urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmetics.com Open in urlscan Pro
104.17.78.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.e.elfcosmetics.com/?qs=fdf388de2107c5495b1c67070497098893a4a3c2749107c29d83dcd897b976a873cb1d1b5ec0c0405ebd73482e6b...
Effective URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Pr...
Submission: On June 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 3 countries across 30 domains to perform 76 HTTP transactions. The main IP is 104.17.78.185, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.elfcosmetics.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 10th 2018. Valid for: 3 years.
This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.18.12 22606 (EXACT-7)
16 104.17.78.185 13335 (CLOUDFLAR...)
1 209.197.3.15 20446 (HIGHWINDS3)
1 172.217.22.10 15169 (GOOGLE)
4 52.222.146.66 16509 (AMAZON-02)
1 172.217.22.8 15169 (GOOGLE)
2 172.217.23.163 15169 (GOOGLE)
1 151.101.112.70 54113 (FASTLY)
1 151.101.112.230 54113 (FASTLY)
2 13.107.21.200 8068 (MICROSOFT...)
1 3 172.217.23.174 15169 (GOOGLE)
1 205.185.216.10 20446 (HIGHWINDS3)
1 172.217.22.2 15169 (GOOGLE)
1 3 69.167.130.8 32244 (LIQUIDWEB)
2 52.222.149.241 16509 (AMAZON-02)
2 185.60.216.19 32934 (FACEBOOK)
1 151.101.12.84 54113 (FASTLY)
1 52.222.146.37 16509 (AMAZON-02)
2 4 172.217.21.230 15169 (GOOGLE)
2 216.58.210.2 15169 (GOOGLE)
1 173.194.76.156 15169 (GOOGLE)
1 151.101.112.84 54113 (FASTLY)
1 2.18.232.70 16625 (AKAMAI-AS)
3 52.222.146.103 16509 (AMAZON-02)
1 172.217.23.179 15169 (GOOGLE)
5 172.217.21.243 15169 (GOOGLE)
1 52.222.156.157 16509 (AMAZON-02)
2 185.60.216.38 32934 (FACEBOOK)
2 172.217.22.4 15169 (GOOGLE)
2 172.217.21.227 15169 (GOOGLE)
2 205.185.216.42 20446 (HIGHWINDS3)
1 52.222.146.146 16509 (AMAZON-02)
1 52.222.149.156 16509 (AMAZON-02)
1 35.190.71.216 15169 (GOOGLE)
1 52.222.146.92 16509 (AMAZON-02)
5 52.86.47.12 14618 (AMAZON-AES)
1 54.229.18.61 16509 (AMAZON-02)
76 37
1    13.111.18.12 (Indianapolis, United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.s10.exacttarget.com
click.e.elfcosmetics.com
16    104.17.78.185 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.elfcosmetics.com
1    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com
1    172.217.22.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f10.1e100.net
fonts.googleapis.com
4    52.222.146.66 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-66.fra53.r.cloudfront.net
display.ugc.bazaarvoice.com
1    172.217.22.8 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f8.1e100.net
www.googletagmanager.com
2    172.217.23.163 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f163.1e100.net
fonts.gstatic.com
1    151.101.112.70 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
static.curations.bazaarvoice.com
1    151.101.112.230 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
apps.nexus.bazaarvoice.com
2    13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
3    172.217.23.174 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f174.1e100.net
www.google-analytics.com
1    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
static.hotjar.com
1    172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com
3    69.167.130.8 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
shop.pe
2    52.222.149.241 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-241.fra53.r.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
2    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    151.101.12.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
s.pinimg.com
1    52.222.146.37 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-37.fra53.r.cloudfront.net
intljs.rmtag.com
4    172.217.21.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net
6038784.fls.doubleclick.net
2    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
googleads.g.doubleclick.net
1    173.194.76.156 (Portage, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
1    151.101.112.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
ct.pinterest.com
1    2.18.232.70 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-70.deploy.static.akamaitechnologies.com
cdn.shopify.com
3    52.222.146.103 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-103.fra53.r.cloudfront.net
cdn.sweettooth.io
1    172.217.23.179 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f179.1e100.net
consent.linksynergy.com
5    172.217.21.243 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f19.1e100.net
consent.nxtck.com
consent.mediaforge.com
consent.jrs5.com
ct1.ra.linksynergy.com
nyt2.dc-storm.com
1    52.222.156.157 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-156-157.fra53.r.cloudfront.net
cdn.cquotient.com
2    185.60.216.38 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    172.217.22.4 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f4.1e100.net
www.google.com
2    172.217.21.227 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f3.1e100.net
www.google.de
2    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
script.hotjar.com
vars.hotjar.com
1    52.222.146.146 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-146.fra53.r.cloudfront.net
smile-ui-panel-lite-cdn.smile.io
1    52.222.149.156 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-156.fra53.r.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
1    35.190.71.216 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 216.71.190.35.bc.googleusercontent.com
addstrap-ui.addshoppers.com
1    52.222.146.92 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-92.fra53.r.cloudfront.net
analytics-static.ugc.bazaarvoice.com
5    52.86.47.12 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-47-12.compute-1.amazonaws.com
network.bazaarvoice.com
1    54.229.18.61 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-18-61.eu-west-1.compute.amazonaws.com
p.cquotient.com
Apex Domain
Subdomains		 Transfer
17 elfcosmetics.com
click.e.elfcosmetics.com
www.elfcosmetics.com
479 KB
12 bazaarvoice.com
display.ugc.bazaarvoice.com
static.curations.bazaarvoice.com
apps.nexus.bazaarvoice.com
analytics-static.ugc.bazaarvoice.com
network.bazaarvoice.com
339 KB
7 doubleclick.net
6038784.fls.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
4 KB
3 sweettooth.io
cdn.sweettooth.io
47 KB
3 cloudfront.net
d3rr3d0n31t48m.cloudfront.net
57 KB
3 shop.pe
shop.pe
3 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
79 KB
3 google-analytics.com
www.google-analytics.com
16 KB
2 google.de
www.google.de
214 B
2 google.com
www.google.com
232 B
2 facebook.com
www.facebook.com
343 B
2 cquotient.com
cdn.cquotient.com
p.cquotient.com
7 KB
2 linksynergy.com
consent.linksynergy.com
ct1.ra.linksynergy.com
580 B
2 facebook.net
connect.facebook.net
26 KB
2 bing.com
bat.bing.com
7 KB
2 gstatic.com
fonts.gstatic.com
41 KB
1 addshoppers.com
addstrap-ui.addshoppers.com
17 KB
1 smile.io
smile-ui-panel-lite-cdn.smile.io
1 dc-storm.com
nyt2.dc-storm.com
235 B
1 jrs5.com
consent.jrs5.com
332 B
1 mediaforge.com
consent.mediaforge.com
338 B
1 nxtck.com
consent.nxtck.com
333 B
1 shopify.com
cdn.shopify.com
1 KB
1 pinterest.com
ct.pinterest.com
378 B
1 rmtag.com
intljs.rmtag.com
19 KB
1 pinimg.com
s.pinimg.com
16 KB
1 googleadservices.com
www.googleadservices.com
6 KB
1 googletagmanager.com
www.googletagmanager.com
32 KB
1 googleapis.com
fonts.googleapis.com
330 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
6 KB
76 30
Domain Requested by
16 www.elfcosmetics.com www.elfcosmetics.com
5 network.bazaarvoice.com www.elfcosmetics.com
analytics-static.ugc.bazaarvoice.com
4 6038784.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 display.ugc.bazaarvoice.com www.elfcosmetics.com
display.ugc.bazaarvoice.com
3 cdn.sweettooth.io www.elfcosmetics.com
cdn.sweettooth.io
3 d3rr3d0n31t48m.cloudfront.net www.elfcosmetics.com
d3rr3d0n31t48m.cloudfront.net
3 shop.pe 1 redirects d3rr3d0n31t48m.cloudfront.net
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
2 www.google.de www.elfcosmetics.com
2 www.google.com www.elfcosmetics.com
2 www.facebook.com www.elfcosmetics.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 connect.facebook.net www.elfcosmetics.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
www.elfcosmetics.com
2 fonts.gstatic.com www.elfcosmetics.com
1 p.cquotient.com cdn.cquotient.com
1 analytics-static.ugc.bazaarvoice.com display.ugc.bazaarvoice.com
1 addstrap-ui.addshoppers.com d3rr3d0n31t48m.cloudfront.net
1 smile-ui-panel-lite-cdn.smile.io cdn.sweettooth.io
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 cdn.cquotient.com www.elfcosmetics.com
1 nyt2.dc-storm.com www.elfcosmetics.com
1 ct1.ra.linksynergy.com www.elfcosmetics.com
1 consent.jrs5.com www.elfcosmetics.com
1 consent.mediaforge.com www.elfcosmetics.com
1 consent.nxtck.com www.elfcosmetics.com
1 consent.linksynergy.com www.elfcosmetics.com
1 cdn.shopify.com www.elfcosmetics.com
1 ct.pinterest.com www.elfcosmetics.com
1 stats.g.doubleclick.net www.elfcosmetics.com
1 intljs.rmtag.com www.elfcosmetics.com
1 s.pinimg.com www.elfcosmetics.com
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 apps.nexus.bazaarvoice.com display.ugc.bazaarvoice.com
1 static.curations.bazaarvoice.com display.ugc.bazaarvoice.com
1 www.googletagmanager.com www.elfcosmetics.com
1 fonts.googleapis.com www.elfcosmetics.com
1 maxcdn.bootstrapcdn.com www.elfcosmetics.com
1 click.e.elfcosmetics.com 1 redirects
76 41
Subject Issuer Validity Valid
*.elfcosmetics.com
COMODO RSA Organization Validation Secure Server CA		 2018-02-10 -
2021-02-06		 3 years crt.sh
*.doubleclick.net
Google Internet Authority G3		 2018-05-23 -
2018-08-15		 3 months crt.sh
*.hotjar.com
Let's Encrypt Authority X3		 2018-05-24 -
2018-08-22		 3 months crt.sh
*.smile.io
COMODO RSA Domain Validation Secure Server CA		 2017-05-10 -
2020-05-09		 3 years crt.sh

