elfcosmetics.youshp.com Open in urlscan Pro
188.114.96.3  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

• https://www.google.com/pagead/landing?gcs=G1--&gcd=13l3l3l2l5l1&tag_exp=101529666~101533422~101671035~101747727~101794737&rnd=206502309.1728469558&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4a70n81WL3STMXv896608294za200&auid=345343728.1728469558 HTTP 302
• https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l2l5l1&tag_exp=101529666~101533422~101671035~101747727~101794737&rnd=206502309.1728469558&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4a70n81WL3STMXv896608294za200&auid=345343728.1728469558

Request Chain 51

• https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2

Request Chain 53

• https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2

Request Chain 112

• https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=3827508595622;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKnLgPGKgYkDFdBsHgIdp5I0Hw;type=conte0;cat=homep0;ord=3827508595622;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com

Request Chain 114

• https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=3127243108952;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKLPgPGKgYkDFVNkHgIdc1E1Bw;type=retarget;cat=globa0;ord=3127243108952;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com

Request Chain 115

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=2586162288585;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJnSgPGKgYkDFdloHgIdniw9RA;type=elf8j0;cat=glo_flhp;ord=2586162288585;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com

Request Chain 116

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=8842161124283;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CIq2gvGKgYkDFWRhHgIdG4girw;type=elf8j0;cat=glo_flap;ord=8842161124283;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response elfcosmetics.youshp.com/	1 MB 254 KB	1648ms 1092ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97ea80314e1d66daf4c3b7123d3e9db339f27acf64bdf1a133d3f94a43a14fe0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-origin * age 160, 160 cache-control no-store cf-cache-status DYNAMIC cf-ray 8cfdab5b59909bbe-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 09 Oct 2024 10:25:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHh7Fex7hRzG3JAFewj1l6wEWcPn38W1pd5B12lTaM9JDH2CzvmlosZu%2FPvKD5Df6ZYBULQzTZQhMQ2caS6wgj9CONxwlGqDnBf0YOf5USXMKUsS5H5bhNy2VENPEOoLgB8vQKZycjMMZQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding via 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront) x-amz-apigw-id fYLu7EbviYcEEsQ= x-amz-cf-id QIMa90BvDQJHWQ_DwVRyo1TH6yZV8rdf5OM1zy96W8KSyi_rNWQU9g== x-amz-cf-pop FRA60-P6 x-amzn-remapped-connection close x-amzn-remapped-content-length 1128889 x-amzn-remapped-date Wed, 09 Oct 2024 10:23:15 GMT x-amzn-requestid 41aaa0e1-f5ec-484e-ac0e-8acc9916d0ac x-amzn-trace-id Root=1-67065992-71762d005c3ae3d85e5d7eee;Parent=207b447fe4d51a14;Sampled=0;Lineage=1:2b75b0e9:0 x-cache Hit from cloudfront x-yottaa-metrics 36218cae0e3f/[101,34,-] 36D18cae0e61/[-,153.250] x-yottaa-optimizations ob/1000000100001000 si/36D18cae0e61-1728336458-1177125430 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-yottaa-os 200
GET H2	200	speculation elfcosmetics.youshp.com/cdn-cgi/	128 B 473 B	30ms 29ms	Other application/speculationrules+json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/speculation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://elfcosmetics.youshp.com Referer https://elfcosmetics.youshp.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FldNgPEWfGFSWwKq6Z0PJGRtCMYY9OGUkj3tSGMtmjk2goQahlZTQ1pCftKEWJKtOJjkrdsemRud42LQvRf%2Bx6CwfVzSU%2FiSzyZyFhNhVC5cjf3ID5bSBbJdBVVhIIFJc9ucHB52FlPbHA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab6239189bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com content-length 128 date Wed, 09 Oct 2024 10:25:55 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET		/ cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/	0 0
GET H2	200	/ cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/	16 KB 16 KB	356ms 40ms	Image text/html	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/ Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://elfcosmetics.youshp.com Referer https://elfcosmetics.youshp.com/ Response headers x-amzn-remapped-content-length 1149218 content-encoding gzip x-amzn-remapped-connection close etag W/"118922-hAm+UaL5CqbzHoKNaAoqIQgK1QI" age 885 x-amzn-requestid 890a6068-dd1b-42d2-9a86-8950644e629e x-cache Hit from cloudfront, HIT x-amz-cf-id Ap8xMPPfm0w0KNrEHhDfjn_dZtjjIzFb6Di1td0tpOScPdAp-g5LFA== date Wed, 09 Oct 2024 10:25:55 GMT content-type text/html; charset=utf-8 x-served-by cache-mad2200118-MAD x-cache-hits 2 x-yottaa-optimizations ob/1000000100001000 si/36118cae0e1f-1721912044-605444285 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding cache-control public, must-revalidate, s-maxage=900 x-amz-apigw-id fYJ9nEXmiYcEoHg= x-amzn-remapped-date Wed, 09 Oct 2024 10:11:10 GMT x-timer S1728469556.977467,VS0,VE0 x-amzn-trace-id Root=1-670656bd-6c908a67012f5cc04b88517b;Parent=1552eeaf53ee0b99;Sampled=0;Lineage=1:2b75b0e9:0 via 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront), 1.1 varnish x-yottaa-metrics 36218cae0e33/[90,18,-] 36118cae0e1f/[-,146.040] accept-ranges bytes access-control-allow-origin * content-length 281714 x-amz-cf-pop FRA60-P6 server CloudFront
