
max-age=1209600
access-control-expose-headers
X-CDN
content-encoding
br
etag
"826854c5f0c7214ebf36eaa3251aac05"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
23668
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=ff843ab4-7e6e-4806-978f-13a8e1209fe1&bo=1&sid=477777109b7f11efa93c09b83a87efab&vid=4777b9c09b7f11efa056fffeaef925da&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&p=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&r=&lt=6236&evt=pageLoad&sv=1&cdb=AQER&rn=328823
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2CF4643B2C4846E7BDFA8B82BD326789 Ref B: LAXEDGE1707 Ref C: 2024-11-05T14:07:23Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 14:07:23 GMT
1638306756445368
connect.facebook.net/signals/config/ 		79 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1638306756445368?v=2.9.176&r=stable&domain=www.elfcosmeticsus.us&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
495808ac63ddcd70c9653d0a4dc69a597fe6d9ed1533c18b462ad94674de9358
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-4HzSM1sn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-4HzSM1sn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=135, rtx=0, c=68, mss=1232, tbw=74132, tp=71, tpl=0, uplat=78, ullat=0
pragma
public
x-fb-debug
dpApecsd7bzVudpiWWxPzlWfxxxvUhw0yISS7eMj6qTTsKerwJ7DjiJwyRFwF0BuiBepHXille+hTfF1v4JUGQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
main.MTJhNGMzN2YwNQ.js
analytics.tiktok.com/i18n/pixel/static/ 		350 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7cd07294a7b2b1c8137a93017307064ecd0f5fb556ef021e042066806e8560f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
TCP_MEM_HIT from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=20
x-tt-trace-id
00-24102412350339897BB2FAC7C74978ED-1A204E1C6631F9D5-00
content-length
99569
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024102412350339897BB2FAC7C74978ED
server
nginx
x-akamai-request-id
3043f691
x-tt-trace-host
0171bc69b3367def9fb53618dd5a34509244df9033fa61602c0bd47356d1d9a228b304ab4a3ba152716f29b920fb1d5a6a7b36bcc3b0ad8d98be1a5beba75b559031e9da832dbc9d3853fa01c5be888fba0a938073437552d8963be3152237cef4
main.MTJhNGMzN2YwNA.js
analytics.tiktok.com/i18n/pixel/static/ 		345 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e59685c749b3371cb179b9b671415513a21b3024ab9e7fe98622a09400950bad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
TCP_MEM_HIT from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-2410241235082921887E2B94ED8CB875-795D32709BAFF682-00
content-length
97918
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202410241235082921887E2B94ED8CB875
server
nginx
x-akamai-request-id
3043f76d
x-tt-trace-host
01ea44b0c4d09044608bc6acc061547fe94606cbf5f71cb21c783ce66f62040bb6f40af87c390873e1d1c9d88da33b7691d6f2266b715a41755ef7d0ed1c5c77ec5d3f960991798713168586ec15d2e0b0369fda99086bd871cd9fd20796911d90
config
www8.eu.inside.chat/ 		4 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Fwww.elfcosmeticsus.us&sid=1&j=1
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8ddd68ecae3f2aaa-LAX
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=86400
content-length
4
p3p
CP="insert_p3p_privacy_policy_here"
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/json; charset=UTF-8
last-modified
Sat, 01 Jan 2000 00:00:00 GMT
server
cloudflare
widget.css
js.jebbit.com/companion/v1/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.css
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:e200:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
fgLtE0C.phC7FjS26Fxc9wt33wvWl9V5
etag
"c2b625a2843069c776e8a618c90b952a"
age
70399
via
1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15522
x-amz-cf-id
4bgZ2NdqOU2gAJ8tXCCSbLUJzY768DmkbBPL7C_ShPk_qCuicwIn0g==
date
Mon, 04 Nov 2024 18:34:05 GMT
content-type
text/css
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
launcher_configs
external-api.jebbit.com/moments/v2/ 		2 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzdXMudXMlMkY=&completedLightboxCampaigns=W10=&jebbitCookies=
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.132.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-132-176.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

surrogate-control
no-store
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-content-type-options
nosniff
expires
0
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-dns-prefetch-control
off
pragma
no-cache
access-control-allow-credentials
true
x-download-options
noopen
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
2
x-xss-protection
1; mode=block
/
ct.pinterest.com/user/ 		321 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1730815643535&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
95867cf336d993c3e77a2a8bd167e3f7
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=600
date
Tue, 05 Nov 2024 14:07:24 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPVpERXdPVE5tTlRNdE16QmxZUzAwWVRJMExXSTJaR1l0WWpRME9Ea3pNVFU1WWpWaw
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
186
akamai-grn
0.6724c317.1730815644.302b58b6
x-pinterest-rid
1667969094992212
/
ct.pinterest.com/user/ 		321 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221730816529392_173081652278828%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1730815643537&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
077bebbbf7f673b5e30bcd5111a22f9c
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Tue, 05 Nov 2024 14:07:24 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPVlUTXlOVFExT1RRdE5EWm1NUzAwTUdVMExXRmpNVGt0TXpZek5qaGhNekkyTTJSaQ
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
186
akamai-grn
0.6724c317.1730815644.302b58b7
x-pinterest-rid
1636039581942534
/
ct.pinterest.com/v3/ 		35 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1730815643538
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-pinterest-rid-128bit
a6f552a006fd18f7a50cdc2047cac33f
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Tue, 05 Nov 2024 14:07:24 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
35
akamai-grn
0.6724c317.1730815644.302b58bd
x-pinterest-rid
1189312274718017
main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		523 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1896b06be97eca5aad535cab0f7ed231162345d36268d0145bd2b05ee5651a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=W+J82g==, md5=+T3IbaBawv6BCFAaGQBTOg==
etag
"f93dc86da05ac2fe8108501a1900533a"
age
37340
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
115941
date
Tue, 05 Nov 2024 03:45:03 GMT
last-modified
Thu, 31 Oct 2024 19:40:22 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY10sn3GECMDPKROB5jAXNte4jV2N7klNl0bOxzhBs3URO_1CiG9TxFfaGWjcGRk_3bZLxEWCZUFZw
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403622446972
content-length
115941
server
UploadServer
cjs_min_3a843477d8e318f67237a66d0a58c542.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
gzip
x-goog-hash
crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
etag
"1eb885454ea6bef1c9747800702959de"
age
34668
ad-auction-allowed
true
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
15748
date
Tue, 05 Nov 2024 04:29:35 GMT
last-modified
Mon, 22 Apr 2024 20:59:52 GMT
content-type
text/javascript; charset=utf-8
x-guploader-uploadid
AHmUCY2hb1l6F6TrSaxcm2taa6uq0KWAyq-xi_Zihh-MaaEedu4YcebLrS4omoEQ5vzG0OH7Exc
cache-control
public,max-age=31536000,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1713819592631797
content-length
15748
server
UploadServer