This page contains 5 frames:

Primary Page: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Frame ID: 452F6A66AC2EC85AD76BD4F19465A3BE
Requests: 74 HTTP requests in this frame

Frame: https://6038784.fls.doubleclick.net/activityi;dc_pre=CLXSgvO9ztsCFRA-4AodH9UGow;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)
Frame ID: 8EF158AFA2436BDEA4AEE96AA54C8583
Requests: 1 HTTP requests in this frame

Frame: https://6038784.fls.doubleclick.net/activityi;dc_pre=CNCUg_O9ztsCFZpA4Aod4AcOmg;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)
Frame ID: A5FE5935265092E86B56EBD21135B848
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
Frame ID: EACE10CAB163E1D46225A7D72BA0135B
Requests: 1 HTTP requests in this frame

Frame: https://smile-ui-panel-lite-cdn.smile.io/nudge/signup?channel_id=&storefront_panel_cache_key=0.115017655742861528818772412&storefront_panel_id=8390
Frame ID: AEB95676C4FE651F64931AE301F12E1E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.e.elfcosmetics.com/?qs=fdf388de2107c5495b1c67070497098893a4a3c2749107c29d83dcd897b976a873cb1d1b... HTTP 302
    https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_cam... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

76
Requests

26 %
HTTPS

0 %
IPv6

30
Domains

41
Subdomains

37
IPs

3
Countries

1202 kB
Transfer

4590 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.e.elfcosmetics.com/?qs=fdf388de2107c5495b1c67070497098893a4a3c2749107c29d83dcd897b976a873cb1d1b5ec0c0405ebd73482e6b726f0a72c2aa995de0fa HTTP 302
    https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D) Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Request Chain 22
  • https://6038784.fls.doubleclick.net/activityi;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D) HTTP 302
  • https://6038784.fls.doubleclick.net/activityi;dc_pre=CLXSgvO9ztsCFRA-4AodH9UGow;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)
Request Chain 23
  • https://6038784.fls.doubleclick.net/activityi;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D) HTTP 302
  • https://6038784.fls.doubleclick.net/activityi;dc_pre=CNCUg_O9ztsCFZpA4Aod4AcOmg;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)
Request Chain 28
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=728485645&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&ul=en-us&de=UTF-8&dt=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAL~&jid=1007488728&gjid=1008501607&cid=437033110.1528818815&tid=UA-432816-1&_gid=1907868308.1528818815&_r=1&gtm=G64T7MZLHP&cd1=HYBRID-HEADER%3A%20hybrid-header&cd5=&il1pi1id=300061&il1pi1nm=Flawless%20Finish%20Foundation&il1pi1pr=6&il1pi1ca=Foundation%2FFace&il1pi1ps=1&z=313919249 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-432816-1&cid=437033110.1528818815&jid=1007488728&_gid=1907868308.1528818815&gjid=1008501607&_v=j68&z=313919249

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.elfcosmetics.com/promotion-details/
Redirect Chain
  • http://click.e.elfcosmetics.com/?qs=fdf388de2107c5495b1c67070497098893a4a3c2749107c29d83dcd897b976a873cb1d1b5ec0c0405ebd73482e6b726f0a72c2aa995de0fa
  • https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Pro...
94 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b65e20973eb87e6b7717040ac948af3b535b509f88b9220519e898175900c

Request headers

:method
GET
:authority
www.elfcosmetics.com
:scheme
https
:path
/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
452F6A66AC2EC85AD76BD4F19465A3BE

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:34 GMT
content-type
text/html;charset=UTF-8
content-length
24850
set-cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; expires=Wed, 12-Jun-19 15:53:33 GMT; path=/; domain=.elfcosmetics.com; HttpOnly dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; Path=/ cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; Path=/ sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; Path=/ dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; Expires=Sun, 09-Dec-2018 15:53:34 GMT; Path=/ dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; Version=1; Comment="Demandware anonymous cookie for site Sites-elf-us-Site"; Max-Age=15552000; Expires=Sun, 09-Dec-2018 15:53:34 GMT; Path=/ dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; Version=1; Comment="Demandware Secure Token for site Sites-elf-us-Site"; Path=/; Secure; HttpOnly __cq_dnt=0; Path=/ dw_dnt=0; Path=/ dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; path=/; HttpOnly
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
x-dw-request-base-id
732Qrlsf5eC0AgAK
vary
Accept-Encoding
content-encoding
gzip
accept-ranges
bytes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
429d7db25807266c-FRA

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Date
Tue, 12 Jun 2018 15:53:33 GMT
X-Cnection
close
Content-Length
372
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
HTTP/1.1
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Feb 2018 21:46:17 GMT
Connection
Keep-Alive
ETag
"1518903977"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
5442
css
fonts.googleapis.com/ 		476 B
330 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant:400,700
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.22.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f10.1e100.net
Software
ESF /
Resource Hash
7a4cb9b4c62a1deeb2a16b915c27b7a84bd2a8862d74f49cbb317440fc222654
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Tue, 12 Jun 2018 15:53:34 GMT
style.min.css
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/ 		466 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd57332d2fb38cac4b8cbbd7b54c9441940b33e48a79aac29a114944a714597

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jun 2018 19:56:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2591755
cf-ray
429d7db72bd0266c-FRA
x-dw-request-base-id
ZXWDFlsfbd-_AgAK
expires
Thu, 12 Jul 2018 15:49:29 GMT
global.css
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1528786397446/css/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1528786397446/css/global.css
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a374e95521b6429a29cb86759cd4ae680b565d36fcdc308d91e78e86ad349b

Request headers

:path
/on/demandware.static/-/Library-Sites-elfSharedLibrary/en_US/v1528786397446/css/global.css
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 May 2018 18:16:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2591755
accept-ranges
bytes
cf-ray
429d7db72bd1266c-FRA
x-dw-request-base-id
M36WaFsfbd-0AgAK
content-length
4033
expires
Thu, 12 Jul 2018 15:49:29 GMT
bvapi.js
display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/en_US/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/en_US/bvapi.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
52.222.146.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1686aaad857d2138e389ed50a23a4d4db6f7f37a9e977ab9ce13529178977f5

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 06 Jun 2018 11:32:03 GMT
content-encoding
gzip
last-modified
Fri, 04 May 2018 16:30:43 GMT
server
AmazonS3
age
881
etag
"4b5dd9e503aef2f88792db0d75532725"
x-cache
Hit from cloudfront
x-amz-version-id
upSac88aMgI1qnq9HL4_mzwRXWelbRHe
status
200
cache-control
max-age=600, s-maxage=3600
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
10101
via
1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
x-amz-cf-id
WnSGIpqU1M7qtL__LPfS9MPUGLdmvncL6mJfxWHUABjVHF57xv2MLg==
gtm.js
www.googletagmanager.com/ 		127 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.22.8 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
89cb42f57e0eec1d3a7ad14a2fead92a455478fb7eaef9e430101ac094bc893f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
32841
x-xss-protection
1; mode=block
expires
Tue, 12 Jun 2018 15:53:34 GMT
back-to-top.svg
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/images/svg-icons/ 		280 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/images/svg-icons/back-to-top.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/images/svg-icons/back-to-top.svg
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jun 2018 19:56:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=2591746
accept-ranges
bytes
cf-ray
429d7db79c03266c-FRA
x-dw-request-base-id
mHwnalsfbeG0AgAK
content-length
208
expires
Thu, 12 Jul 2018 15:49:20 GMT
feedback.svg
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/images/svg-icons/ 		281 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/images/svg-icons/feedback.svg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/images/svg-icons/feedback.svg
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jun 2018 19:56:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=2591726
accept-ranges
bytes
cf-ray
429d7db79c04266c-FRA
x-dw-request-base-id
cX6xaFsfbeG0AgAK
content-length
213
expires
Thu, 12 Jul 2018 15:49:00 GMT
2sDcZGJYnIjSi6H75xkzaGW8.ttf
fonts.gstatic.com/s/assistant/v2/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v2/2sDcZGJYnIjSi6H75xkzaGW8.ttf
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.23.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f163.1e100.net
Software
sffe /
Resource Hash
9b571805016f69d33b8234c8001c53a85299441c151da22df39221c982e4923e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Assistant:400,700
Origin
https://www.elfcosmetics.com

Response headers

date
Thu, 24 May 2018 14:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1648269
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
20577
x-xss-protection
1; mode=block
last-modified
Tue, 10 Oct 2017 21:49:29 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 May 2019 14:02:25 GMT
jquery-bv%401.11.1%2Blodash-bv%401.2.0.js
display.ugc.bazaarvoice.com/common/static-assets/2.0.0/ 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.ugc.bazaarvoice.com/common/static-assets/2.0.0/jquery-bv%401.11.1%2Blodash-bv%401.2.0.js
Requested by
Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/en_US/bvapi.js
Protocol
SPDY
Server
52.222.146.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a465e31271b5a889f4bfd0b6ce67a9412d6df00e7d6e93b282015d6b40793307