GET		/ cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/	0 0
GET		/ cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/	0 0
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://elfcosmetics.youshp.com Referer Response headers Content-Type application/font-woff2;charset=utf-8
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://elfcosmetics.youshp.com Referer Response headers Content-Type application/font-woff2;charset=utf-8
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/gif
GET H2	200	custom-slider-0.0.15.min Show response cdn.c1.amplience.net/c/elfcosmetics/	2 KB 2 KB	418ms 21ms	Script application/javascript	2.16.1.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.c1.amplience.net/c/elfcosmetics/custom-slider-0.0.15.min Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.1.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-138.deploy.static.akamaitechnologies.com Software / Resource Hash f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=120, s-maxage=1800 content-length 1626 date Wed, 09 Oct 2024 10:25:56 GMT x-amp-srv A content-type application/javascript; charset=utf-8
GET H2	200	locale-link-rewriter-0.0.2-min Show response cdn.c1.amplience.net/c/elfcosmetics/	553 B 679 B	412ms 21ms	Script application/javascript	2.16.1.138 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.1.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-138.deploy.static.akamaitechnologies.com Software / Resource Hash 88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=120, s-maxage=1800 content-length 553 date Wed, 09 Oct 2024 10:25:56 GMT x-amp-srv A content-type application/javascript; charset=utf-8
GET H2	200	vendor.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/	2 MB 643 KB	306ms 41ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/vendor.js?yocs=Z_14_1K_ Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e6e94a67a8e376396a264f1df5f08bdeb4c3d73452f4e5415cba8b7fece15396 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-amz-meta-deploy 886826 content-encoding gzip age 143445 x-cache Miss from cloudfront, HIT x-amz-cf-id gparkcgNE9Ojlc5_FxZTJaAKrh8mSHLBCae0Y5jhRck04l5pbLJabw== date Wed, 09 Oct 2024 10:25:55 GMT content-type application/javascript; charset=utf8 x-served-by cache-mad2200111-MAD x-cache-hits 0 x-yottaa-optimizations ob/1101 si/36118cae0e20-1721912066-254981624 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 vary Accept-Encoding x-yottaa-forcecache true, true cache-control public, max-age=31104000 x-timer S1728469556.977395,VS0,VE1 via 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront), 1.1 varnish x-amz-meta-bundle 12351 x-yottaa-metrics 36218cae0e46/[14,-,1728326082286] 36118cae0e20/[hit] accept-ranges bytes access-control-allow-origin * content-length 657731 x-amz-cf-pop FRA60-P6 server AmazonS3
GET H2	200	main.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/	2 MB 537 KB	323ms 59ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/main.js?yocs=Z_14_1K_ Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2d09875789f2a6cc669ecb75cc9381d22563db93008518330fba9806f543761d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-amz-meta-deploy 886826 content-encoding gzip age 143441 x-cache Miss from cloudfront, HIT x-amz-cf-id 28Hdyyc4WCrSo8O63LJuzRM6HnpKZPXuVITD1Pq7JRxVgHbz70HHkA== date Wed, 09 Oct 2024 10:25:55 GMT content-type application/javascript; charset=utf8 x-served-by cache-mad2200111-MAD x-cache-hits 0 x-yottaa-optimizations ob/1100 si/36118cae0e22-1721912116-1642592585 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 vary Accept-Encoding x-yottaa-forcecache true, true cache-control public, max-age=31104000 x-timer S1728469556.977380,VS0,VE1 via 1.1 6e4ed2b1996ce238462d61d3bfff667a.cloudfront.net (CloudFront), 1.1 varnish x-amz-meta-bundle 12351 x-yottaa-metrics 36218cae0e2e/[15,-,1728326082263] 36118cae0e22/[-,123.721] accept-ranges bytes access-control-allow-origin * content-length 549579 x-amz-cf-pop FRA60-P6 server AmazonS3
GET H2	200	pages-home.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/	5 KB 3 KB	306ms 42ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/pages-home.js?yocs=Z_14_1K_ Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 85193ce650d729d9f59d3bd0dd556655438b08d098f0d7c3438006c153004f51 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-amz-meta-deploy 886826 content-encoding gzip age 143459 x-cache Miss from cloudfront, HIT x-amz-cf-id 1D9I8PZgVwsVO99wkgMyctvJgI-iY_Ia0pS8rBJ-61-iutBSO_3VIA== date Wed, 09 Oct 2024 10:25:55 GMT content-type application/javascript; charset=utf8 x-served-by cache-mad2200111-MAD x-cache-hits 0 x-yottaa-optimizations ob/1101 si/36118cae0e20-1721912066-254981403 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 vary Accept-Encoding x-yottaa-forcecache true, true cache-control public, max-age=31104000 x-timer S1728469556.977441,VS0,VE1 via 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront), 1.1 varnish x-amz-meta-bundle 12351 x-yottaa-metrics 36218cae0e46/[2,-,1728326086285] 36118cae0e20/[hit] accept-ranges bytes access-control-allow-origin * content-length 2321 x-amz-cf-pop FRA60-P6 server AmazonS3