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&rl=&if=false&ts=1730815643717&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730815643708.575674240792518324&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1730815643438&coo=false&eid=1730816529392_173081652278828&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=2958, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 05 Nov 2024 14:07:24 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&rl=&if=false&ts=1730815643717&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730815643708.575674240792518324&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1730815643438&coo=false&eid=1730816529392_173081652278828&tm=1&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433796588074858257"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433796588074858257"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa230b3a6a6e8856b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1521466687872304"]},"debug_reporting":true,"debug_key":"3370076307522191897"}
date
Tue, 05 Nov 2024 14:07:24 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
hM77yPUiwAzRMppcT9mv7mINCH4OTrbZZmX7jIigwJfIRifywEbHj7uhpNA9TczRu1ztfKRib4DCKioPZ5sdbg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433796588074858257", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=3272, tp=-1, tpl=-1, uplat=84, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.118.140 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
140.118.149.34.bc.googleusercontent.com
Software
/
Resource Hash
88bebcfb16b45d33f19953265ad03487f11fd4d70b74e5cf60cf33777d05340a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Access-Control-Allow-Origin
*
Date
Tue, 05 Nov 2024 14:07:24 GMT
Content-Type
application/json
Access-Control-Allow-Headers
Origin, Content-Type, Accept
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.16.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.16.120.34.bc.googleusercontent.com
Software
/
Resource Hash
333e62715e266d0c761ffa44237843334e5d536b379a13e80cf1438a6ee214af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Access-Control-Allow-Origin
*
Date
Tue, 05 Nov 2024 14:07:24 GMT
Content-Type
application/json
Access-Control-Allow-Headers
Origin, Content-Type, Accept
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.51.242 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
242.51.149.34.bc.googleusercontent.com
Software
/
Resource Hash
89b7d37cc50a451c2fbaaaf1b08d016204527b2dace3ef9985d9cb78c97f9eff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Access-Control-Allow-Origin
*
Date
Tue, 05 Nov 2024 14:07:24 GMT
Content-Type
application/json
Access-Control-Allow-Headers
Origin, Content-Type, Accept
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
TCP_MEM_HIT from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id
00-240902013042E3BF92C6CFD0482EC8A7-3FA9457F5571CBA6-00
content-length
39536
date
Tue, 05 Nov 2024 14:07:23 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240902013042E3BF92C6CFD0482EC8A7
server
nginx
x-akamai-request-id
30440528
x-tt-trace-host
01a96a7034fbdb4b487f0fb9f0a4e0d58938abc93557356c70cc36f3fce3c5e8cd7f9a7062b685a42ecc2d54793dd892fefd817d57b8957554199dac08225d4f590c1319d89c5057178de5d2d5254e4f695eee7169f13fb3cd153fdd85addea388
monitor
analytics.tiktok.com/api/v2/ 		0
719 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=19, cdn-cache; desc=MISS, edge; dur=6, origin; dur=30
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
30440591
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36a50a0763c943ffb0541d1a31c864dab0a0de3589f89bb690f811aa37cc033e0a37f4cdd185046445cbf36c1de7ce09ce1aa473e33974b001b0dcf8b693d25a304
x-origin-response-time
31,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724EB32BCA27EA562BD0F0B-495C27A4507A7266-00
content-length
0
x-tt-logid
20241105140724EB32BCA27EA562BD0F0B
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
720 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=16, cdn-cache; desc=MISS, edge; dur=4, origin; dur=26
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304405a1
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36a9060d24f2739b56c6aedd2270e3e55472b333488666c87ae91c0855c5422d618dc31da80e77e2f60b713933141834fc507156f936d4b9e34b859306ea5472590
x-origin-response-time
26,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724D90CCB65564C5AB8A120-62F95A5F52F43E0E-00
content-length
0
x-tt-logid
20241105140724D90CCB65564C5AB8A120
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
717 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=6, origin; dur=19
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304405a2
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36affdc681e2af48a16da4078e8f515dd5011907df6c2da8a837b27702e202f11de0e2c5f49aa5599e4c5a30ea31e04b1b78ec251a03ec6572f13ba21140c41fc5f
x-origin-response-time
19,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24110514072492D8843ACFB47A11EF8E-4EF8961F29E3964E-00
content-length
0
x-tt-logid
2024110514072492D8843ACFB47A11EF8E
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
719 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=16, cdn-cache; desc=MISS, edge; dur=5, origin; dur=29
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304405a3
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36a2463e5ddc3d834ec56ad3bc304ca52fac3c7565d62ae0f5afa9c286f07fdae945b6b770bba4f1a1cd44ee1417757488b2c2a229c23c1e99f44e644b0b17fb130
x-origin-response-time
29,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724D1BF1D5C80C142BF5E92-395355941F0FF9C2-00
content-length
0
x-tt-logid
20241105140724D1BF1D5C80C142BF5E92
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
721 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=61, cdn-cache; desc=MISS, edge; dur=160, origin; dur=69
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304405a4
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36a6d195b04be0a3ebe130b4c47ef5f69469a28cfce6309208cc18fa3eef5577404fde22473a0f1eb22f083bb117724b6fad83299cfe147570744962b144241ffc9
x-origin-response-time
70,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724639D5185FC66F1BB9DA0-4105EC0A7A699CC1-00
content-length
0
x-tt-logid
20241105140724639D5185FC66F1BB9DA0
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
876 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache-remote
TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=16, origin; dur=15, inner; dur=12
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
24b3d27.30440979
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475cde8b29451a7448e8ff6c9f9d9bc7b19317591d6fdb84cb4afa51a53b7f2c751366f992423196025db52a58ef446d46fb711bca4898e504d01ad1ce6b088ff55bad2a10aa199301ff797913b5a0a581e41e2b614a31c4d47cb9c35b0dd49930fe
x-origin-response-time
15,23.218.220.146
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724879D6136B98A2F062300-20A0A2EB33A498D2-00
content-length
0
x-parent-response-time
24,23.195.36.73
x-tt-logid
20241105140724879D6136B98A2F062300
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
879 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache-remote
TCP_MISS from a23-218-220-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=23, origin; dur=23, inner; dur=12
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
b4f8adbc.3044097a
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475cde8b29451a7448e8ff6c9f9d9bc7b1935ab2c32f430b7fb05f9dbbc5e0306cfa645f155241dc983ac9df6eeecb8f8671446cb29630da13ad513d101ed5b84977a975b181e69a95a0e530a8a7c71f775298c25cf44d0b16c4a5a6e9b76255c52a