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 30 Mar 2017 02:34:09 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2017 15:48:59 GMT
server
AmazonS3
age
2537500
etag
"03f39d77b41d8c672df8a5ec4cfa0dc2"
x-cache
Hit from cloudfront
x-amz-version-id
myIxp35Cc6SweAqZ9YfvabEkWV5L8FMD
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/javascript
content-length
39356
via
1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
x-amz-cf-id
oaYsAu9D4pDzYj4T4IxRZzSPoZsIQW4me5-YQMdxtyZWea9thhTR4A==
bv-primary.js
display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/218/13573/en_US/scripts/ 		1001 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/218/13573/en_US/scripts/bv-primary.js
Requested by
Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/en_US/bvapi.js
Protocol
SPDY
Server
52.222.146.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f536b131cb5aeb3016c504c1c32627574791ab0bf1b8ac4f0939e620f60c2d5a

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 08 May 2018 22:53:45 GMT
content-encoding
gzip
last-modified
Fri, 04 May 2018 16:30:39 GMT
server
AmazonS3
age
2998790
etag
"167e6489dd0297e7f3932c348a00efb8"
x-cache
Hit from cloudfront
x-amz-version-id
LwKg6aARM_dDffjl9Keia0WZogUDZioE
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
224328
via
1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
x-amz-cf-id
QukywOPVjX2DRPieOPOVIPRL9EvnBckev4VnjG-sDGyfaLLp_JJGsQ==
screen.css
display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/218/13573/en_US/stylesheets/ 		489 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/218/13573/en_US/stylesheets/screen.css
Requested by
Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/en_US/bvapi.js
Protocol
SPDY
Server
52.222.146.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dbe19ba33a3564db173e87606d19648a63de9052d8a2debb6581e77d3478a9a

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 08 May 2018 22:53:45 GMT
content-encoding
gzip
last-modified
Fri, 04 May 2018 16:30:39 GMT
server
AmazonS3
age
2998790
etag
"cdcc50231563e8e8d7d945cd71c5f2d6"
x-cache
Hit from cloudfront
x-amz-version-id
zeoaT0B1y1JEuj8zMXqWHCY431aZioZi
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
text/css; charset=UTF-8
content-length
48046
via
1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
x-amz-cf-id
nI_3t3TnDa4o6BMCTkpzYtaG_NP2THKql6LvaqNU4fv78Qr7AaSXFA==
loader.js
static.curations.bazaarvoice.com/gallery/elfcosmetics/prod/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.curations.bazaarvoice.com/gallery/elfcosmetics/prod/loader.js
Requested by
Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/en_US/bvapi.js
Protocol
HTTP/1.1
Server
151.101.112.70 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f0534d46314293f8dacf83ad9d7b1e0f33f209a6331ce94d9d3ff1321470d8e

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:34 GMT
Content-Encoding
gzip
Age
3481
Via
1.1 varnish
X-Cache
HIT
Connection
keep-alive
Content-Length
3326
x-amz-id-2
NvnlRSyxpdcfNSrepGBAUzw7tH+HJj5wG27bKE/eMou5KzY33tlvnkGRYZnAdz0N9HqrVlVWPNY=
X-Served-By
cache-hhn1545-HHN
Last-Modified
Wed, 04 Apr 2018 16:18:03 GMT
Server
AmazonS3
X-Timer
S1528818815.712404,VS0,VE0
ETag
"19cf712ccb5282e70ff0a639c64daa29"
x-amz-request-id
A12511DB1D662FF4
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
3
bv.js
apps.nexus.bazaarvoice.com/firebird/cookie-match/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.nexus.bazaarvoice.com/firebird/cookie-match/bv.js
Requested by
Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/en_US/bvapi.js
Protocol
HTTP/1.1
Server
151.101.112.230 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90f1605834b4e21cb6da66dd68207b5cb533b1eaa882625c9b18fedb878ea3bc

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:34 GMT
Via
1.1 2db316290386960b489a2a16c0a63643.cloudfront.net (CloudFront), 1.1 varnish
Age
85861
X-Cache
Miss from cloudfront, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3814
X-Served-By
cache-hhn1533-HHN
Last-Modified
Thu, 22 Mar 2018 19:32:56 GMT
Server
AmazonS3
X-Timer
S1528818815.698622,VS0,VE0
ETag
"a798ffd89d8b457cd505c8108c70bca3"
Content-Type
application/x-javascript
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
1S-HONTlAeyU3KpU4b3f1OfI5WEYJM5yoQcsCGZcWOSMwI6z1x-RNA==
X-Cache-Hits
1643
bat.js
bat.bing.com/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP
Protocol
SPDY
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b16aa4872ac68c1c93b346d265c99d6a83aacac1ba43f1e8f180573a3408787c

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:33 GMT
content-encoding
gzip
last-modified
Thu, 17 May 2018 20:25:04 GMT
x-msedge-ref
Ref A: 75AC261AD2AC49E5870BFB049D2EDE40 Ref B: FRAEDGE0508 Ref C: 2018-06-12T15:53:34Z
status
200
etag
"0d071231deed31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
6586
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP
Protocol
SPDY
Server
172.217.23.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3447
date
Tue, 12 Jun 2018 14:56:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Tue, 12 Jun 2018 16:56:07 GMT
hotjar-706225.js
static.hotjar.com/c/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-706225.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
68921eae23390ab3a8fe67b22624ccd326f0f5e8fcd513d4d611fd06043edbf3

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jun 2018 15:53:34 GMT
ETag
"1528818814"
X-HW
1528818814.dop006.fr8.shc,1528818814.dop006.fr8.t,1528818814.cds013.fr8.e
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1572
conversion_async.js
www.googleadservices.com/pagead/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP
Protocol
SPDY
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
6022920f59ece50d92a524f38ab8b3a905f58227dc0792e038a0f604a3dfe278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
5993
x-xss-protection
1; mode=block
server
cafe
etag
15988153312993049662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Jun 2018 15:53:34 GMT
widget_async.js
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
HTTP/1.1
Server
52.222.149.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-241.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78b0b9b830148e91f954dc735dd5042dab706b3e84662a338d095dd653083d48

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 07 Jun 2018 09:51:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 May 2018 13:50:07 GMT
Server
AmazonS3
Age
106
ETag
"5526dc2d85f542746bf47f83b8234128"
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 b2eb119180a1f499dade55aa4e26c619.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
887
X-Amz-Cf-Id
2nmMc7cYvZulP9y69nwWiBxHMut-fZ_FMji6OYhjkykPDEeraXAg5Q==
x-amz-meta-mtime
1527601805.02

Redirect headers

Location
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Date
Tue, 12 Jun 2018 15:53:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
fbevents.js
connect.facebook.net/en_US/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
aec5e755565ea3ba556c696a0e2277cb01093ad4ca3ddb1e16e0d1c158337a24
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
public
x-fb-debug
gxbPI2VFwvzdSReRFH6QWIkkDa6XO5ozdfe6Ks1AAbaZY746oVPtTua8wUxhr+y7onULSHj79ivoRwLn5IhCyA==
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Jun 2018 15:53:34 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
13045
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
HTTP/1.1
Server
151.101.12.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
145bd665e4e4ce3e3bad95b097c7d876b92a4129a551b6753f1b36dd147fd058

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Encoding
gzip
X-CDN
fastly
ETag
"73fa7d1211ea0dd72369b4fb3eb504e1"
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN
Cache-Control
max-age=526949
Connection
keep-alive
Content-Length
15599
110221.ct.js
intljs.rmtag.com/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intljs.rmtag.com/110221.ct.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
52.222.146.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-37.fra53.r.cloudfront.net
Software
Microsoft-IIS/8.5 /
Resource Hash
d68d071bb7d9054efde2a0e0e630660b86a4234ffe64b1077d8824ded8d0d76f