GET H2	200	shimmer-shine-2024-10-2-IMAGE-1_D cdn.media.amplience.net/i/elfcosmetics/	33 KB 33 KB	425ms 24ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-IMAGE-1_D?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 305648ae4abfbf622509e9c9f57b9fc257d613c155b7ede42252cb4ee5eb4afe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag UbBlGt9z9,l4p5bDg2e,u2FgEXGrU,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id zt8G1RUncK x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 33307 x-amp-published Mon, 23 Sep 2024 21:32:44 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	shimmer-shine-2024-10-2-BACKGROUND-V2_D cdn.media.amplience.net/i/elfcosmetics/	1 KB 1 KB	423ms 24ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-BACKGROUND-V2_D?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 13571b97ae9bd06bce7a8efc0ec1122eecc1d245133ec68240034701e4abc9e7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag RY-noBFWm,l4p5bDg2e,7yrG9QaEO,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id BOTtUffVGf x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 1210 x-amp-published Mon, 23 Sep 2024 23:22:05 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	holiday-gift-shop-2024-10-HEADLINE cdn.media.amplience.net/i/elfcosmetics/	18 KB 18 KB	46ms 45ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-HEADLINE?%24Desktop%24=&fmt=auto&w=864 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash e79ae6c2bdbaee18807b952b984196006c929edfc619bbbe645aff2a2bd3cbd0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag fzPc0Q3if,l4p5bDg2e,mF-g78ke7,0IDlFXcJy,WepA0szpz x-amp-source-width 862 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id tPEFJVkYEG x-amp-source-height 220 accept-ranges bytes access-control-allow-origin * content-length 18422 x-amp-published Tue, 08 Oct 2024 15:55:02 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	halloween-2024-10-2-tile-IMAGE_D cdn.media.amplience.net/i/elfcosmetics/	29 KB 29 KB	56ms 56ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/halloween-2024-10-2-tile-IMAGE_D?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 599fafcd066781107a8552a2e2fed13798c06515e3788dc8afa43903955b4a63 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag 2NTyEsC85,l4p5bDg2e,Xx1FrJcdC,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id MgQ5JWElvu x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 29593 x-amp-published Wed, 25 Sep 2024 17:35:27 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	halloween-2024-10-2-tile-BACKGROUND_D cdn.media.amplience.net/i/elfcosmetics/	5 KB 5 KB	66ms 65ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/halloween-2024-10-2-tile-BACKGROUND_D?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash fe73912204eafa86c15b013b03bccbaf4d9dc667b1a30075fa5ff505b75db94a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag Za0lIEXK7,l4p5bDg2e,Lf0-Mlw_B,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id Cou1iEKosd x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 4664 x-amp-published Wed, 25 Sep 2024 17:35:28 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	shimmer-shine-2024-10-2-HEADLINE cdn.media.amplience.net/i/elfcosmetics/	13 KB 13 KB	27ms 26ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-HEADLINE?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 5bc92af610392fa717cdcb55c33cf5d77366c2b7fb9e12ced166c0de4255865a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag h9WZI2EpX,l4p5bDg2e,2tQgF1MhH,WepA0szpz x-amp-source-width 716 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id aLK1EKIh0P x-amp-source-height 250 accept-ranges bytes access-control-allow-origin * content-length 13134 x-amp-published Mon, 23 Sep 2024 22:57:49 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	holiday-gift-shop-2024-10-IMAGE-1_D cdn.media.amplience.net/i/elfcosmetics/	38 KB 39 KB	33ms 33ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-1_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-1_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-1_D?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 43ab1c64639b3becb828e2f713e753e092dcd0d9ed1abc84fa6c28bc4bb0735b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag 39DFob9d-,l4p5bDg2e,jbDCUKbuJ,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id LSfrKbj1ZW x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 39366 x-amp-published Tue, 08 Oct 2024 15:55:02 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	holiday-gift-shop-2024-10-BACKGROUND_D cdn.media.amplience.net/i/elfcosmetics/	10 KB 10 KB	32ms 31ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-BACKGROUND_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-BACKGROUND_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-BACKGROUND_D?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash a3aefad8320bb991de8eafa41f44a90e72ab74e7c6d485120e9a3b3fd32495b2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag jCMwbAKWP,l4p5bDg2e,6bFvEsMpx,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:56 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id 0OqOGUpYdu x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 10039 x-amp-published Tue, 08 Oct 2024 15:55:02 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	s.js Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	6 KB 3 KB	46ms 46ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7090119f207b31976ee93be579b2a3ee3a496dd7f19444f8fd310d74982ce23f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-robots-tag none access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybFHuiJ%2BppXlOAzWlaj8K6u8a%2FgLVo0Z8skjwiY5ozcWxNqPNWM1T5jDhw51W5t8ya3lgdzWQm7spL%2BCu7FmglY8Xq8k%2BLA2O6CEUal7YO%2FcJEKjyFCjrkmoYXjmp5SPyOi6LQheYjBm6A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab661d369bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:56 GMT content-type text/javascript; charset=utf-8 vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