x-origin-response-time
23,23.218.220.133
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411051407241C6D2D4B879425BFF756-21C44F5D44B3C7F2-00
content-length
0
x-parent-response-time
33,23.195.36.73
x-tt-logid
202411051407241C6D2D4B879425BFF756
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
719 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=17, origin; dur=42
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
3044097b
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36a05df0f2febb2db0b3e8b16afa6b2190df09620e5fb1a6bc32a0f541f9a88d6ba8bf328c371b7808b5e5e3744112e790d7d3209c094ce978ec2b6070f0c92675f
x-origin-response-time
43,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724D931819E5149C4C113B5-3D22538225D5C190-00
content-length
0
x-tt-logid
20241105140724D931819E5149C4C113B5
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
717 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=9, cdn-cache; desc=MISS, edge; dur=25, origin; dur=19
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304409ae
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36adacdb5b4eb22803a46a087d6a87008d336199f9eade35e72189968012bf0962b8f5107e9dde6cd80044b18d5e40c4fd893efb7a02903596f0c41a239b7dbebea
x-origin-response-time
20,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24110514072449EE8634916755C27276-52C462CDB893460A-00
content-length
0
x-tt-logid
2024110514072449EE8634916755C27276
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
721 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=25, cdn-cache; desc=MISS, edge; dur=18, origin; dur=35
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304409af
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36a4d2bded8daba02ca29ab1b3fbc432736c31d64123c62910eb4e175e3139bede5b04ffd21b56f7d1e4e6258a52c4bb65f73d18e0e57086f7a18eb8e75eee55354
x-origin-response-time
35,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724436955FDEA61DB7B38CF-5125E95351E59855-00
content-length
0
x-tt-logid
20241105140724436955FDEA61DB7B38CF
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=9, cdn-cache; desc=MISS, edge; dur=20, origin; dur=19
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304409b0
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36a50a0763c943ffb0541d1a31c864dab0a304a648802f94e9111f6752ab1dc06314f6d0048aa1e9bed14572092ca8adb5614fb79ba04f78543fa248fe5d251560a
x-origin-response-time
19,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411051407247192E0E1D5FAB3C1D864-0B28218B6435B914-00
content-length
0
x-tt-logid
202411051407247192E0E1D5FAB3C1D864
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=56, cdn-cache; desc=MISS, edge; dur=16, origin; dur=64
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
304409b2
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36aff07f9df46880ae2f63f74d07dd82ecd5cc059411a66ae4a0679cd379ffd41e80a2006eee22a9cf08f808e07a13448080e209628bb58ef7ebfb01a847b00af68
x-origin-response-time
65,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24110514072464728F8F877710C031BD-0A28F22EB38DF118-00
content-length
0
x-tt-logid
2024110514072464728F8F877710C031BD
server
nginx
inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=df/Fww==, md5=CihY9k4bsokmzU8kBOwKQw==
etag
"0a2858f64e1bb28926cd4f2404ec0a43"
age
149221
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5475
date
Sun, 03 Nov 2024 20:40:23 GMT
last-modified
Thu, 31 Oct 2024 19:40:17 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY04dMbQiyi-qVXgEPv80x_KQJ99PkAt5FOi1F6lFQq-4MpWkpfc600pXNBkgSXGg6X63h7k8hzSqNFFbL4
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403617040771
content-length
5475
server
UploadServer
sms-v2_e39203556bab2366e56296ce42e974a7.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ==
etag
"684b816ff7fa85526ab4b729fb5f0c91"
age
144374
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1303
date
Sun, 03 Nov 2024 22:01:10 GMT
last-modified
Thu, 31 Oct 2024 19:40:38 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY0R4fiTym9bgafIGBEzrMEpFLglfdcENr6r6X6uoNpIeiBE6CAcucGlXR_9k8MvaZELV8JBQ51qaU6KQg8
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403638782676
content-length
1303
server
UploadServer
onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=YWhgXQ==, md5=E+t6bCqMhb3KnLqECwDbLA==
etag
"13eb7a6c2a8c85bdca9cba840b00db2c"
age
41611
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5039
date
Tue, 05 Nov 2024 02:33:53 GMT
last-modified
Thu, 31 Oct 2024 19:40:27 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY30vzp3AKVR2Pi5I4fQv8uxbu7FC8EwkXBhqZtlnUOdqjqWBtMkmkVCHUexxV3MKCAx_t4M1EZt7Sbg5WI
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403627837427
content-length
5039
server
UploadServer
monitor
analytics.tiktok.com/api/v2/ 		0
716 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=13, cdn-cache; desc=MISS, edge; dur=9, origin; dur=22
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
30440a1f
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36afe946a3715d6542973e7a8fa1c093909b6bc13a6a58284f3ba356b8cae74a848182b51eaf9f98c33b2afd49100b69fdf5bcd81aa7b7c394249417c5fafe12e2c
x-origin-response-time
22,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724CD75A542560420797289-4CC9F555A3295AD0-00
content-length
0
x-tt-logid
20241105140724CD75A542560420797289
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
877 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache-remote
TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=13, origin; dur=24, inner; dur=17
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
24b3dd3.30440a20
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475cde8b29451a7448e8ff6c9f9d9bc7b19317591d6fdb84cb4afa51a53b7f2c751366f992423196025db52a58ef446d46fb2bf4c3efbc33b7aaf71ffb6d0be365d718635bed8bb09688c368b8106816095bdb22fda0496292a28723908ae80e16a4
x-origin-response-time
24,23.218.220.146
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724879D6136B98A2F062301-1857959AAB8AFE6A-00
content-length
0
x-parent-response-time
32,23.195.36.73
x-tt-logid
20241105140724879D6136B98A2F062301
server
nginx
monitor
analytics.tiktok.com/api/v2/ 		0
879 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache-remote
TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=15, inner; dur=11
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
17d1368e.30440c90
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475cde8b29451a7448e8ff6c9f9d9bc7b193ed9947fd51ea3c7a9e2545f1969d193e32b337191cfa0de5551df9c4228445aa180657b27993e19aa95f0d48eb7609d1fe681088c1ffaf3e0c3970946a6d4c8a4d273681d37ff1cbc12d4dc9cd6b654c
x-origin-response-time
15,23.218.220.145
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724F334EE663BE8708747ED-38B441C289D65910-00
content-length
0
x-parent-response-time
24,23.195.36.73
x-tt-logid
20241105140724F334EE663BE8708747ED
server
nginx
jquery-3.7.1.min.js
assets.bounceexchange.com/assets/bounce/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
content-encoding
br
etag
W/"2c872dbe60f4ba70fb85356113d8b35e"
age
39928
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
87533
date
Tue, 05 Nov 2024 03:01:56 GMT
last-modified
Thu, 31 Oct 2024 19:40:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3obgDStclxXh8WsAynlxhtuDlspfkQl5bud3IM5to9l3lkR2LWVOegszAShoz30XJjOadk_K5QJQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1730403600522086
content-length
31017
server
UploadServer
act
analytics.tiktok.com/api/v2/pixel/ 		0
721 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:07:24 GMT