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 11 Jun 2018 22:34:22 GMT
content-encoding
gzip
last-modified
Sun, 10 Jun 2018 13:13:53 GMT
server
Microsoft-IIS/8.5
age
62354
sn
ovfews0
vary
Accept-Encoding
x-cache
Hit from cloudfront
p3p
CP="NOI BUS NID DSP COR"
status
200
cache-control
max-age=86400
content-type
application/javascript
x-amz-cf-id
GG25X1Y5gxYuD3uXbLSTFmaFQOJzD2Y4HkiFGv_enBKzGjc85-lgtQ==
via
1.1 b74a7a3f7ddfd685212e870d027c332d.cloudfront.net (CloudFront)
activityi;dc_pre=CLXSgvO9ztsCFRA-4AodH9UGow;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_sour...
6038784.fls.doubleclick.net/ Frame 8EF1
Redirect Chain
  • https://6038784.fls.doubleclick.net/activityi;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_so...
  • https://6038784.fls.doubleclick.net/activityi;dc_pre=CLXSgvO9ztsCFRA-4AodH9UGow;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromoti...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6038784.fls.doubleclick.net/activityi;dc_pre=CLXSgvO9ztsCFRA-4AodH9UGow;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.21.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
6038784.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLXSgvO9ztsCFRA-4AodH9UGow;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
452F6A66AC2EC85AD76BD4F19465A3BE
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 12 Jun 2018 15:53:34 GMT
expires
Tue, 12 Jun 2018 15:53:34 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUmAqLUEZzjcbgiEZt-7oZsKhORXLJma8TCf6OfEePYsdg3zGqc4NEKCUMo_; expires=Sun, 07-Jul-2019 15:53:34 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 12 Jun 2018 15:53:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6038784.fls.doubleclick.net/activityi;dc_pre=CLXSgvO9ztsCFRA-4AodH9UGow;src=6038784;type=remark00;cat=sitew0;ord=7025669182055;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 12-Jun-2018 16:08:34 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
activityi;dc_pre=CNCUg_O9ztsCFZpA4Aod4AcOmg;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source...
6038784.fls.doubleclick.net/ Frame A5FE
Redirect Chain
  • https://6038784.fls.doubleclick.net/activityi;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_sour...
  • https://6038784.fls.doubleclick.net/activityi;dc_pre=CNCUg_O9ztsCFZpA4Aod4AcOmg;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6038784.fls.doubleclick.net/activityi;dc_pre=CNCUg_O9ztsCFZpA4Aod4AcOmg;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7MZLHP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.21.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
6038784.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNCUg_O9ztsCFZpA4Aod4AcOmg;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
452F6A66AC2EC85AD76BD4F19465A3BE
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 12 Jun 2018 15:53:34 GMT
expires
Tue, 12 Jun 2018 15:53:34 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUnsLUexkt3wG2_9EYvhXp7Ky2HQBkOKgyjOEWVSTROzw7g71J8fdcv9NWvw; expires=Sun, 07-Jul-2019 15:53:34 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 12 Jun 2018 15:53:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6038784.fls.doubleclick.net/activityi;dc_pre=CNCUg_O9ztsCFZpA4Aod4AcOmg;src=6038784;type=globa0;cat=elfus0;ord=9746760252567;gtm=G64;u6=;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 12-Jun-2018 16:08:34 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Server
172.217.23.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f174.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2993
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
1296
x-xss-protection
1; mode=block
expires
Tue, 12 Jun 2018 16:03:41 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065719768/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065719768/?random=1528818814763&cv=9&fst=1528818814763&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=ecomm_prodid%3D%22%22%3Becomm_totalvalue%3D%22%22&gtm=G64&sendb=1&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&tiba=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e6bbd9fdaf9c57dfa17c6668da9c0a62121e9ac57c5c3890b6145714de470fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
1107
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/?random=1528818814769&cv=9&fst=1528818814769&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=ecomm_prodid%3D%22%22%3Becomm_totalvalue%3D%22%22&gtm=G64&sendb=1&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&tiba=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
38d8060828964248c2d14a360e3f85bd76b230b4ec1138574d4785f12f786115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
1106
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
1638306756445368
connect.facebook.net/signals/config/ 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1638306756445368?v=2.8.16&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
800cfba5a76e244d76ed8e69c7039cc51b5685a5179f59d8e00b9147836abbdb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
13490
x-xss-protection
0
pragma
public
x-fb-debug
r7jts08nwjdAyRFTLjov17Zg8aT8sxnpDH2vkP1f7Cz02u+EdgvRIHfq7eFfe1cT1UAXSph/kQ2AkLR10Q6N4A==
x-frame-options
DENY
date
Tue, 12 Jun 2018 15:53:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=728485645&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-432816-1&cid=437033110.1528818815&jid=1007488728&_gid=1907868308.1528818815&gjid=1008501607&_v=j68&z=313919249
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-432816-1&cid=437033110.1528818815&jid=1007488728&_gid=1907868308.1528818815&gjid=1008501607&_v=j68&z=313919249
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
173.194.76.156 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 12 Jun 2018 15:53:34 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:34 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-432816-1&cid=437033110.1528818815&jid=1007488728&_gid=1907868308.1528818815&gjid=1008501607&_v=j68&z=313919249
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2615235625530&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1528818814785
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
HTTP/1.1
Server
151.101.112.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jun 2018 15:53:34 GMT
Age
0
Content-Type
image/gif
Access-Control-Allow-Origin
*
Pinterest-Generated-By
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
X-Pinterest-RID
909090055523
Expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5013978&Ver=2&mid=9d5cbfe7-b2a9-ca09-c8ec-54d042df8f29&evt=pageLoad&sid=4720a09f-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Makeup%20Sales,%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&kw=%20&p=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&r=&msclkid=N&rn=152578
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 12 Jun 2018 15:53:33 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 8109750EE0B0468284459A46319A9A40 Ref B: FRAEDGE0508 Ref C: 2018-06-12T15:53:34Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
popup-flag-icon.png
cdn.shopify.com/s/files/1/2080/4307/t/10/assets/ 		967 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/2080/4307/t/10/assets/popup-flag-icon.png
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
2.18.232.70 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-70.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
38700250a23e1a3e8bf7f48a8e00e9d59e2d4480a0417eda8d1ff286599b4859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
x-content-type-options
nosniff
x-image
proxied_with_processing
p3p
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
status
200
content-length
967
x-xss-protection
1; mode=block
x-request-id
9df3a3ad77df13f270dbb15dbb7162e0
surrogate-key
shop-20804307
last-modified
Tue, 07 Nov 2017 16:28:37 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
link
<https://cdn.shopify.com/s/files/1/2080/4307/t/10/assets/popup-flag-icon.png>; rel="canonical"
FS25-US.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw15acd7a3/homepage/2018/apr/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw15acd7a3/homepage/2018/apr/FS25-US.jpg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43121d490f7287220a8ce16f9a00d09078c1658169c88b59068030983d0cdeb6

Request headers

:path
/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw15acd7a3/homepage/2018/apr/FS25-US.jpg
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Apr 2018 22:01:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2564619
x-dw-thumbnail-status
NO_THUMBNAIL
accept-ranges
bytes
cf-ray
429d7db89d40266c-FRA
x-dw-request-base-id
TS5lBlr_Msi0AgAK
content-length
19437
expires
Thu, 12 Jul 2018 08:17:13 GMT
2018june-wk1-gwp-US.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw3da45a04/homepage/2018/june/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw3da45a04/homepage/2018/june/2018june-wk1-gwp-US.jpg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87efeec2afdca1fe926ee418a60ec3552f8b0a76b18e18b45b5a076cf5cd66bd

Request headers

:path
/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw3da45a04/homepage/2018/june/2018june-wk1-gwp-US.jpg
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
cf-cache-status
HIT
last-modified
Tue, 29 May 2018 23:10:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2578808
accept-ranges
bytes
cf-ray
429d7db89d42266c-FRA
x-dw-request-base-id
eHwePlsOW4W0AgAK
content-length
106392
expires
Thu, 12 Jul 2018 12:13:42 GMT
DedicatedPromoPage_beautysquad_offer_desktop.jpg
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw267bfc32/homepage/2018/feb/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw267bfc32/homepage/2018/feb/DedicatedPromoPage_beautysquad_offer_desktop.jpg
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc79da2a8261a6546b2bad51a04cb45773eef304aa662df06b7006d8c5f53370

Request headers

:path
/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw267bfc32/homepage/2018/feb/DedicatedPromoPage_beautysquad_offer_desktop.jpg
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2018 22:18:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2587971
x-dw-thumbnail-status
NO_THUMBNAIL
accept-ranges
bytes
cf-ray
429d7db89d43266c-FRA
x-dw-request-base-id
7QOsDVqEpnC0AgAK
content-length
18500
expires
Thu, 12 Jul 2018 14:46:25 GMT
country-flag-us.png
www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw18ded0c3/country-flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw18ded0c3/country-flags/country-flag-us.png
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bfcd2af07d65708af675f0e242f77980f7109e565faf1fb437a5807ed76b8da

Request headers

:path
/on/demandware.static/-/Library-Sites-elfSharedLibrary/default/dw18ded0c3/country-flags/country-flag-us.png
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Feb 2018 18:47:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2591999
x-dw-thumbnail-status
NO_THUMBNAIL
accept-ranges
bytes
cf-ray
429d7db89d44266c-FRA
x-dw-request-base-id
9AOdBVqHOmK0AgAK
content-length
4209
expires
Thu, 12 Jul 2018 15:53:33 GMT
storefront.js
cdn.sweettooth.io/assets/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sweettooth.io/assets/storefront.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
52.222.146.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-103.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
a9bb6266973d3e4dfd4716b8d883bc2c4485e9b792454bf67f03940804cb5ef8

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 10 Jun 2018 08:15:43 GMT
content-encoding
gzip
last-modified
Tue, 05 Jun 2018 20:32:16 GMT
server
nginx
age
87
etag
W/"5b16f350-1fbb3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
public, max-age=300
x-amz-cf-id
lLJnM8x8QFPTuiX1zZ_rlevH2_saR1kvwbiMoCeoJtP7pVoEZLSptA==
via
1.1 vegur, 1.1 f66721f299cdd94cb1cfea4adb30fe56.cloudfront.net (CloudFront)
plugins.min.js
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/js/ 		385 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/js/plugins.min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66ce35d0332e55b06c2d24ef04a181ff8d6a01da2687ce1b0aac27757d9f624

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/js/plugins.min.js
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jun 2018 19:56:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2591755
cf-ray
429d7db89d45266c-FRA
x-dw-request-base-id
sHVXFlsfbd-_AgAK
expires
Thu, 12 Jul 2018 15:49:29 GMT
app.min.js
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/js/ 		246 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/js/app.min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68c1630f5fd0bd8d7c3ab9ae89435b62e077c8471ed308cc3833bb0c3a2f506