OPTIONS H2	204	event www.elfcosmetics.com/api/en-us/v2.0/ Frame	0 0	400ms 187ms	Preflight	140.174.14.100 YOTTAA-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US), Reverse DNS Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-origin * age 0 date Wed, 09 Oct 2024 10:25:57 GMT vary Access-Control-Request-Headers x-amz-apigw-id fYMIaFouPHcEoxw= x-amzn-remapped-connection keep-alive x-amzn-remapped-content-length 0 x-amzn-remapped-date Wed, 09 Oct 2024 10:25:57 GMT x-amzn-requestid ea010369-bc1e-40bb-8c9c-faddf593344d x-powered-by Express x-yottaa-metrics 36218cae0e2a/[167,165,-] 36D18cae0e64/[-,168.516] x-yottaa-optimizations ob/1000 si/36D18cae0e64-1728336458-7901614390 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-yottaa-os 204 x-yottaa-profileid 5a0c9b7632f01c35d4210220
OPTIONS H2	204	event www.elfcosmetics.com/api/en-us/v2.0/ Frame	0 0	221ms 186ms	Preflight	140.174.14.100 YOTTAA-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US), Reverse DNS Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-origin * age 0 date Wed, 09 Oct 2024 10:25:57 GMT vary Access-Control-Request-Headers x-amz-apigw-id fYMIaGOVPHcEgrA= x-amzn-remapped-connection keep-alive x-amzn-remapped-content-length 0 x-amzn-remapped-date Wed, 09 Oct 2024 10:25:57 GMT x-amzn-requestid 1e0463ac-89d7-4f12-bc61-8effbac06127 x-powered-by Express x-yottaa-metrics 36218cae0e2b/[165,164,-] 36D18cae0e64/[-,166.507] x-yottaa-optimizations ob/1000 si/36D18cae0e64-1728336458-7901614392 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-yottaa-os 204 x-yottaa-profileid 5a0c9b7632f01c35d4210220
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	22 KB 8 KB	445ms 40ms	Script application/javascript	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/main.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 uiXk8gw/ehyoMvZ3GeQiaQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCE73E38AA767E x-ms-lease-status unlocked age 75013 cf-cache-status HIT x-content-type-options nosniff expires Wed, 09 Oct 2024 13:35:44 GMT date Wed, 09 Oct 2024 10:25:57 GMT content-type application/javascript last-modified Tue, 08 Oct 2024 02:09:20 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 900f2eaf-d01e-00c2-1d86-191b34000000 cf-ray 8cfdab6eff1a90dd-FRA accept-ranges bytes access-control-allow-origin * content-length 7214 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	api_dynamic.js Show response cdn.dynamicyield.com/api/8772046/	592 KB 67 KB	577ms 67ms	Script application/javascript	18.244.18.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_dynamic.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-13.fra56.r.cloudfront.net Software DYCDN / Resource Hash cc4731a904863135c1aaa8310e5b19aca858eb5622b5f3921f06faadd87c36d0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers vary Accept-Encoding link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" cache-control max-age=30 content-encoding gzip etag W/"eb472ee09e490412acdacd7cac456756" age 25 via 1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 0g8gZKJSep6cWAdBoRO1ATrbxfPzmOoSAsebEd6uKinSHrCW7HzqBg== date Wed, 09 Oct 2024 10:25:38 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 08 Oct 2024 23:41:28 GMT server DYCDN x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256
GET H2	200	api_static.js Show response cdn.dynamicyield.com/api/8772046/	391 KB 116 KB	536ms 27ms	Script application/javascript	18.244.18.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_static.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-13.fra56.r.cloudfront.net Software DYCDN / Resource Hash acc74f8f19eb855ffa59aba96139be4b1a677920d5bc81c87efefa4a9245bff7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers vary Accept-Encoding link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" cache-control max-age=28800 content-encoding gzip etag W/"10da99bcca84cc915ce537d5e5a629ac" age 7293 via 1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id mfJcmMdkCdoOlNrLemsBSjiGVEnmWGbMUNSXVT3nzDutVyGCwelMVw== date Wed, 09 Oct 2024 08:25:23 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 07 Oct 2024 07:50:15 GMT server DYCDN x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256
GET H2	200	gtm.js Show response www.googletagmanager.com/	537 KB 140 KB	461ms 63ms	Script application/javascript	172.217.16.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f8.1e100.net Software Google Tag Manager / Resource Hash 44e88e6e894eaeab7eb53d469cd39641660efabd9cc6ff51afc2d71c66c67de0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Wed, 09 Oct 2024 10:25:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:25:57 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 09 Oct 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 142465 x-xss-protection 0 server Google Tag Manager
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 419 B	38ms 37ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpTbL77e%2FCi%2FQXuAVX74rLTLJ4RvEKABn7c2laKieL9bkWaG4XgEfy4fu3Ou17caNuD9B%2BsY1oMI7Tj%2BUHv1LfFqAfHNK5X%2FcmK%2FeBn32yXdayN5lxQdDAn0Tqoz6If30%2F37H6iwA%2FQWjg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab6cad419bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:57 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