server-timing
inner; dur=216, cdn-cache; desc=MISS, edge; dur=13, origin; dur=243
x-cache
TCP_MISS from a23-195-36-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:07:24 GMT
x-akamai-request-id
30440ed0
access-control-allow-headers
Authorization,*
x-tt-trace-host
0118a3145b56de05206e89162174ff475c8c5b8e2fb296b65bc0d8f1d61daff36ac586abd49f31ce63abbba5c8470c086b6991acbc25aa4aad9cdf75af924c5623d153057e30a141d2e61f2256d50851e153cc29eca0159c3ee766142bb7170546
x-origin-response-time
243,23.195.36.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105140724A0AFE6E3DAA436BCF570-20BF8FAD2E264075-00
content-length
0
x-tt-logid
20241105140724A0AFE6E3DAA436BCF570
server
nginx
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 8AA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
ad-auction-allowed
true
age
53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Tue, 05 Nov 2024 14:06:31 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Thu, 31 Oct 2024 19:39:59 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1730403599174353
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
AHmUCY00OlU218DVwaNN5rfxinFNVqEdI78hvwWmwFOp4pCNKpHko4pmoAjPv1GL1H6LW2EByyU
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=7200
content-encoding
gzip
etag
"16d5d552603d86726ae439fc61299d42"
x-cdn
akamai
quic-version
0x00000001
alt-svc
h3=":443"; ma=600
content-length
2114
date
Tue, 05 Nov 2024 14:07:24 GMT
akamai-grn
0.6824c317.1730815644.77e6cc73
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame CD63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn
0.6724c317.1730815644.302b687d
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 05 Nov 2024 14:07:24 GMT
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
6027477345008460
x-pinterest-rid-128bit
a6f969403b8d1c5f53a5e6b5d8f1a2a1
/
ct.pinterest.com/v3/ 		35 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221730816529392_173081652278828%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1730815644390&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22external_id%22%3A%22%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-pinterest-rid-128bit
8a74b6aa62bc7404df5eb606b86e1b6d
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=600
date
Tue, 05 Nov 2024 14:07:24 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
quic-version
0x00000001
pinterest-version
b218925b9f1d26340084c4ce1e3a371e6eb7a251
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
35
akamai-grn
0.6824c317.1730815644.77e6ccb8
x-pinterest-rid
1609550225824901
lookup
pd.cdnwidget.com/ 		74 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pd.cdnwidget.com/lookup?deviceID=undefined&bxwid=4142&bxdid=6363201125385332221&visitID=1730815644711590&enableUID2=false
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-envoy-upstream-service-time
4
x-envoy-decorator-operation
id-resolution.id-resolution.svc.cluster.local:9000/*
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
date
Tue, 05 Nov 2024 14:07:24 GMT
content-type
application/json
server
istio-envoy
c
ids.cdnwidget.com/ 		445 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=099069185&GCS2=MTcyLjE3LjAuMiwxMC4yLjIxMS4yNDUsZmRiZjoxZDM3OmJiZTA6OjQ1OjM6OmY1LGZkYmY6MWQzNzpiYmUwOjo0NTozOjpmNQ==&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22im0XC1FFJQwD2kD%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A16%2C%22IDStageStart%22%3A16%2C%22netComplete%22%3A217%2C%22obsReqpage%22%3A610%2C%22obsReqview%22%3A618%2C%22obsReqdata%22%3A619%2C%22IDStagePrefire%22%3A619%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A-10%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%226363201125385332221%22%2C%22visitid%22%3A%221730815644711590%22%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:56e0:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f9b3ba30f69a7b33d031839f5749d0e77228b8e0e7b508f6d458edbcdf1c511e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
445
date
Tue, 05 Nov 2024 14:07:25 GMT
content-type
application/json
vary
Origin
init1.js
api.bounceexchange.com/bounce/ 		103 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=1001&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYBmABgA58BWANgBYrS67NgAvEKG00zAdwCmAIxypgAgPqoAJlDr46AJkwAnAThAAbOGgwFupAB75FPVQJgCValVGwBDTZtQIA5hLgrNUABbBgAA44AKTEAILBigBikVF88QB0ApowSCA4ALYCaEg4cDgJ+bGYAG6oosASaSAA1qgCUMGEAEKRipoBbaERiop+gSGKVOGRVNGj0fF8SSlpmdmoufmFg2MxvZEAwm0qXSMbB9u9AoZ7YURklITMSqT4TQAi2CC19Y0tbTh8JWcwjjgCLZtaQyM5tGjECGmfAmYbkYbEXqKe6HNplaRnC4Uaj0OiEGFUACcpCBvR+GxGH16mhArlcAmkUgQv3+gMUR0UAhKVgkNLpDKZLM0ANJiiQ9hUlQAjsAAJ5nEnstriyUSEqOOBsxTdRUcvJCDJicSMjAVLXdP7Ctkcvn0xkuKTSAQINAweoYilhS0ipW9FWVAHAIU+jn+4OAwgPUUBaRRVAqHDAAAyIHsHu14WAKk1oukrjBVMU5QACmoyiB8pt8qAsrtPd7rW1ygBlOAiJAqVBCKzh0XlAAqJ2Arfbne7dYzXtZovFSB8kmAg0nWMotAYTGIj0epQlOAA2raBS4ALqwVk7hN7rk8w-2hCnhsX-f+iQy2Wn3jqy8v9XaAQfp89wCFQQEZYDFn-M8rUA4DQIkBB7CyB9zy-fcHUTEAkBqZDoNQvd9UNfwBVNMRIMfPDqjqSQMlAxwJGA9RnWAU8s01QDbyZR0mNQN0GRwgFAJfQN+IEGDpACCQcBqOARMEiVmKggS8IYkpJOk2SSidGA9x-DVIM-LSD1pO1OJkbjeOkDTDKE7JZMo+oJFAEBeQlelFNEoQAigXhsi8vcACJ-X8gAaQL7HEVwQBUWUQsC+csIrYBYp8EAsli2DpDgFBYoBCU53849MACRdfFS0S0gyAJnHsZBJBgTR7FcOwSh8ewoCAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
098cb1deea85cb8a3d239188db5e541cc5ac8536569a9518d29615ad32d1addf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
x-envoy-upstream-service-time
20
x-envoy-decorator-operation
legacy-api-tier1.legacy-api.svc.cluster.local:80/*
via
1.1 google
expires
0
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date
Tue, 05 Nov 2024 14:07:26 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Tue, 05 Nov 2024 14:07:26 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
unip
trc-events.taboola.com/1691051/log/3/ 		0
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4730&scd=0&ssd=1&est=1730815640602&ver=36&isls=true&src=i&invt=3000&msa=3297&rv=1&tim=1730815645333&vi=1730815640598&ri=2319fb8119648d763ee3f986fb56ee55&sd=v2_b18385b0f968bf8b6971300a57e61ea6_8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18_1730815642_1730815642_CNawjgYQq5tnGJaIm-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA&ui=8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-origin
https://www.elfcosmeticsus.us
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 05 Nov 2024 14:07:25 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
hash.gif
pix.cdnwidget.com/
Redirect Chain
  • https://pix.cdnwidget.com/redirect?CID=2oQxYBKFXIe4SQ8sXBakgDYEWIh&DID=2oQxYDTnK4TF2AfBdiGL9y7dFV6&v=&iv=&deviceid=6363201125385332221&visitid=1730815644711590&wsid=4142&apikey=2^HIykD
  • https://pippio.com/api/sync?pid=5749
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
68 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Protocol
H2
Server
34.149.254.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.254.149.34.bc.googleusercontent.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
date
Tue, 05 Nov 2024 14:07:26 GMT
content-type
image/png

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 05 Nov 2024 14:07:26 GMT
graph
idr.cdnwidget.com/ 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=2oQxYBKFXIe4SQ8sXBakgDYEWIh&deviceID=2oQxYDTnK4TF2AfBdiGL9y7dFV6&bxdid=6363201125385332221&bxvid=1730815644711590&bxwid=4142&gm=true&apikey=2^HIykD&loadID=im0XC1FFJQwD2kD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-envoy-upstream-service-time
0
x-envoy-decorator-operation
id-resolution.id-resolution.svc.cluster.local:9000/*
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 05 Nov 2024 14:07:26 GMT
server