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/js/app.min.js
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jun 2018 19:56:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2591755
cf-ray
429d7db89d46266c-FRA
x-dw-request-base-id
Y3WLFlsfbd-_AgAK
expires
Thu, 12 Jul 2018 15:49:29 GMT
p
consent.linksynergy.com/consent/v1/ 		35 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.linksynergy.com/consent/v1/p?domain=www.elfcosmetics.com&sought=false&aff_mid=39724&attr_sid=110221&in_scope=false&purposes=&vendors=&ext_id=4a28b2c8-1e66-4814-a58d-1cd8527e1ee3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.23.179 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f179.1e100.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:34 GMT
via
1.1 google
content-length
35
content-type
image/gif
p
consent.nxtck.com/consent/v1/ 		35 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.nxtck.com/consent/v1/p?domain=www.elfcosmetics.com&sought=false&aff_mid=39724&attr_sid=110221&in_scope=false&purposes=&vendors=&ext_id=4a28b2c8-1e66-4814-a58d-1cd8527e1ee3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.21.243 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f19.1e100.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:34 GMT
via
1.1 google
content-length
35
content-type
image/gif
p
consent.mediaforge.com/consent/v1/ 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.mediaforge.com/consent/v1/p?domain=www.elfcosmetics.com&sought=false&aff_mid=39724&attr_sid=110221&in_scope=false&purposes=&vendors=&ext_id=4a28b2c8-1e66-4814-a58d-1cd8527e1ee3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.21.243 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f19.1e100.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:34 GMT
via
1.1 google
content-length
35
content-type
image/gif
p
consent.jrs5.com/consent/v1/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.jrs5.com/consent/v1/p?domain=www.elfcosmetics.com&sought=false&aff_mid=39724&attr_sid=110221&in_scope=false&purposes=&vendors=&ext_id=4a28b2c8-1e66-4814-a58d-1cd8527e1ee3
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.21.243 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f19.1e100.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:34 GMT
via
1.1 google
content-length
35
content-type
image/gif
lqs.aspx
ct1.ra.linksynergy.com/dcv4/ 		35 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct1.ra.linksynergy.com/dcv4/lqs.aspx?tp=nl&so=lt&sid=110221&uid=1528818814813.57095041.04810524.110221.856521374.4&jsv=b.3.001%3Ac.3.001%3As.3.001&uts=1&tfs=1000514&uvc=1&pgc=1&lig=2&tpd=%7C&tvd=%3A&tt0=tsid%3A1000514%7Ccid%3Anonbrand&prtcl=https%3A&ppth=%2Fpromotion-details%2F&pgn=&sby=www.elfcosmetics.com&sus=1&gdpr=00e0%3A4a28b2c8-1e66-4814-a58d-1cd8527e1ee3&igclid=1&chn=1&pqs=coupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.21.243 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f19.1e100.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:34 GMT
via
1.1 google
content-type
image/gif
content-length
35
p3p
CP="NOI BUS NID DSP COR"
lqs.aspx
nyt2.dc-storm.com/dcv4/ 		35 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nyt2.dc-storm.com/dcv4/lqs.aspx?tp=ilk&sid=110221&uid=1528818814813.57095041.04810524.110221.856521374.4
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.21.243 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f19.1e100.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:34 GMT
via
1.1 google
content-type
image/gif
content-length
35
p3p
CP="NOI BUS NID DSP COR"
dwanalytics-18.3.js
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/dwanalytics-18.3.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6890024bede598056ad5fee9f009c3ded75b5b83214b17f3e9496a910ae53044

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/dwanalytics-18.3.js
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724; stc110221=tsa:-2007475767:20180612162334|env:1%7C20180713155334%7C20180612162334%7C1%7C1000514:20190612155334|uid:1528818814813.57095041.04810524.110221.856521374.4:20190612155334|srchist:1000514%3A1%3A20180713155334:20190612155334
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 12 Jun 2018 06:53:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2591755
accept-ranges
bytes
cf-ray
429d7db8ad54266c-FRA
x-dw-request-base-id
4n1Ia1sfbd-0AgAK
content-length
1867
expires
Thu, 12 Jul 2018 15:49:29 GMT
dwac-16.9.js
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/dwac-16.9.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
430922b1c14b08c7455fe469e69acecc9913e86f55cb1d2ee2827697b979c160

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/dwac-16.9.js
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724; stc110221=tsa:-2007475767:20180612162334|env:1%7C20180713155334%7C20180612162334%7C1%7C1000514:20190612155334|uid:1528818814813.57095041.04810524.110221.856521374.4:20190612155334|srchist:1000514%3A1%3A20180713155334:20190612155334
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 12 Jun 2018 06:53:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2591755
accept-ranges
bytes
cf-ray
429d7db8ad55266c-FRA
x-dw-request-base-id
zXxmalsfbd-0AgAK
content-length
1775
expires
Thu, 12 Jul 2018 15:49:29 GMT
gretel.min.js
cdn.cquotient.com/js/v2/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
52.222.156.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-156-157.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
300b1b914c7dcce02443072cde7042df280dfef0ad301161d552affe6c8dafc3

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 13 Mar 2018 18:45:18 GMT
content-encoding
gzip
last-modified
Tue, 13 Mar 2018 18:41:34 GMT
server
AmazonS3
age
466
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
5fXSmEGsjpC_bFyaCHGCddoGS0xRopGwWAjMKnb93LC4c3BaN1X-kg==
via
1.1 ac27d939fa02703c4b28926f53f95083.cloudfront.net (CloudFront)
applepay.js
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/applepay.js
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebbc4bea4cfde14b2beed8bcfe433dd58600048fd64be51126088d3dcc5c95ac

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/internal/jscript/applepay.js
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724; stc110221=tsa:-2007475767:20180612162334|env:1%7C20180713155334%7C20180612162334%7C1%7C1000514:20190612155334|uid:1528818814813.57095041.04810524.110221.856521374.4:20190612155334|srchist:1000514%3A1%3A20180713155334:20190612155334
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 12 Jun 2018 06:53:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2591759
accept-ranges
bytes
cf-ray
429d7db8ad56266c-FRA
x-dw-request-base-id
zHXBEVsfbeO_AgAK
content-length
3897
expires
Thu, 12 Jul 2018 15:49:33 GMT
/
www.facebook.com/tr/ 		44 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&rl=&if=false&ts=1528818814829&sw=1600&sh=1200&v=2.8.16&r=stable&ec=0&o=28&it=1528818814776
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 12 Jun 2018 15:53:34 GMT
2sDZZGJYnIjSi6H75xk700CsBJ0d.ttf
fonts.gstatic.com/s/assistant/v2/ 		36 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v2/2sDZZGJYnIjSi6H75xk700CsBJ0d.ttf
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.23.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f163.1e100.net
Software
sffe /
Resource Hash
acbb6283100f8ddf0db9599ba3073306a829d6181587287d44fcd21792436250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Assistant:400,700
Origin
https://www.elfcosmetics.com

Response headers

date
Thu, 24 May 2018 18:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1632592
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
20811
x-xss-protection
1; mode=block
last-modified
Tue, 10 Oct 2017 21:49:56 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 May 2019 18:23:42 GMT
/
www.google.com/ads/user-lists/865242110/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/865242110/?random=1528818814769&cv=9&fst=1528815600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=ecomm_prodid%3D%22%22%3Becomm_totalvalue%3D%22%22&gtm=G64&sendb=1&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&tiba=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&async=1&fmt=3&cdct=2&is_vtc=1&random=1067472634&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.22.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f4.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:34 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/865242110/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/user-lists/865242110/?random=1528818814769&cv=9&fst=1528815600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=ecomm_prodid%3D%22%22%3Becomm_totalvalue%3D%22%22&gtm=G64&sendb=1&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&tiba=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&async=1&fmt=3&cdct=2&is_vtc=1&random=1067472634&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.21.227 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f3.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:34 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/ads/user-lists/1065719768/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/1065719768/?random=1528818814763&cv=9&fst=1528815600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=ecomm_prodid%3D%22%22%3Becomm_totalvalue%3D%22%22&gtm=G64&sendb=1&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&tiba=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&async=1&fmt=3&cdct=2&is_vtc=1&random=2128151342&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.22.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f4.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:34 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/1065719768/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/user-lists/1065719768/?random=1528818814763&cv=9&fst=1528815600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=ecomm_prodid%3D%22%22%3Becomm_totalvalue%3D%22%22&gtm=G64&sendb=1&frm=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&tiba=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&async=1&fmt=3&cdct=2&is_vtc=1&random=2128151342&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
SPDY
Server
172.217.21.227 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f3.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:34 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules-0be8c19d3b8d0fcbdd1c752e72f961af.js
script.hotjar.com/ 		388 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-0be8c19d3b8d0fcbdd1c752e72f961af.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-706225.js?sv=5
Protocol
HTTP/1.1
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
24d68a67cff88d21ed8bfac260c0d62c2661deb8166834dcb695cd75de79c0df

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jun 2018 10:49:55 GMT
ETag
"1528454995"
X-HW
1528818814.dop006.fr8.shc,1528818814.dop006.fr8.t,1528818814.cds035.fr8.c
Content-Type
application/javascript
Cache-Control
max-age=31172217
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
79019
truncated
/ 		24 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40ce925d45385c5afbd468d74c305990602f2532b12dde20bb44cb5622cb5ab2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://www.elfcosmetics.com

Response headers

Access-Control-Allow-Origin
*
Content-Type
application/font-woff;charset=utf-8
truncated
/ 		30 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbf0ad8d8fb9d5ac376dd38a49d48d76eded8bfb082609d3d9b765ad033a8b87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Origin
https://www.elfcosmetics.com

Response headers

Access-Control-Allow-Origin
*
Content-Type
application/font-woff;charset=utf-8
storefront.css
cdn.sweettooth.io/assets/ 		30 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sweettooth.io/assets/storefront.css?v=1
Requested by
Host: cdn.sweettooth.io
URL: https://cdn.sweettooth.io/assets/storefront.js
Protocol
SPDY
Server
52.222.146.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-103.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
38371668cc735b6b8a30c1c5a6b35af32fe59c9d886be325738816f515c4503f

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 09:50:33 GMT
content-encoding
gzip
last-modified
Tue, 05 Jun 2018 20:32:16 GMT
server
nginx
age
179
etag
W/"5b16f350-77d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
public, max-age=300
x-amz-cf-id
aCfF6tdIpOEf2Oi9z_qFwQDubB9mRGKU_O8R2W681ll_DCtvLy56PA==
via
1.1 vegur, 1.1 f66721f299cdd94cb1cfea4adb30fe56.cloudfront.net (CloudFront)
init
cdn.sweettooth.io/v1/storefront_js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sweettooth.io/v1/storefront_js/init?callback=stInitCallback&external_customer_id=&channel_api_key=pk_HKSshYDE6okT986REq9dxayZ&customer_auth_digest=
Requested by
Host: cdn.sweettooth.io
URL: https://cdn.sweettooth.io/assets/storefront.js
Protocol
SPDY
Server
52.222.146.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-103.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
86f81b39730b330579029f0b6310d5fac1e69bafa08c80861b44ab8ae082d7f4