POST H2	200	event Show response www.elfcosmetics.com/api/en-us/v2.0/	105 B 633 B	316ms 313ms	Fetch application/json	140.174.14.100 YOTTAA-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/main.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US), Reverse DNS Software / Express Resource Hash 102f2fd25074059294a6fd02274f14e56f653a21a0d88da5c3b73516470729a4 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip x-amzn-remapped-connection keep-alive etag W/"69-kxxJtSLsCiTrmh2l2QB//D7oluE" age 0 x-content-type-options nosniff x-amzn-requestid 933f323a-d578-4524-9bec-88f7d53b6472 date Wed, 09 Oct 2024 10:25:57 GMT content-type application/json; charset=utf-8 vary Accept-Encoding x-yottaa-optimizations ob/1000 si/36D18cae0e64-1728336458-7901614394 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-yottaa-os 200 x-amz-apigw-id fYMIcGZ7vHcEX8Q= x-amzn-remapped-date Wed, 09 Oct 2024 10:25:57 GMT x-yottaa-metrics 36218cae0e2e/[290,289,-] 36D18cae0e64/[-,291.690] access-control-allow-origin * content-length 110 x-powered-by Express
GET H2	200	/ Show response api.ipify.org/	22 B 155 B	273ms 133ms	XHR application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/vendor.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cf-cache-status DYNAMIC cf-ray 8cfdab6d8b3c1e0c-FRA access-control-allow-origin * content-length 22 date Wed, 09 Oct 2024 10:25:57 GMT content-type application/json vary Origin server cloudflare
GET H2	200	/ Show response api.ipify.org/	22 B 74 B	383ms 110ms	XHR application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/vendor.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cf-cache-status DYNAMIC cf-ray 8cfdab6e6c481e0c-FRA access-control-allow-origin * content-length 22 date Wed, 09 Oct 2024 10:25:57 GMT content-type application/json vary Origin server cloudflare
GET H2	200	searchsession Show response www.elfcosmetics.com/api/en-us/v2.0/	105 B 628 B	516ms 308ms	Fetch application/json	140.174.14.100 YOTTAA-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.elfcosmetics.com/api/en-us/v2.0/searchsession?locale=en-us&profile_id=&session_id= Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/main.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US), Reverse DNS Software / Express Resource Hash 575d7ec61eeeeb5243aef39374e17f309ab3301e4bfc38051c65b4f1e465a13c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip x-amzn-remapped-connection keep-alive etag W/"69-hiay86ebSeXvtoudp1jIVyROeso" age 0 x-content-type-options nosniff x-amzn-requestid 99490b20-7235-46bd-88bb-cf9efe4ca550 date Wed, 09 Oct 2024 10:25:57 GMT content-type application/json; charset=utf-8 vary Accept-Encoding x-yottaa-optimizations ob/1000 si/36D18cae0e64-1728336458-7901614391 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-yottaa-os 200 x-amz-apigw-id fYMIaGG1PHcEZ1A= x-amzn-remapped-date Wed, 09 Oct 2024 10:25:57 GMT x-yottaa-metrics 36218cae0e2c/[286,285,-] 36D18cae0e64/[-,286.630] access-control-allow-origin * content-length 108 x-powered-by Express
GET H2	200	7f85a56ba4.css use.fontawesome.com/	1 KB 837 B	523ms 37ms	Stylesheet text/css	172.67.142.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/7f85a56ba4.css Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status HIT etag W/"8360eb270b919a1fb4776bc448d9ed14" age 4543 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=elafq1SgYO3nMZjokiW2d%2BsRIKfJavvyuE9k9EDoogCfeIC6w15ldBLTQ%2FQSF1OfXzD6wB1RBA%2FPTrR4JRzSjgp7u%2BmBzR56kEzRqqYyMBnRvZ44M6I%2F6f%2B75XH6k214ReSMXSns"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab6fde9a3801-FRA date Wed, 09 Oct 2024 10:25:57 GMT content-type text/css last-modified Fri, 22 Sep 2023 00:57:51 GMT vary Accept-Encoding server cloudflare
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 377 B	37ms 34ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tel3icNl6CvWdKAlAI1DPgBkCaKkVkHYMjgpEp1IujYMpGBwxtpkqKp1Gk%2BP9vplUz1QMvdQ8Fr7tYGpOuGT50giGETEU8E5bTvlVwWe%2FFiPVdHuwstU4eE2ewv%2F3PtNOJdSHsn0Jz3G1g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab6dce6f9bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:57 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
POST H2	200	event Show response www.elfcosmetics.com/api/en-us/v2.0/	105 B 631 B	323ms 322ms	Fetch application/json	140.174.14.100 YOTTAA-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/main.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 140.174.14.100 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US), Reverse DNS Software / Express Resource Hash 45f41b26bbb46aa44168681acb374e1a3cff2044d37925ea968b7b0cc2261072 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip x-amzn-remapped-connection keep-alive etag W/"69-6HovRi3rdyqgWRviGCn0YXQZwos" age 0 x-content-type-options nosniff x-amzn-requestid 55f1277b-e382-49b8-ba33-a851b78379be date Wed, 09 Oct 2024 10:25:57 GMT content-type application/json; charset=utf-8 vary Accept-Encoding x-yottaa-optimizations ob/1000 si/36D18cae0e64-1728336458-7901614393 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-yottaa-os 200 x-amz-apigw-id fYMIcEHQPHcEC7A= x-amzn-remapped-date Wed, 09 Oct 2024 10:25:57 GMT x-yottaa-metrics 36218cae0e2d/[300,298,-] 36D18cae0e64/[-,301.258] access-control-allow-origin * content-length 110 x-powered-by Express