istio-envoy
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4730&scd=0&ssd=1&est=1730815640602&ver=36&isls=true&src=i&invt=3000&msa=3297&rv=1&tim=1730815645333&vi=1730815640598&ri=2319fb8119648d763ee3f986fb56ee55&sd=v2_b18385b0f968bf8b6971300a57e61ea6_8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18_1730815642_1730815642_CNawjgYQq5tnGJaIm-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA&ui=8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmeticsus.us
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 05 Nov 2024 14:07:25 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
gzip
x-goog-hash
crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
etag
"54f61bdcbfb6f81427c8a6803f48b02f"
age
25538
ad-auction-allowed
true
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6053
date
Tue, 05 Nov 2024 07:01:48 GMT
last-modified
Tue, 13 Dec 2022 17:12:22 GMT
content-type
text/css
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3LEspk6obKbHBE93O4gyTbfbanlbptsRSKz1CuDTLjnFYvd11TX4SmE19KkZ6fs5HgDf2C7u9qhQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1670951542233151
content-length
6053
server
UploadServer
visit
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoANARm8oGYAQmwAyITLAAebSQA4AbAH15AFgCUbAIIAHbaQQB1BACMA0lBoN+Adkb95bdqYASAFTwiaAYTakQAawQ2AHEEAGN-Ag1qZi8ACyQCAFsgum5+ZhYs1hiAZRQAMxQkEEt6Gzt5ADJQCBgkBALkBqQcGvAoaApMABNxNG10BFgkUhw4yEhtMBpyzVm6BdoAd1XGBFICsIIwFMgQMLB4Rngl9rroBrACUlh9gkxJHG55ZmZzzqubu5AHgE9njF3rVOmF4JBksBiiAUMZ9GAcJRrMJqNRSAQ0BgeopxDRqAJ5qiiqREHjvHiEMBkIp0ZiENjcaiCXjiaSmdQfKiwsVIIoAI6QP5k-iEmJkjl47lIXlQ26pfEivE5fES1HaRLY9UHeXMokoEk61XUdUEbGYFApYWi1mGznUcSKMAQiJWln6tkqu1HYxJKCQemKB51HWKvUG8V27YEfwgBCKJKm-WKdUIRDYV2oyBIWC2vG0rE4zA4npYfYFWM9DPUG0RyU8x0ISBVmvsu3aHraR3+WDN925rk83vh1t4lPALs9pmh6t9snWAAiHxgUZjCERyLxYGWwCtLbtfUrU9F8ns-BivGo5Vk5TPqL4I9RoEPCs03GsGVk3HoqlezH43AATk9PEdyPJFhAXck1R6WgQCQJ0RAIFBnwJLMcyg6gejQV0N1RcAAAUGlAAh4C8cFkmQXdZyNcBclgYwwDCEpjEoo89zxcBXAQSRIDohimJAFikCo4dIxQMI4jjSAZiPN8Py-VR6GYFR+CRecMIKYAm1k99mE-b8VAcI0UAIK0cjtUhtCrCYphkuYliWVZlnWTZtl2RsDiOMATjsxYH2oFAZJfcyQO0UCX3vfcqxQo1hLA9lgK5LSrTkvSFMMjCIBQkUAFpIrxNAmKtFQMKSMyMNIZKdPkgyjLEpJBhANBMCC5lcNRFR6HoWQbBwlFqGAcKCRC1FKu0iLdP0n81Iw6gfwAzq+pAoaRRGtEqommrpsgnbF3gZAhmwaBjESZZEFaeJEhSKp9tQDAjqpeDfkwZ4MmyFgbvOw6YD0FBIAKAgkCSHAxAkSRPoO+6YBLUAwkbP5tDXEswH8CFtCqMEnQopBoDiQLtkwR7-R6HB3gwAhoG2WBsCQP5thLHAAFVciqcnKZImm6dNBB+CZ3JNFZhAKapznzRSJnMCgek2FySA-tTQWKYaNBnpwLwBbZ5XnrFtcvH1EAAaQSWUEVymoABABRUgZYQNBqZ6AhTe0HY5dIem1wA5hqE602KH2SBYAZ-h+EYADfYeFWA4ZvLuFkRgVFNgn9kwUt3ZwAA5AWGnRZC9YalAmpagA1ahSaqBMGfeZYTGDEASZUbgVGoJc6+eSb0t-f8gKqGHtVbk8T3PbhL34a9g9RahuCqQYMFABBllbqfED5HNMDh1v3jCPxS32FInQtbQ262wzmE9jHt+wFBtBAR6IAeHA5bQfge8pbUcB6KpIDiODNR5P5HQhHdOMfQwCwn0CTG0n8iAEBwL+aeQxFCCkRuMCiVRrgjDhjgauxgqjfRwLdNBBACi8lbtQAgABFSQABNecrhMCmBUK4Wg1BNAFEEH0YIIgAJ-GsDBIu1Q8ZIAZCTMhlCqGCFMLQTgABJBAKhcjkNkGATgggUD+DQPOKhFsDDSLiEAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
2
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:07:26 GMT
content-type
image/gif
pageview
events.bouncex.net/track.gif/ 		42 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdBOgGYDGA9oQLYS4YHQskJNR9AGShIsBIg6jcXXlBCoYIAEboIhTMQDsAIWpV0XMJAAmAfRgA7M2UpUqbEOkIRnVAMJm0BCothZWEHaOzhRmHl4+btQBbhzquLYAjrgAntGuVAAMvslUqajpaujICVQuZkWJ-mbAqFx2LUI1dW5x3sXNrXYOIPx5sZ59jSWOtoTKHADWYz0TXU1uIlq8MPgRtlwOhDtdMSvx-SlcXAtwtrxtnrYtehAOuMtUuKjVF+aWNvYHPZrK9BGw4NYPr01iUyulvO9Eqd3KtfsBrMBZgtkFDUVMzHDced8W5nlAsTikfloc5DAARaTgaBwJDca5wI4ALwgmAArABOXmM2QshQgBwHISeHD4IjdOi0RjwFjsbh8ARCERiCS0YXM+Rsm4QWzKLihdSQTDQvVyVlXI0m7LAHmkYBeG2iw23Lk8gCMABYAGyByTcXjABThzAFUMqCO4DhsaOx8MoQjAZNhiNgYAZmOoVhcEDWPwjUAwMCHABqVGT9xByfgEC0R1wEBg1kw-oDVEksFbHcwvsMpAKAA5fbzA0GCgVSL7+b2QbAOO3O4HSBvCr7fVReaQx-vSG4qL6PQhB2fvBlqg5V5fQ+g4G9BPw5mWhyPx5Pp4GCovH2fXAQGAGAoGCI4DkwYCwFISRl06TBrEkXBsBgVB2jSbJZmUVAmVsawYEIbRdE7a1cE5LhMD-GMZGNHJnRwFQIEkQguDQVdMCbLRJCZN5MFEYJWK4Nh0kHKguAARQADwATTpAAVBwAGl-QUmgqHINhjEIgBxAAZflskMawaCrENsHUSJOwkmTZOMZSaAADQASQgf0AGVJLHQgnOMEAFjAOlZIAUQAdRc7AgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
2
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:07:26 GMT
content-type
image/gif
id_sync
events.bouncex.net/track.gif/ 		42 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2oQxYDTnK4TF2AfBdiGL9y7dFV6&source=web&agent=cjs&deviceid=6363201125385332221&visitid=1730815646003192&websiteid=4142&pageviewid=undefined&sequenceid=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:07:26 GMT
content-type
image/gif
0860ab24f45bc22b8f13cc8d6647caaa.jpg
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/0860ab24f45bc22b8f13cc8d6647caaa.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cef923d56729944b2ae70b4e78b864efbb81a1db323d25882483aa8d935f9528

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=MTqQwQ==, md5=CGCrJPRbwiuPE8yNZkfKqg==
etag
"0860ab24f45bc22b8f13cc8d6647caaa"
age
40674
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
86329
date
Tue, 05 Nov 2024 02:49:32 GMT
last-modified
Fri, 01 Nov 2024 19:19:11 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY3VTAuqYycVuOVD89vTSdpiI3auDRaSSiFR7wzDgf92WdgP1H1j6Py6gHlnLtpRTDVcG1VHTX5vMA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730488751388465
content-length
86329
server
UploadServer
59a941c096f98029341d8c56b7b89113.png
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/59a941c096f98029341d8c56b7b89113.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f9c91dd6030ee0311497f63531e9e27cb31cb8468a74c0b8482075bdbaa80b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=8aFhaA==, md5=WalBwJb5gCk0HYxWt7iREw==
etag
"59a941c096f98029341d8c56b7b89113"
age
35861
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
18352
date
Tue, 05 Nov 2024 04:09:45 GMT
last-modified
Tue, 25 Aug 2020 15:57:40 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY3acy6102ygJg6YeIrr2SArb4zIL5c6bGBMNOnhYOXGYE95tSHciYoqTsL7_qxxKgzCfyy8AjFVAQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1598371060392963
content-length
18352
server
UploadServer
6aa18944a3ad2c224d37dafb46afa35f.jpg
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/6aa18944a3ad2c224d37dafb46afa35f.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
41edca74f63e4546256206b316479052b81b5d8fe3b810424d302bd4bf70c9ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=H/B1bQ==, md5=aqGJRKOtLCJNN9r7Rq+jXw==
etag
"6aa18944a3ad2c224d37dafb46afa35f"
age
304252
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
93895
date
Sat, 02 Nov 2024 01:36:34 GMT
last-modified
Mon, 08 Apr 2024 16:27:35 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY2uKZOsrtLwOvIQl2o5nkyarDCdqL3qM_eHPNY_Vc7XmQf14JE-CA0Dc1FgNuo95qvjxBNkUC2VFA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1712593655184176
content-length
93895
server
UploadServer
16f45df19355361dc1c101036c0035b0.png
assets.bounceexchange.com/assets/uploads/clients/3258/creatives/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/3258/creatives/16f45df19355361dc1c101036c0035b0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
915046d9ebab575f9b2f8ba9a35e030b2be55b1439edce6e72f7a19b4a55bd45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=pklVBw==, md5=FvRd8ZNVNh3BwQEDbAA1sA==
etag
"16f45df19355361dc1c101036c0035b0"
age
35527
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2419
date
Tue, 05 Nov 2024 04:15:19 GMT
last-modified
Thu, 01 Apr 2021 03:01:32 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY34xBVSOSB4jy-f9y9uVkQz5a76-FUtwdlPCQ27Cl1YlS_1pYSmBb7NAt1SYq8cH6rLnJ4
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1617246092060079