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-runtime
0.111311
date
Tue, 12 Jun 2018 15:53:18 GMT
content-encoding
gzip
last-modified
Tue, 12 Jun 2018 15:52:52 GMT
server
Cowboy
age
17
etag
W/"2e8441f2be6793d5bd9ed62df9af4112"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=60, public
x-amz-cf-id
Tj8tARJb1vzAvEQO7HXw-J0PrgAVZM9o7VzEECAszBuWEG6jVzHJkQ==
via
1.1 vegur, 1.1 f66721f299cdd94cb1cfea4adb30fe56.cloudfront.net (CloudFront)
x-request-id
64156c02-7548-4c45-9ff1-204594ff733d
ajax-loader.gif
www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/lib/slick/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/lib/slick/ajax-loader.gif
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/js/plugins.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

:path
/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/lib/slick/ajax-loader.gif
pragma
no-cache
cookie
__cfduid=df3c836d8175a2ddc863b3b5241f484871528818813; dwac_602623f9ae20429ec82b786e33=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo%3D|dw-only|||USD|false|US%2FPacific|true; cqcid=adxlYNLfnyZQCo8RBUoahlHbnC; sid=LPzXXvBNBNsoxIfdGof3heoAtuUlIDhNQgo; dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; dwanonymous_1a00c2845eeb01c699351ea28e20fd92=adxlYNLfnyZQCo8RBUoahlHbnC; dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=6QFWDVpjQR4SV-e-Wh5QjRN6X2fpmMz_1Q==; __cq_dnt=0; dw_dnt=0; dwsid=baQfSAh0CMFGG0njIVmRR6tYfvPdGTRXLNWfeE8Sc0KhMC8vxWOymn6y-NFvz7zHDbp9Gp_HeJ-9NCsz8EeSjQ==; BVImplmain_site=13573; _ga=GA1.2.437033110.1528818815; _gid=GA1.2.1907868308.1528818815; _gat_UA-432816-1=1; _uetsid=_uet4720a09f; rmStore=amid:39724; stc110221=tsa:-2007475767:20180612162334|env:1%7C20180713155334%7C20180612162334%7C1%7C1000514:20190612155334|uid:1528818814813.57095041.04810524.110221.856521374.4:20190612155334|srchist:1000514%3A1%3A20180713155334:20190612155334
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/on/demandware.static/Sites-elf-us-Site/-/en_US/v1528786397446/css/style.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:35 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Jun 2018 19:56:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=2591748
accept-ranges
bytes
cf-ray
429d7dbb4897266c-FRA
x-dw-request-base-id
pnxpalsfbeG0AgAK
content-length
4178
expires
Thu, 12 Jul 2018 15:49:23 GMT
rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
vars.hotjar.com/ Frame EACE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-706225.js?sv=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash

Request headers

Host
vars.hotjar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
452F6A66AC2EC85AD76BD4F19465A3BE
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)

Response headers

Date
Tue, 12 Jun 2018 15:53:35 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
ETag
"1527087014"
Cache-Control
max-age=29823286
Content-Encoding
gzip
Content-Length
869
Content-Type
text/html
Last-Modified
Wed, 23 May 2018 14:50:14 GMT
X-HW
1528818815.dop012.fr8.shc,1528818815.dop012.fr8.t,1528818815.cds004.fr8.c
signup
smile-ui-panel-lite-cdn.smile.io/nudge/ Frame AEB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://smile-ui-panel-lite-cdn.smile.io/nudge/signup?channel_id=&storefront_panel_cache_key=0.115017655742861528818772412&storefront_panel_id=8390
Requested by
Host: cdn.sweettooth.io
URL: https://cdn.sweettooth.io/assets/storefront.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.146.146 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-146.fra53.r.cloudfront.net
Software
Cowboy /
Resource Hash
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
smile-ui-panel-lite-cdn.smile.io
:scheme
https
:path
/nudge/signup?channel_id=&storefront_panel_cache_key=0.115017655742861528818772412&storefront_panel_id=8390
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
452F6A66AC2EC85AD76BD4F19465A3BE
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)

Response headers

status
200
content-type
text/html; charset=utf-8
server
Cowboy
x-frame-options
ALLOWALL
date
Tue, 12 Jun 2018 15:53:19 GMT
cache-control
max-age=31556952, public
etag
W/"863c414c217e4e770e422ca9264db640"
x-request-id
c5e4c652-c6f7-4ab2-adbc-ce9e06dcd82f
x-runtime
0.268442
via
1.1 vegur, 1.1 492376a657ddc8d381dbc676ab798325.cloudfront.net (CloudFront)
age
16
x-cache
Hit from cloudfront
x-amz-cf-id
K9wUur31O7Jv86JJ3SLtwMlbA10ly7BVAu6KtetZofDqpAn114_2fA==
widget.js
d3rr3d0n31t48m.cloudfront.net/widget/ 		161 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=82f7fe4
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Protocol
HTTP/1.1
Server
52.222.149.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-241.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef76c07cab6dc7fe24dcd9be6ef679b198b204c55bef60f1910f3a02689c94e2

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 29 May 2018 13:50:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 May 2018 13:50:09 GMT
Server
AmazonS3
Age
1216970
ETag
"e43274bd881e72e1546718701a530a7d"
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 b2eb119180a1f499dade55aa4e26c619.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42600
X-Amz-Cf-Id
plmGep7ik3lJjhKhferkh1LF3TqQjbk3j5Q5bq-XcicGhRZ9nxuOYg==
x-amz-meta-mtime
1527601804.46
widget.css
d3rr3d0n31t48m.cloudfront.net/widget/ 		81 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget.css?v=f269d74
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Protocol
HTTP/1.1
Server
52.222.149.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-156.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7918bd30bcaa0bb24f5e40b8ff58195da4a8f1b156f148885f5027cff3cd1e88

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 29 May 2018 13:50:45 GMT
Content-Encoding
gzip
Age
1216971
X-Cache
Hit from cloudfront
x-amz-meta-mode
33188
Connection
keep-alive
Content-Length
13389
Last-Modified
Tue, 29 May 2018 13:50:08 GMT
Server
AmazonS3
ETag
"42ea1d6f4591ea5b9f2e62bae30b119e"
x-amz-meta-uid
0
x-amz-meta-gid
0
Via
1.1 0e417d376ffbd42061f20338431828b5.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
Content-Type
text/css; charset=UTF-8
X-Amz-Cf-Id
255nhN20dn5i4J22ne2BpLg82fqu6QmK3i7_Q1xZzEb5GjWVOFgH4g==
x-amz-meta-mtime
1527601804.99
cs_addstrap.css
addstrap-ui.addshoppers.com/1.1.4/ 		137 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://addstrap-ui.addshoppers.com/1.1.4/cs_addstrap.css
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Protocol
SPDY
Server
35.190.71.216 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
216.71.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3f878a4b89f1494b928b44401cfbe610f0ed2f58029d67ef156f3ba694de3b0b

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 01 Jun 2018 14:49:58 GMT
content-encoding
gzip
age
954217
x-guploader-uploadid
AEnB2UoQN2JnXPgvwiKocmp3RGNTBK_5C6qzVBawkFaMnJ1KycPdcW-3kaUkVQ-4fXpZ40aBq3nQi0DX6tOGduXO3T-TBQEB-A
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
16438
last-modified
Fri, 01 Jun 2018 14:06:45 GMT
server
UploadServer
etag
"3653a16ffcae9a0a6bd0873fdc544778"
x-goog-hash
crc32c=uiogEA==, md5=NlOhb/yumgpr0Ic/3FRHeA==
x-goog-generation
1527862005060491
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-transform
x-goog-stored-content-length
16438
accept-ranges
bytes
content-type
text/css
expires
Sat, 01 Jun 2019 14:49:58 GMT
bv-analytics.js
analytics-static.ugc.bazaarvoice.com/prod/static/3/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-static.ugc.bazaarvoice.com/prod/static/3/bv-analytics.js
Requested by
Host: display.ugc.bazaarvoice.com
URL: https://display.ugc.bazaarvoice.com/static/elfcosmetics/main_site/218/13573/en_US/scripts/bv-primary.js
Protocol
SPDY
Server
52.222.146.92 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-92.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fe837fc8086ded1ef0297f05c7738fd6e0794d912ca2a22539939d21a71193e

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 04 Jun 2018 21:40:15 GMT
content-encoding
gzip
last-modified
Mon, 04 Jun 2018 17:51:46 GMT
server
AmazonS3
age
65601
etag
"cd6ab0f530ff0857f58dad9c76fb309c"
x-cache
Hit from cloudfront
x-amz-version-id
qcqgSkhNocwowNOGp7hXMApgAQcsKwA6
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-type
application/javascript
content-length
11627
via
1.1 59574f77a7cf2d23d64904db278e5711.cloudfront.net (CloudFront)
x-amz-cf-id
c_daDLinmg3Yu0NO6DV1vDkjbwsD3HwBxpDnLn6BchcqAE-1EIuXHg==
sid.gif
network.bazaarvoice.com/ 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://network.bazaarvoice.com/sid.gif?_=aeqbnh
Requested by
Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
Protocol
HTTP/1.1
Server
52.86.47.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:36 GMT
Cache-Control
no-cache, no-transform, must-revalidate, max-age=0
Expires
-1
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
params
shop.pe/widget/main/init/ 		239 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=59d3db12bbddbd134325f6f8&product=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&product_url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=Get%20e.l.f.%20Cosmetics%20makeup%20sales%2C%20promo%20codes%20and%20coupons%20and%20shop%20cruelty%20free%20eyes%2C%20lips%20and%20face%20cosmetics.%20Skin%20care%20and%20beauty%20tools%20included.%20Grab%20and%20save%20now.&update_product=true&subcategory=&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=88067&cookie=&referer=
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=82f7fe4
Protocol
HTTP/1.1
Server
69.167.130.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
nginx /
Resource Hash
c8f595e3126e22ad2b99893a08a5a04507a94653addf38a1df16cec3117a0f72