GET H2	400	authorize Show response elfcosmetics.youshp.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/	108 B 1 KB	1304ms 960ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Felfcosmetics.youshp.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=7g_7lUMT5pV4_dwZqDXwJBK7B-afA3hoR6iySudXpdk Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/vendor.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8b956148ff5bad88040d0e701e35b190a42da584f941db6adfe464e2cdf4031 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers c_x-pwa-request true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip cf-cache-status DYNAMIC age 0 x-correlation-id 8cfdab760ba71c1c x-ratelimit-1m-limit 24000, 2000000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDkQOiYGQ5WKnNFAV4yVn888346%2FqfLaROsElh35G2C1Z%2Fio9TdkoDBAC4%2Fw1CcgWZq3aTOvmTQ9vg0vCq6OiJSrRIwgUACgYoWaTVSdgjhP0WfCOVf7l%2FqIuQMxzkYRkz%2BbbwB3RZ121Q%3D%3D"}],"group":"cf-nel","max_age":604800} x-cache Error from cloudfront x-amz-cf-id _jILR4XZ0jwQXQcCeBWghWaFlRGT38SHq5o8bzub5HFU51_SlFw4WQ== date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Accept-Encoding x-yottaa-optimizations ob/1000 si/36D18cae0e5f-1728336458-6938498252 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 strict-transport-security max-age=31536000; includeSubDomains x-yottaa-os 400 cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache access-control-allow-credentials true via 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront) cf-ray 8cfdab712815929c-FRA x-yottaa-metrics 36218cae0e33/[174,157,-] 36D18cae0e5f/[-,183.336] access-control-allow-origin * x-ratelimit-1m-remaining 23484, 1934463 content-length 119 x-amz-cf-pop FRA60-P6 x-proxy-request-url https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Felfcosmetics.youshp.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=7g_7lUMT5pV4_dwZqDXwJBK7B-afA3hoR6iySudXpdk x-ratelimit-1m-reset 1202, 1202 server cloudflare
POST H2	201	/ Show response sdk.iad-05.braze.com/api/v3/data/	709 B 721 B	289ms 288ms	XHR application/json	172.64.149.149 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/vendor.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3ce398755176d7bb65a5a106fd0e3a165297640d7f21323c1509c5d5a0fe794 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://elfcosmetics.youshp.com/ X-Braze-TriggersRequest true X-Braze-Last-Req-Ms-Ago 7200000 X-Braze-DataRequest true X-Braze-Req-Attempt 1 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/json X-Braze-Api-Key 609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Response headers access-control-max-age 7200 x-request-id ab31c7c0-b3a6-408a-bd76-32dcef246821 access-control-expose-headers content-encoding gzip cf-cache-status DYNAMIC etag W/"c3ce398755176d7bb65a5a106fd0e3a1" access-control-allow-methods POST, GET date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Origin,Accept-Encoding x-runtime 0.159308 strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1728469560 cf-ray 8cfdab70ad8cbbc7-FRA x-ratelimit-remaining 498.0 access-control-allow-origin * x-ratelimit-limit 500.0 server cloudflare
OPTIONS H2	200	/ sdk.iad-05.braze.com/api/v3/data/ Frame	0 0	267ms 130ms	Preflight	172.64.149.149 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with Access-Control-Request-Method POST Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 8cfdab6fdc7ebbc7-FRA content-encoding gzip date Wed, 09 Oct 2024 10:25:57 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	shimmer-shine-2024-10-2-IMAGE-4_D cdn.media.amplience.net/i/elfcosmetics/	88 KB 89 KB	22ms 21ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-IMAGE-4_D?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 24de956c46f155629cbf20697ef0a3d056ccc15a1b9b2534de14d1419aa0d1f7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag DR_mxaNiC,l4p5bDg2e,Ggjij5bS8,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:57 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id xhvmx9mkLU x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 90321 x-amp-published Mon, 23 Sep 2024 21:32:45 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/	6 KB 2 KB	429ms 87ms	XHR application/json	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 aY7kJA0jlzEL9QWHODNZDw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status MISS etag 0x8DCA5D566A7B63C x-ms-lease-status unlocked x-ms-version 2009-09-19 x-content-type-options nosniff expires Thu, 10 Oct 2024 10:25:58 GMT date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json last-modified Tue, 16 Jul 2024 20:25:14 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 335abafd-601e-00bd-5f35-1a8506000000 cf-ray 8cfdab717d2ad28e-FRA accept-ranges bytes access-control-allow-origin * content-length 1832 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/	30 KB 7 KB	37ms 36ms	Stylesheet text/css	172.67.142.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/7f85a56ba4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://use.fontawesome.com/7f85a56ba4.css Response headers cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status HIT etag W/"36082410df2ef7f83932219089dc1443" age 24033 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jl5Fn8NvKZLURyqSBhYzx72qEuHhiX5R6XM91EW5avn14YME3xi7yYUCINGCiYM%2BEKfTqWP5ZRxbrzy%2Beb8zQnLEEY%2FSgHaCYkmwZ42%2FOWDNMZq80%2BnTPMfB8Hjy1rC4%2BVcccHNc"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab704f203801-FRA date Wed, 09 Oct 2024 10:25:57 GMT content-type text/css last-modified Fri, 22 Sep 2023 01:44:05 GMT vary Accept-Encoding server cloudflare