content-length
2419
server
UploadServer
eligible
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=E4UwNg9ghgJgwlAtgBygSwOYDsDOA1AJgF4AGAMhgwC40cBlAVwCMcBjYNJkYIgMyjA4QFarQAKoAG5oIDHHDkAXCIm58BQkVVZRWACxAAVOkQCMAdgDMJABymArADYALPZLPLZBgEczZIRiqWIoA+mgwOERkOijo2OFEBC6OAJyu-rLArCBETLJY2QAeZFAYIMFEAFY4ZIgQMDnkAO4gLGiKIAnOps4EZNI47QkW1nZOzo4kJJamKX0N0tkJjpYrBCSmpgT2ljY7lgSHpmSoZdIgTcP+IN4M5UswidFgaOWKimiqOIpIyGZWtgcyV6Nmer2CUGQaEk3EGECwRB+GE8CzQ2SIMDIij0aGAMBCqGAigAniFvhBgKUQCEYLQoEwwCBHvxBMJFAAvCBESbkU7UknIHJ6FTCHAQXihBIECAARUKAE0ACKGLAAaWchgAYgQAIK8ABCtIA4gAZFLE8wwTV4RxkPRQPFhR7SuXy-WqzUADQAkiBnHQZTYcJ79VAANYYRXygCiAHVvXogA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:07:26 GMT
content-type
image/gif
pop
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pop?wklz=A4e2C4EMGMBcEsBukEgHYF4EFsCmAnAMn1wBsRIATAYUm2EngHM0BnANQCYMAGQp3CHDQQAVzSx8ATxGVcGAKoBlfoPAkm8dBmoBBVUJET4aXBNnyAcvtEBHDAEZC0Og2Zp4lDJwBsAFh8ATj8AVkJWMXxoeQAjMTRogA9CSAEJDAArVkJsEDleQgB3XBjWeFhcTww-Bz9OQkR4MoQvBwB2AGYeAA4HEP8fHh4Oh0D6uUboqp8Omc4eBwdOEI7ulY7OTacGAUbcQqqnVlxbUTMprw7nUngzWBxcVlhXR06evoG6wOvbiUhgJAEMraZ5MK4TeDRDCUQiwAAW8HwlAA+gx8LApMiniB8KlcMjKE1IDFSLgvAAzSCkY6wgBeIAwgz4O3xGOA8jhIDw4RA5NgyKqnBAAEVEgBNAAiABU0ABpPxSgBinF05IAQoSAOIAGUCUjalEV7B8hDhkCRAq8QtFYrVssVAA0AJK4PxKYXdVgOtWQADWTAlYoAogB1J1woA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:07:26 GMT
content-type
image/gif
collect
sgtm.elfcosmetics.com/g/ 		921 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1348800163.1730815641&ecid=1669047066&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=1495882517.1730815640&sst.adr=1&sst.ude=0&sid=1730815640&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&_s=5&tfd=11313&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
386736a7ffe9748f139bdff5cbd961399724ea3e31999516769319f16a0e65bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:07:28 GMT
content-type
text/plain
server
Google Frontend
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/698270988/?random=148167278&fst=1730815648056&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=545496030&fst=1730815648056&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
edge.curalate.com
URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=545496030&fst=1730815648056&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&tiba=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&uip=162.245.206.0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&tag_exp=101823848~101878899~101878944~101925629&s3p=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCNPFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChEIgKGnuQYQsvLLmf-Zo56BARIdAIF2TynQ0F4-weoVm4FY33Db5IdABI7tKoo1Oxw&pscrd=IhMIhcWZ367FiQMVOwloCB23tTMvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5lbGZjb3NtZXRpY3N1cy51cy8

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 string| yo_host string| _pxAppId string| CRL8_SITENAME object| crl8 object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive object| dataLayer function| getDataLayerEvent object| DataLayer object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom string| AppsFlyerSdkObject function| AF function| ___rmuid object| ___RMCMPW object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| OtTrustedType object| AF_cleanupMethods object| paypalDDL object| AF_SDK object| DYO object| contextManager object| DYJSON object| og object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions boolean| OG_OFFERS_TEST_MODE_ENABLE object| OG object| DYExps string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data number| gtmPageLoadId object| __tfa_pixel_init object| _tfa object| _uxa function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| _tecq function| cnxtag function| onYouTubeIframeAPIReady object| gaGlobal object| DYWork function| $dy object| Optanon object| OneTrust object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| CS_CONF object| CS_INTEGRATIONS_CONF function| csSetTimeout function| csQueueMicrotask function| csClearTimeout function| csSetInterval function| csClearInterval function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csRegExp object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics object| CSCurrentScript object| cnxDataLayer function| runCartEvaluator object| DYCS boolean| otLastAcceptAllValue object| cti110221 function| create_UUID function| createCookie function| pintrk function| fbq function| _fbq object| _fbq_gtm_ids function| rdt string| TiktokAnalyticsObject object| ttq object| JebbitObject function| jebbit number| j function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| bouncex function| redditNormalizeEmail object| _inside boolean| _insideLoaded function| _insideJQ function| _insideViewUpdate object| a object| m function| UET function| UET_init function| UET_push object| ueto_7b47f18235 object| uetq object| insideFrontInterface object| _insideGraph string| _insideProtocol string| _insideCluster string| _insideGraphUrl string| _insideSocialUrl string| _insideCDN string| _insideCDN2 string| _insideScriptVersion boolean| _insideLive boolean| _insideIsLive object| webpackChunksmart_tag object| bxgraph object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| jQuery object| tagConfig function| close_bouncex_ad

75 Cookies

Domain/Path Name / Value
.taboola.com/elfcosmetics-sccnx/ Name: taboola_session_id
Value: v2_b18385b0f968bf8b6971300a57e61ea6_8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18_1730815642_1730815642_CNawjgYQq5tnGJaIm-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA
.curalate.com/ Name: __cf_bm
Value: pioy11Z1u1bM1cS90f_Wp3TEncIVthqM8k6D8PYfRZI-1730815637-1.0.1.1-NTDCMTBTO4NNZ3SoKeUIqY9BPu02GaCaI2hAH1BKFMS_eZGLcVZOqWHovW7YKE4KKEexQ69bRXSb2Y3qzudhgQ
.elfcosmeticsus.us/ Name: crl8.fpcuid
Value: 3138fe67-f4fb-40db-9257-f1069b6a28e9
www.elfcosmeticsus.us/ Name: initAuthComplete
Value: true
.elfcosmeticsus.us/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3Ad438fd5c-6e6d-a9aa-f094-589567d141f2%7Ce%3A1730817439044%7Cc%3A1730815639044%7Cl%3A1730815639044
.elfcosmeticsus.us/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3A1813e31e-9ac1-2dca-79a5-cdf6bb64feb0%7Ce%3Aundefined%7Cc%3A1730815639046%7Cl%3A1730815639046
.elfcosmeticsus.us/ Name: rmStore
Value: dmid:9097
.elfcosmeticsus.us/ Name: _dyjsession
Value: un2etqaej7fd0j9268cjnr1ryb6ckplu
.elfcosmeticsus.us/ Name: dy_fs_page
Value: www.elfcosmeticsus.us
.elfcosmeticsus.us/ Name: _dy_csc_ses
Value: un2etqaej7fd0j9268cjnr1ryb6ckplu
.linksynergy.com/ Name: rmuid
Value: 1b84b105-5e6e-4ff5-9215-77c66cf548e0
.elfcosmeticsus.us/ Name: _gcl_au
Value: 1.1.1010929284.1730815640
.dynamicyield.com/ Name: DYID
Value: -3134505098400881000
.adsrvr.org/ Name: TDID
Value: 3b4f8aaf-1b78-4abe-aa19-77208bf0395d
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.youtube.com/ Name: YSC
Value: k_Pj7xnnZEM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: jc0HYLyEz_Q
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgLQ%3D%3D
.taboola.com/ Name: t_gid
Value: 8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18
.taboola.com/ Name: t_pt_gid
Value: 8c90350c-84de-45c0-ad39-f6d2eff4bc54-tucte23ac18
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.elfcosmeticsus.us/ Name: _ga
Value: GA1.1.1348800163.1730815641
.elfcosmeticsus.us/ Name: _dycnst
Value: dg
.doubleclick.net/ Name: ar_debug
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: 1Oxy1QAqOkCbAa439cPC5nm-e3xJ6Onp_Ja228Pnw8YuV8M_q3NAkuXyLuajfNa5hLZsS4rRH-jD_7syun5lgcoJAm7bfVAT3_yFG-d_T1Y.