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
P3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://my.addshoppers.com
Backend-Version
47
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Data-Regulation-Gdpr-Enforced
true
id.json
network.bazaarvoice.com/ 		123 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://network.bazaarvoice.com/id.json?_=yik9f8&callback=_bvajsonp1
Requested by
Host: analytics-static.ugc.bazaarvoice.com
URL: https://analytics-static.ugc.bazaarvoice.com/prod/static/3/bv-analytics.js
Protocol
HTTP/1.1
Server
52.86.47.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
a7e135caf9a500e7e9612ce8c6771fde32c668adfaa7253ac1247dbdf45f32dc

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:36 GMT
Content-Encoding
gzip
Cache-Control
no-cache, no-transform
Content-Length
131
Vary
Accept-Encoding, User-Agent
Connection
keep-alive
Content-Type
application/javascript
st.gif
network.bazaarvoice.com/ 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://network.bazaarvoice.com/st.gif?loadId=f0fb50e65735deab9b&BVBRANDID=6e70a0b2-63f6-466b-b3ae-5e7f7c8ed2de&BVBRANDSID=3ad857cd-abc1-4ca4-8e7e-dd484998c7a1&tz=0&magpieJsVersion=3.8.0&source=firebird&client=elfcosmetics&dc=13573&host=www.elfcosmetics.com&r_batch=!((bvProductVersion:%270.40.8%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:1118.4000000357628,endTime:1118.4000000357628,locale:en_US,name:bv-scout-start,startTime:0,type:Performance))&_=m1ldae
Protocol
HTTP/1.1
Server
52.86.47.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:36 GMT
Cache-Control
no-cache, no-transform, must-revalidate, max-age=0
Expires
-1
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
st.gif
network.bazaarvoice.com/ 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://network.bazaarvoice.com/st.gif?loadId=f0fb50e65735deab9b&BVBRANDID=6e70a0b2-63f6-466b-b3ae-5e7f7c8ed2de&BVBRANDSID=3ad857cd-abc1-4ca4-8e7e-dd484998c7a1&tz=0&magpieJsVersion=3.8.0&source=firebird&client=elfcosmetics&dc=13573&host=www.elfcosmetics.com&r_batch=!((bvProductVersion:%270.40.8%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:740.0000002235174,endTime:1858.4000002592802,locale:en_US,name:bv-primary-ready,startTime:1118.4000000357628,type:Performance),(bvProductVersion:%270.40.8%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:15.300000086426735,endTime:1873.700000345707,locale:en_US,name:bv-primary-run,startTime:1858.4000002592802,type:Performance),(bvProductVersion:%270.40.8%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:198.09999875724316,endTime:2056.4999990165234,locale:en_US,name:bv-slow-path-ready,startTime:1858.4000002592802,type:Performance),(bvProductVersion:%270.40.8%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:938.0999989807606,endTime:2056.4999990165234,locale:en_US,name:bv-core-app,startTime:1118.4000000357628,type:Performance))&_=2tr0wz
Protocol
HTTP/1.1
Server
52.86.47.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:36 GMT
Cache-Control
no-cache, no-transform, must-revalidate, max-age=0
Expires
-1
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
st.gif
network.bazaarvoice.com/ 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://network.bazaarvoice.com/st.gif?loadId=f0fb50e65735deab9b&BVBRANDID=6e70a0b2-63f6-466b-b3ae-5e7f7c8ed2de&BVBRANDSID=3ad857cd-abc1-4ca4-8e7e-dd484998c7a1&tz=0&magpieJsVersion=3.8.0&source=firebird&client=elfcosmetics&dc=13573&host=www.elfcosmetics.com&r_batch=!((bvProductVersion:%270.40.8%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:1427.5999999642372,endTime:2546,locale:en_US,name:bv-host-load,startTime:1118.4000000357628,type:Performance))&_=3rsg4m
Protocol
HTTP/1.1
Server
52.86.47.12 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:36 GMT
Cache-Control
no-cache, no-transform, must-revalidate, max-age=0
Expires
-1
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
params
shop.pe/widget/main/init/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=59d3db12bbddbd134325f6f8&product=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&product_url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=Get%20e.l.f.%20Cosmetics%20makeup%20sales%2C%20promo%20codes%20and%20coupons%20and%20shop%20cruelty%20free%20eyes%2C%20lips%20and%20face%20cosmetics.%20Skin%20care%20and%20beauty%20tools%20included.%20Grab%20and%20save%20now.&update_product=true&subcategory=&url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&callback=AddShoppersWidget.load_widget&rand=76234&cookie=2%7C1%3A0%7C10%3A1528818816%7C15%3Aaddshoppers.com%7C44%3ANTkxNTJmNTcyZWExNDUyOTg3MjM2ZGYzYmM5ZDBlNDU%3D%7Cce55f5479e1950d847696ebc6f51f0caea941181cad5c7aed650447da71fb378&referer=
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=82f7fe4
Protocol
HTTP/1.1
Server
69.167.130.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software
nginx /
Resource Hash
861cb65445cfaec2856f2e3a364a7a463f27dff81d16584559b0d34eca1477fc

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 12 Jun 2018 15:53:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
P3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://my.addshoppers.com
Backend-Version
47
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Data-Regulation-Gdpr-Enforced
true
pebble
p.cquotient.com/ 		262 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cquotient.com/pebble?tla=bbxc-elf-us&activityType=viewPage&_=1528818816264&callback=CQuotient._act_callback0&cookieId=null&referrer=&ls=false&v=v2.14.0&json=%7B%22cookieId%22%3Anull%2C%22referrer%22%3A%22%22%2C%22ls%22%3Afalse%2C%22v%22%3A%22v2.14.0%22%7D
Requested by
Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Protocol
SPDY
Server
54.229.18.61 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-18-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b9ce55bbc8fde0a0296b25a3c43583cf3ed6e68a02ce0d2fc5567b269ede210
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
200
date
Tue, 12 Jun 2018 15:53:36 GMT
x-content-type-options
nosniff
etag
W/"106-9O4dHcugUIBMvoSKdwVA2qPZ5lU"
content-length
262
strict-transport-security
max-age=15552000; includeSubdomains
content-type
text/javascript; charset=utf-8
/
www.facebook.com/tr/ 		44 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=Microdata&dl=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&rl=&if=false&ts=1528818816409&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free%22%2C%22meta%3Adescription%22%3A%22%20Get%20e.l.f.%20Cosmetics%20makeup%20sales%2C%20promo%20codes%20and%20coupons%20and%20shop%20cruelty%20free%20eyes%2C%20lips%20and%20face%20cosmetics.%20Skin%20care%20and%20beauty%20tools%20included.%20Grab%20and%20save%20now.%20%22%2C%22meta%3Akeywords%22%3A%22%20%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.16&r=stable&ec=1&o=28&it=1528818814776&es=automatic
Protocol
SPDY
Server
185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 15:53:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 12 Jun 2018 15:53:36 GMT
__Analytics-Start
www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/ 		35 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&res=1600x1200&cookie=1&ref=&title=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.6972179310016071&cmpn=&tz=US/Pacific&pcc=USD&pct=&pcat=promotion-details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.78.185 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:path
/on/demandware.store/Sites-elf-us-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.elfcosmetics.com%2Fpromotion-details%2F%3Fcoupon%3D%26utm_source%3Dtransactional%26utm_medium%3Demail%26utm_campaign%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)%26c3ch%3DEmail%26c3nid%3D4994_180612_Promo_Summer%2BSale%2B(FA%2BNonBuyers%2BOpen-30D)&res=1600x1200&cookie=1&ref=&title=Makeup%20Sales%2C%20Promos%20%26%20Coupons%20%7C%20e.l.f.%20Cosmetics-%20Cruelty%20Free&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.6972179310016071&cmpn=&tz=US/Pacific&pcc=USD&pct=&pcat=promotion-details
pragma
no-cache
cookie
BVBRANDID=6e70a0b2-63f6-466b-b3ae-5e7f7c8ed2de; BVBRANDSID=3ad857cd-abc1-4ca4-8e7e-dd484998c7a1; addshoppers.com=2%7C1%3A0%7C10%3A1528818816%7C15%3Aaddshoppers.com%7C44%3ANTkxNTJmNTcyZWExNDUyOTg3MjM2ZGYzYmM5ZDBlNDU%3D%7Cce55f5479e1950d847696ebc6f51f0caea941181cad5c7aed650447da71fb378
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.elfcosmetics.com
referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
:scheme
https
:method
GET
Referer
https://www.elfcosmetics.com/promotion-details/?coupon=&utm_source=transactional&utm_medium=email&utm_campaign=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)&c3ch=Email&c3nid=4994_180612_Promo_Summer+Sale+(FA+NonBuyers+Open-30D)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jun 2018 15:53:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
set-cookie
__cfduid=dc2d93bbeeafe0b7149ca5bdf27fdcd541528818816; expires=Wed, 12-Jun-19 15:53:36 GMT; path=/; domain=.elfcosmetics.com; HttpOnly dwac_602623f9ae20429ec82b786e33=VWv-1IKBK8mZbjt7QaYyE25hXJTbS34vKA8%3D|dw-only|||USD|false|US%2FPacific|true; Path=/ cqcid=abx186CxxiVP1wHq9hYqM1MEpc; Path=/ sid=VWv-1IKBK8mZbjt7QaYyE25hXJTbS34vKA8; Path=/ dwpersonalization_1a00c2845eeb01c699351ea28e20fd92=6a0a8a6818a63f7a37b9b1310a20180629; Expires=Sun, 09-Dec-2018 15:53:37 GMT; Path=/ dwanonymous_1a00c2845eeb01c699351ea28e20fd92=abx186CxxiVP1wHq9hYqM1MEpc; Version=1; Comment="Demandware anonymous cookie for site Sites-elf-us-Site"; Max-Age=15552000; Expires=Sun, 09-Dec-2018 15:53:37 GMT; Path=/ dwsecuretoken_1a00c2845eeb01c699351ea28e20fd92=zXX9EdsEBy3np9DpVP71aPYK37bMt6p09w==; Version=1; Comment="Demandware Secure Token for site Sites-elf-us-Site"; Path=/; Secure; HttpOnly dwsid=ygR0EfUIEMevXzCn2PP4gvEO1lGswkUhHj7KAl17W_jeX7GhtcpCaqrf2YGN1XzPp4WIHvV0bvR6EVFkqhE60A==; path=/; HttpOnly
accept-ranges
bytes
cf-ray
429d7dc4391d266c-FRA
x-dw-request-base-id
q3xNnFsf7IG0AgAK
content-length
35
expires
Thu, 01 Dec 1994 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| UserInfo object| dw object| CQuotient object| BV object| _bvaq object| $BV object| configData object| dataLayer object| google_tag_manager object| uetq string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| js function| fbq function| _fbq function| pintrk object| DataLayer object| gaplugins object| gaGlobal object| APP object| BV_WIDGET_CONFIG string| FM_PROXY_URL string| BV_UPLOAD_URL object| BVWidgets object| bvCarousel function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaData number| index string| tagId function| UET object| ct_cl function| finalCB function| contfn object| cti110221 object| urls object| hjSiteSettings function| hjBootstrap object| st object| PubSub function| $ function| jQuery function| svg4everybody object| Constants object| Resources object| Urls object| SitePreferences object| User object| Scripts object| Iconography object| SessionAttributes object| Wishlist string| meta string| keywords object| pageContext function| clr function| initlivechat function| fun function| trackPage object| jQuery111105792324097378212 object| SweetTooth undefined| stInitCallback object| picturefillCFG function| picturefill function| DOMContentLoaded object| AddShoppersLoader object| jQuery111105366554222074289 undefined| easyXDM function| as_cleanse_field function| as_detect_cc object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang object| BVA object| _bva object| result string| value boolean| _iml