GET H2	200	shimmer-shine-2024-10-2-IMAGE-2_D cdn.media.amplience.net/i/elfcosmetics/	85 KB 85 KB	23ms 22ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-IMAGE-2_D?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 5c256a020355105eca46704223d9c0a13c84254045f4f45606e3f31c760b41a3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag Q3wZyYwZu,l4p5bDg2e,_3pPbK71o,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:57 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id 3k2v83IScO x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 87044 x-amp-published Mon, 23 Sep 2024 21:32:44 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	shimmer-shine-2024-10-2-IMAGE-3_D cdn.media.amplience.net/i/elfcosmetics/	74 KB 74 KB	33ms 32ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-IMAGE-3_D?fmt=auto Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash f73c79986ae2b7b4d32aa7bb6eb19ef17097bdf44f7df1ce662d8f05123ace53 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag jKM9rDXFC,l4p5bDg2e,ACsaFi5NF,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:57 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id nDLMVlDw2S x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 75375 x-amp-published Mon, 23 Sep 2024 21:32:44 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	st Show response st.dynamicyield.com/	160 KB 13 KB	502ms 130ms	Script text/javascript	18.66.122.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=beqnxqh5gzdquit57xxr11l6kxvyropw&ref=&scriptVersion=2.43.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-33.fra60.r.cloudfront.net Software / Resource Hash 5fe1b01e98492ab0a271bb5923b6df013e66fb4102614c31b2e84fa72f317cf9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache content-encoding gzip via 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront) expires Wed, 09 Oct 2024 10:25:57 GMT access-control-allow-origin * x-cache Miss from cloudfront p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS" x-amz-cf-id aQFHZxNM_Hs86FQ9pI3NLwFruApcT5FIyj6sfSc9B7qT6q4dKF1OGw== date Wed, 09 Oct 2024 10:25:58 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding x-amz-cf-pop FRA60-P2
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	74 B 309 B	383ms 38ms	XHR application/json	172.64.155.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cadea7e75c37b71b2060aba2e64b78e599a6111fdd8a0f0d490d028bd4f62a79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 accept application/json Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip access-control-allow-methods GET, OPTIONS cf-ray 8cfdab7588ccdcca-FRA access-control-allow-origin * date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Accept-Encoding server cloudflare access-control-allow-headers Content-Type
OPTIONS H2	200	sync sdk.iad-05.braze.com/api/v3/content_cards/ Frame	0 0	133ms 132ms	Preflight	172.64.149.149 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with Access-Control-Request-Method POST Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 8cfdab73682dbbc7-FRA content-encoding gzip date Wed, 09 Oct 2024 10:25:58 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
POST H2	201	sync Show response sdk.iad-05.braze.com/api/v3/content_cards/	85 B 223 B	181ms 180ms	XHR application/json	172.64.149.149 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/vendor.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc461e1ddf80a95734788150c9e53b5fe235f0b08c6b39b2be76e40964f59866 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://elfcosmetics.youshp.com/ BRAZE-SYNC-RETRY-COUNT 0 X-Braze-DataRequest true X-Braze-Last-Req-Ms-Ago 7200000 X-Braze-ContentCardsRequest true X-Braze-Req-Attempt 1 X-Braze-Req-Tokens-Remaining 29 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/json X-Braze-Api-Key 609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Response headers access-control-max-age 7200 x-request-id 1495b95d-1f2d-4443-8d8b-18d088c952b4 access-control-expose-headers content-encoding gzip cf-cache-status DYNAMIC etag W/"fc461e1ddf80a95734788150c9e53b5f" access-control-allow-methods POST, GET date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Origin,Accept-Encoding x-runtime 0.042320 strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1728469560 cf-ray 8cfdab7438f1bbc7-FRA x-ratelimit-remaining 498.0 access-control-allow-origin * x-ratelimit-limit 500.0 server cloudflare
OPTIONS H2	200	sync sdk.iad-05.braze.com/api/v3/feature_flags/ Frame	0 0	130ms 130ms	Preflight	172.64.149.149 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/feature_flags/sync Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with Access-Control-Request-Method POST Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 8cfdab73682fbbc7-FRA content-encoding gzip date Wed, 09 Oct 2024 10:25:58 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
POST H2	201	sync Show response sdk.iad-05.braze.com/api/v3/feature_flags/	20 B 180 B	204ms 204ms	XHR application/json	172.64.149.149 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/feature_flags/sync Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/mobify/bundle/12351/vendor.js?yocs=Z_14_1K_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.149.149 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://elfcosmetics.youshp.com/ X-Braze-Last-Req-Ms-Ago 7200000 X-Braze-DataRequest true X-Braze-Req-Attempt 1 X-Braze-Req-Tokens-Remaining 28 X-Braze-FeatureFlagsRequest true X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/json X-Braze-Api-Key 609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Response headers access-control-max-age 7200 x-request-id 5dd1f730-6680-4338-bf6c-0361f0c04ea1 access-control-expose-headers content-encoding gzip cf-cache-status DYNAMIC etag W/"e92f434a50c76d6e52d0d3cc91cdf185" access-control-allow-methods POST, GET date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Origin,Accept-Encoding x-runtime 0.070777 strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1728469560 cf-ray 8cfdab7438f0bbc7-FRA x-ratelimit-remaining 496.0 access-control-allow-origin * x-ratelimit-limit 500.0 server cloudflare