.adnxs.com/ Name: uuid2
Value: 2817184274968523570
.elfcosmeticsus.us/ Name: _dyid
Value: -3134505098400881000
.elfcosmeticsus.us/ Name: _dycst
Value: dk.l.c.ws.fst.
.elfcosmeticsus.us/ Name: _dy_geo
Value: US.NA.US_CA.US_CA_El%20Segundo
.elfcosmeticsus.us/ Name: _dy_df_geo
Value: United%20States.California.El%20Segundo
.elfcosmeticsus.us/ Name: _dy_toffset
Value: -1
.elfcosmeticsus.us/ Name: _dy_soct
Value: 1730815641!1652212.0'1654610.0'1750272.0'2078808.0'2078831.0!un2etqaej7fd0j9268cjnr1ryb6ckplu~1248068.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmhgrSfKIgXm8Pcn2YYMWZa5W5qy2dloXhpQ3Ehm9rD1H1JpDStN22Oln4TqfI
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.rlcdn.com/ Name: rlas3
Value: F1vappjwFhyZ19jpRizbs65aMN8iDTEwnJZ4Cy0WPgk=
.rubiconproject.com/ Name: audit_p
Value: 1|C+FHuuXt9bNrDIpnNHXhkPXWN+8Pe4IgHWY/lK6iYA0JD8deNwibMJvA1PNCng1faYvoOjApOLwwHTRO1/p4iHX0qfg68IpFQAPcN3ARK86d97+O9fmv6bW8p2hTxqoOlZ/+4qk//VUOKjmH0IMaleXYpnANNEJ4Q+Tk4M6ny7LREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rubiconproject.com/ Name: khaos
Value: M34IY0J8-1Q-9CLQ
.rubiconproject.com/ Name: khaos_p
Value: M34IY0J8-1Q-9CLQ
.rubiconproject.com/ Name: audit
Value: 1|C+FHuuXt9bNrDIpnNHXhkPXWN+8Pe4IgHWY/lK6iYA0JD8deNwibMJvA1PNCng1faYvoOjApOLwwHTRO1/p4iHX0qfg68IpFQAPcN3ARK86d97+O9fmv6bW8p2hTxqoOlZ/+4qk//VUOKjmH0IMaleXYpnANNEJ4Q+Tk4M6ny7LREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rlcdn.com/ Name: pxrc
Value: CJnNqLkGEgUI6AcQABIGCOTrARAA
.linksynergy.com/ Name: icts
Value: 2024-11-05T14:07:22Z
.casalemedia.com/ Name: CMID
Value: ZyommsAoIpEAADBQAqMTugAA
.casalemedia.com/ Name: CMPS
Value: 2645
.casalemedia.com/ Name: CMPRO
Value: 2645
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3b4f8aaf-1b78-4abe-aa19-77208bf0395d&KRTB&22918-3b4f8aaf-1b78-4abe-aa19-77208bf0395d&KRTB&22926-3b4f8aaf-1b78-4abe-aa19-77208bf0395d&KRTB&23031-3b4f8aaf-1b78-4abe-aa19-77208bf0395d
.pubmatic.com/ Name: PugT
Value: 1730815642
www.elfcosmeticsus.us/ Name: FPC
Value: 17db020e-9f98-45d2-b435-a13eda4360ef
.elfcosmeticsus.us/ Name: _ga_5D80LRC85N
Value: GS1.1.1730815640.1.1.1730815642.0.0.1669047066
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GTsk$>IM!]tbK8bhzs#DIgl#XsfZ0SEn:
.elfcosmeticsus.us/ Name: _rdt_uuid
Value: 1730815643220.0cb2721b-eb72-428b-8799-67efb618aec5
.elfcosmeticsus.us/ Name: _uetsid
Value: 477777109b7f11efa93c09b83a87efab
.elfcosmeticsus.us/ Name: _uetvid
Value: 4777b9c09b7f11efa056fffeaef925da
.tiktok.com/ Name: _ttp
Value: 2oQxXyvdktsx9Kw9Z5v0axpTEIw
.bidswitch.net/ Name: tuuid
Value: 15b9178b-0bfe-4d16-a7e1-10a46c24732f
.bidswitch.net/ Name: c
Value: 1730815643
.bidswitch.net/ Name: tuuid_lu
Value: 1730815643
.bing.com/ Name: MUID
Value: 1000767CC703691D1AC96352C6F86878
.bat.bing.com/ Name: MR
Value: 0
.pointmediatracker.com/ Name: c
Value: f03c3a52-1e8b-462e-879b-3a63d5215d3d
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIYXBwbmV4dXMSCwjq9rWrpuu-PRAFEhYKB3J1Ymljb24SCwi4lrarpuu-PRAFEhUKBmdvb2dsZRILCOrrssXGvbw9EAUSFQoGY2FzYWxlEgsI1J3Fr6brvj0QBRIXCghwdWJtYXRpYxILCJTio7Km6749EAUSGAoJYmlkc3dpdGNoEgsI4JGWuqbrvj0QBRgFOAFCBCICCAE.
.elfcosmeticsus.us/ Name: _fbp
Value: fb.1.1730815643708.575674240792518324
.elfcosmeticsus.us/ Name: _tt_enable_cookie
Value: 1
.elfcosmeticsus.us/ Name: _ttp
Value: w_JPnptPe2L1Ot2JuVeynBtZuNh
.undertone.com/ Name: UTID
Value: 0f2849a26cbe4c459dedd66046c6f5cb
.undertone.com/ Name: UTID_ENC
Value: waywsief4gqtxce5pumvilsb
.pinterest.com/ Name: ar_debug
Value: 1
.elfcosmeticsus.us/ Name: _pin_unauth
Value: dWlkPVpERXdPVE5tTlRNdE16QmxZUzAwWVRJMExXSTJaR1l0WWpRME9Ea3pNVFU1WWpWaw
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZITjdwVDNjWWdwd3RWcE5helNTRTZVRUJmSjlSTVVHZEQzaWlIUkZBTEIyRHdZdFlzdnlrZ3llZjV5K0x2ZkV2bDNmY2NWMkIydjVTaW9nQVBzeHhPQzVBSklpR0RyVFNxWG93amtQZkFVVT0mTWVPZi8wb0tzY0djNkR6OTNWanZLR0Ntd0xvPQ=="
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2oQxYBKFXIe4SQ8sXBakgDYEWIh","deviceID":"2oQxYDTnK4TF2AfBdiGL9y7dFV6","iv":"","v":""}
.elfcosmeticsus.us/ Name: __idcontext
Value: eyJjb29raWVJRCI6IjJvUXhZQktGWEllNFNROHNYQmFrZ0RZRVdJaCIsImRldmljZUlEIjoiMm9ReFlEVG5LNFRGMkFmQmRpR0w5eTdkRlY2IiwiaXYiOiIiLCJ2IjoiIn0%3D
.bounceexchange.com/ Name: bounceClientVisit4142c
Value: %7B%22vid%22%3A1730815646003192%2C%22did%22%3A%226363201125385332221%22%7D
.pippio.com/ Name: did
Value: w1Umn2DRwUq8rfn5
.pippio.com/ Name: didts
Value: 1730815646
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CJ7NqLkGEgUI9ywQAA==

5 Console Messages

Source Level URL
Text
network error URL: https://www.elfcosmeticsus.us/XT4Gy2ig/init.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=GOxy3XsrHmOkzgre_lLRjAMZfoSzadMqEAJN1jVaj2k
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=9cDYj28ZOKFyg7j94U4wAVAlI_hDPNDYNq9MdVej0dA
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.elfcosmeticsus.us/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Fwww.elfcosmeticsus.us&sid=1&j=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10265292.fls.doubleclick.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
ad.doubleclick.net
alb.reddit.com
analytics.google.com
analytics.tiktok.com
api.bounceexchange.com
api.ipify.org
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
cdn.blisspointmedia.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.static.amplience.net
cdn.taboola.com
cdn8.eu.inside.chat
cds.taboola.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
data.cdnbasket.net
dsum-sec.casalemedia.com
edge.curalate.com
events.bouncex.net
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.rlcdn.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
match.adsrvr.org
page.cdnbasket.net
pd.cdnwidget.com
pippio.com
pips.taboola.com
pix.cdnwidget.com
pixel-config.reddit.com
pixel.pointmediatracker.com
pixel.rubiconproject.com
psb.taboola.com
s.pinimg.com
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
simage2.pubmatic.com
st.dynamicyield.com
static.ordergroove.com
stats.g.doubleclick.net
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tag.wknd.ai
tags.rd.linksynergy.com
td.doubleclick.net
trc-events.taboola.com
trc.taboola.com
ut.rd.linksynergy.com
view.cdnbasket.net
websdk.appsflyer.com
www.elfcosmeticsus.us
www.facebook.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.redditstatic.com
www.youtube.com