2 Cookies

Domain/Path Name / Value
.elfcosmetics.com/ Name: BVBRANDSID
Value: 3ad857cd-abc1-4ca4-8e7e-dd484998c7a1
.elfcosmetics.com/ Name: BVBRANDID
Value: 6e70a0b2-63f6-466b-b3ae-5e7f7c8ed2de

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6038784.fls.doubleclick.net
addstrap-ui.addshoppers.com
analytics-static.ugc.bazaarvoice.com
apps.nexus.bazaarvoice.com
bat.bing.com
cdn.cquotient.com
cdn.shopify.com
cdn.sweettooth.io
click.e.elfcosmetics.com
connect.facebook.net
consent.jrs5.com
consent.linksynergy.com
consent.mediaforge.com
consent.nxtck.com
ct.pinterest.com
ct1.ra.linksynergy.com
d3rr3d0n31t48m.cloudfront.net
display.ugc.bazaarvoice.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
intljs.rmtag.com
maxcdn.bootstrapcdn.com
network.bazaarvoice.com
nyt2.dc-storm.com
p.cquotient.com
s.pinimg.com
script.hotjar.com
shop.pe
smile-ui-panel-lite-cdn.smile.io
static.curations.bazaarvoice.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.78.185
13.107.21.200
13.111.18.12
151.101.112.230
151.101.112.70
151.101.112.84
151.101.12.84
172.217.21.227
172.217.21.230
172.217.21.243
172.217.22.10
172.217.22.2
172.217.22.4
172.217.22.8
172.217.23.163
172.217.23.174
172.217.23.179
173.194.76.156
185.60.216.19
185.60.216.38
2.18.232.70
205.185.216.10
205.185.216.42
209.197.3.15
216.58.210.2
35.190.71.216
52.222.146.103
52.222.146.146
52.222.146.37
52.222.146.66
52.222.146.92
52.222.149.156
52.222.149.241
52.222.156.157
52.86.47.12
54.229.18.61
69.167.130.8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b9ce55bbc8fde0a0296b25a3c43583cf3ed6e68a02ce0d2fc5567b269ede210
0bd57332d2fb38cac4b8cbbd7b54c9441940b33e48a79aac29a114944a714597
0dbe19ba33a3564db173e87606d19648a63de9052d8a2debb6581e77d3478a9a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
145bd665e4e4ce3e3bad95b097c7d876b92a4129a551b6753f1b36dd147fd058
24d68a67cff88d21ed8bfac260c0d62c2661deb8166834dcb695cd75de79c0df
300b1b914c7dcce02443072cde7042df280dfef0ad301161d552affe6c8dafc3
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38371668cc735b6b8a30c1c5a6b35af32fe59c9d886be325738816f515c4503f
38700250a23e1a3e8bf7f48a8e00e9d59e2d4480a0417eda8d1ff286599b4859
38d8060828964248c2d14a360e3f85bd76b230b4ec1138574d4785f12f786115
3f878a4b89f1494b928b44401cfbe610f0ed2f58029d67ef156f3ba694de3b0b
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
40ce925d45385c5afbd468d74c305990602f2532b12dde20bb44cb5622cb5ab2
430922b1c14b08c7455fe469e69acecc9913e86f55cb1d2ee2827697b979c160
43121d490f7287220a8ce16f9a00d09078c1658169c88b59068030983d0cdeb6
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5bfcd2af07d65708af675f0e242f77980f7109e565faf1fb437a5807ed76b8da
6022920f59ece50d92a524f38ab8b3a905f58227dc0792e038a0f604a3dfe278
6176ab5474618b01560e91abd7c354b6116cf9de79963c6c9860e89a2459f7cf
6890024bede598056ad5fee9f009c3ded75b5b83214b17f3e9496a910ae53044
68921eae23390ab3a8fe67b22624ccd326f0f5e8fcd513d4d611fd06043edbf3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f0534d46314293f8dacf83ad9d7b1e0f33f209a6331ce94d9d3ff1321470d8e
78b0b9b830148e91f954dc735dd5042dab706b3e84662a338d095dd653083d48
7918bd30bcaa0bb24f5e40b8ff58195da4a8f1b156f148885f5027cff3cd1e88
7a4cb9b4c62a1deeb2a16b915c27b7a84bd2a8862d74f49cbb317440fc222654
800cfba5a76e244d76ed8e69c7039cc51b5685a5179f59d8e00b9147836abbdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861cb65445cfaec2856f2e3a364a7a463f27dff81d16584559b0d34eca1477fc
86f81b39730b330579029f0b6310d5fac1e69bafa08c80861b44ab8ae082d7f4
87efeec2afdca1fe926ee418a60ec3552f8b0a76b18e18b45b5a076cf5cd66bd
89cb42f57e0eec1d3a7ad14a2fead92a455478fb7eaef9e430101ac094bc893f
8fe837fc8086ded1ef0297f05c7738fd6e0794d912ca2a22539939d21a71193e
90f1605834b4e21cb6da66dd68207b5cb533b1eaa882625c9b18fedb878ea3bc
9b571805016f69d33b8234c8001c53a85299441c151da22df39221c982e4923e
9c74f254c6706f1b11f2d701bbc57dad1913884b1e64020bb1971368784840d2
a12b65e20973eb87e6b7717040ac948af3b535b509f88b9220519e898175900c
a1686aaad857d2138e389ed50a23a4d4db6f7f37a9e977ab9ce13529178977f5
a465e31271b5a889f4bfd0b6ce67a9412d6df00e7d6e93b282015d6b40793307
a68c1630f5fd0bd8d7c3ab9ae89435b62e077c8471ed308cc3833bb0c3a2f506
a7e135caf9a500e7e9612ce8c6771fde32c668adfaa7253ac1247dbdf45f32dc
a9bb6266973d3e4dfd4716b8d883bc2c4485e9b792454bf67f03940804cb5ef8
acbb6283100f8ddf0db9599ba3073306a829d6181587287d44fcd21792436250
aec5e755565ea3ba556c696a0e2277cb01093ad4ca3ddb1e16e0d1c158337a24
b16aa4872ac68c1c93b346d265c99d6a83aacac1ba43f1e8f180573a3408787c
c6a374e95521b6429a29cb86759cd4ae680b565d36fcdc308d91e78e86ad349b
c8f595e3126e22ad2b99893a08a5a04507a94653addf38a1df16cec3117a0f72
cbf0ad8d8fb9d5ac376dd38a49d48d76eded8bfb082609d3d9b765ad033a8b87
cc79da2a8261a6546b2bad51a04cb45773eef304aa662df06b7006d8c5f53370
d66ce35d0332e55b06c2d24ef04a181ff8d6a01da2687ce1b0aac27757d9f624
d68d071bb7d9054efde2a0e0e630660b86a4234ffe64b1077d8824ded8d0d76f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bbd9fdaf9c57dfa17c6668da9c0a62121e9ac57c5c3890b6145714de470fac
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ebbc4bea4cfde14b2beed8bcfe433dd58600048fd64be51126088d3dcc5c95ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef76c07cab6dc7fe24dcd9be6ef679b198b204c55bef60f1910f3a02689c94e2
f536b131cb5aeb3016c504c1c32627574791ab0bf1b8ac4f0939e620f60c2d5a