www8.eu.inside.chat
x.bidswitch.net
edge.curalate.com
googleads.g.doubleclick.net
104.18.11.236
104.18.8.17
104.18.9.17
104.26.13.205
107.178.254.65
108.139.47.37
13.226.94.108
141.226.224.32
141.226.224.48
142.250.176.198
142.251.35.164
142.251.40.194
142.251.40.200
151.101.1.21
151.101.1.44
151.101.129.44
151.101.193.140
151.101.195.1
157.240.241.1
172.64.149.149
172.64.151.101
18.238.80.101
18.238.80.118
192.229.210.155
2001:4860:4802:32::181
207.65.37.184
23.204.17.176
23.48.224.105
23.56.163.34
2600:141b:1c00:258b::1931
2600:1901:0:56e0::
2600:9000:21dd:5600:a:b89d:a6c0:93a1
2600:9000:23cb:600:11:85b0:d600:93a1
2600:9000:2807:8200:15:ad21:c740:93a1
2600:9000:2807:e200:a:7914:b00:93a1
2606:4700:4400::6812:2089
2606:4700:4400::6812:252f
2606:4700:4400::ac40:9994
2606:4700:4400::ac40:9b23
2606:4700::6812:562a
2607:f8b0:4004:c08::9c
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:823::2008
2620:1ec:33::10
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42::396
3.33.220.150
34.102.147.248
34.111.8.32
34.120.16.118
34.120.253.250
34.149.118.140
34.149.130.207
34.149.254.212
34.149.51.242
34.49.124.132
34.98.67.3
34.98.72.95
35.174.249.52
35.211.202.130
35.244.154.8
37.72.142.213
54.236.132.176
68.67.160.137
69.173.151.100
031891366cb372682dad9fd5caab813101f2e6cf0554376b28413cf277d29dd7
036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0
04334c34f7229a84060088639a8d17485457ebc64ab8561ee5b3c0d9eea1da0e
08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5
098cb1deea85cb8a3d239188db5e541cc5ac8536569a9518d29615ad32d1addf
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925
0c22692fd69ca82d18566270bcbf1bd4c8b2f53fcc163cbd2dbffd6dfd0f8c5e
0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3
0dc33809c863fbdc63a5ba93cd0bbe8e10f205991697350cf44b14a5572a83ab
0f548aae1077d2026e94c4d109d920c5911b0a5543f7d99d4771bf5722165b83
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24
1896b06be97eca5aad535cab0f7ed231162345d36268d0145bd2b05ee5651a36
1a51c02ded3766cce9d32ec5d0829a6f762d321ac17d1e1b2451e193625e8313
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
2ddf771e6fd5c0ff146456f571d974f1a9f5f0aa8ac76f271aeda939bcc075c0
2ec6c83ec1824898d15400462916551bf6761d2772bc3baec5b8fba523e03eb7
2f9c91dd6030ee0311497f63531e9e27cb31cb8468a74c0b8482075bdbaa80b5
333e62715e266d0c761ffa44237843334e5d536b379a13e80cf1438a6ee214af
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
386736a7ffe9748f139bdff5cbd961399724ea3e31999516769319f16a0e65bf
3afb9988267a380488bd5d0cc82ef645c2c96093316c97c10b636a8c09b0682b
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d42bf8ac5acf2201b231087ffc10134ff57df335baf6182d69a6786dc6d155e
41edca74f63e4546256206b316479052b81b5d8fe3b810424d302bd4bf70c9ed
4526135c25caf69aa3b5ae9c0d208f0f71c4ad23a51a3dacc5875d784f39bf89
495808ac63ddcd70c9653d0a4dc69a597fe6d9ed1533c18b462ad94674de9358
49764ec01740feb1948116ed1f841b74efb21ff4c074d8e7d9927db585a5ea04
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505055f4069ad1e3da1addb9f24df73d5c6db6937b071b56015216704acd07c8
51db2800976ae0311153917c1b90973847211e03c6cafddade13410f9ea3ece0
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
670100fdff5d70442f026e50e0e8917e1efde3e595e2f3bd65a8a3fd8b3bc53f
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58
72ff5a1f7f8d2a84d8976552d8a42bb69c9ff70656b0c902af9c57902de5b3c5
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75af44c111fb56615680a1ace75c374177bb7f7d1a6bc7132227df732be79443
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7bba9d275e45b01f602d977f57a9a5b85c53e5fbb49778fdf08248805433429e
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7cd07294a7b2b1c8137a93017307064ecd0f5fb556ef021e042066806e8560f3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
81cd5544b8b64680ce3c136ed86a694a364dc6bbb272252f83ceeb30627a9aed
82750f27be03d4b9e57a91dfa19180873ddbb22dd81aba6854dd7b7ea08c1e9a
86c24ea8fc0b45f10691129152f3d471c05a4265841725b98549f401e2260712
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
88bebcfb16b45d33f19953265ad03487f11fd4d70b74e5cf60cf33777d05340a
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
89b7d37cc50a451c2fbaaaf1b08d016204527b2dace3ef9985d9cb78c97f9eff
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8937329a5e80c3bc2548bb977f5b412aeff1ac9abd9f00ce804a714ba2bdc5
8fa4a24e56a5f43d0a2382698cabcd2605b99d72bfc04510e148775bc91347eb
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
902be7e3440e4c3a980af18149fdaedc6bacb12e778d070683bf7ada4f8ff606
915046d9ebab575f9b2f8ba9a35e030b2be55b1439edce6e72f7a19b4a55bd45
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a4082e2251f7f6b4f042842260bac0fb0a9ad35e03752c79f2aabbe18f458d85
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd
aec35878546fa0cd152b7bddac4e953952216849d12b60960feff0ce8a0b7fd2
af30ad09ee7c61a2827e7df6838b13fb1c8a63b46d781c979c0906b5de54bb89
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6eb2a8922105cc7773fbdcaaf0d8a14a3074a7765a5a86f8314ed757c12a2d7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bf055e03c860dd88d9d4017203050548dc930d6b78749b07320c9b08f3625071
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
c3ce398755176d7bb65a5a106fd0e3a165297640d7f21323c1509c5d5a0fe794
c8fcec3362c6e4f01b70b0c1b03c3892318f16ba44995683422daeb59552642c
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
cef923d56729944b2ae70b4e78b864efbb81a1db323d25882483aa8d935f9528
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b
d6c946495756908ed51228da25f1282815c6a71e8e045a8c43d28d71c92e44a3
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d9b60bb652094955b45736f763e9240f61f944c699831d13f14b34721d6560b1
de9c3c4ac891a0938c75ce0f455c92bfd86ca7adaf1aebcda0888f817b243cd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59685c749b3371cb179b9b671415513a21b3024ab9e7fe98622a09400950bad
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
ee66778dba8431b64c285bbfcc94d437a298b46e129512f2371e3c7d13a2bcd6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55
f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd
f9b3ba30f69a7b33d031839f5749d0e77228b8e0e7b508f6d458edbcdf1c511e
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb6f0aea4908f409e88318c237c0056c3fec4e73e99f815d2f20e545bcfa6087
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a