GET H3	200	landing googleads.g.doubleclick.net/pagead/ Redirect Chain https://www.google.com/pagead/landing?gcs=G1--&gcd=13l3l3l2l5l1&tag_exp=101529666~101533422~101671035~101747727~101794737&rnd=206502309.1728469558&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_c... https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l2l5l1&tag_exp=101529666~101533422~101671035~101747727~101794737&rnd=206502309.1728469558&url=https%3A%2F%2Felfcosmetics.youshp...	42 B 65 B	81ms 40ms	Ping image/gif	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l2l5l1&tag_exp=101529666~101533422~101671035~101747727~101794737&rnd=206502309.1728469558&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4a70n81WL3STMXv896608294za200&auid=345343728.1728469558 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 42 date Wed, 09 Oct 2024 10:25:58 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://googleads.g.doubleclick.net/pagead/landing?gcs=G1--&gcd=13l3l3l2l5l1&tag_exp=101529666~101533422~101671035~101747727~101794737&rnd=206502309.1728469558&url=https%3A%2F%2Felfcosmetics.youshp.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He4a70n81WL3STMXv896608294za200&auid=345343728.1728469558 pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 09 Oct 2024 10:25:58 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2	43 B 1 KB	17ms 16ms	Image image/gif	185.89.210.122 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Server 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 212.7.210.181; 212.7.210.181; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 0a26df47-82ba-43c2-a2db-819a125ff63b content-length 43 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 09 Oct 2024 10:25:58 GMT x-xss-protection 0 content-type image/gif server nginx/1.23.4 Redirect headers cache-control no-store, no-cache, private location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness x-proxy-origin 212.7.210.181; 212.7.210.181; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT an-x-request-uuid ab004c76-c778-4b54-a7d7-ceae55f6c7ca content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 09 Oct 2024 10:25:58 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	139ms 44ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-length 70 date Wed, 09 Oct 2024 10:25:58 GMT content-type image/gif server Kestrel
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2	43 B 1 KB	15ms 15ms	Image image/gif	185.89.210.122 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Server 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 212.7.210.181; 212.7.210.181; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 5cdd8916-fe17-4241-9e13-730d2ba0e2fa content-length 43 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 09 Oct 2024 10:25:58 GMT x-xss-protection 0 content-type image/gif server nginx/1.23.4 Redirect headers cache-control no-store, no-cache, private location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness x-proxy-origin 212.7.210.181; 212.7.210.181; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT an-x-request-uuid 76e1f219-83ed-4e83-9d54-5eb979f05320 content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 09 Oct 2024 10:25:58 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 149 B	137ms 42ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-length 70 date Wed, 09 Oct 2024 10:25:58 GMT content-type image/gif server Kestrel
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202406.1.0/	451 KB 110 KB	32ms 32ms	Script application/javascript	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 7I5y/rp4ODu7ul89ty+epQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E56F667161 x-ms-lease-status unlocked cf-cache-status HIT age 43104 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:58 GMT content-type application/javascript last-modified Tue, 16 Jul 2024 22:20:01 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id c05e064f-501e-009c-79cf-d7e837000000 cf-ray 8cfdab75fddd90dd-FRA accept-ranges bytes access-control-allow-origin * content-length 112027 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	holiday-gift-shop-2024-10-IMAGE-2_D cdn.media.amplience.net/i/elfcosmetics/	34 KB 34 KB	21ms 20ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-2_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-2_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-2_D?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 885e1f439a347ac45233a304ff89ba69ec0e16e4f7f59cbff38c7b259751d726 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag xuwO1_VIb,l4p5bDg2e,xqCQhwpxt,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:58 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id bQIL2BZjTq x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 34695 x-amp-published Tue, 08 Oct 2024 15:55:02 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	en.json Show response cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-3bdc-7283-8d20-1f7cc7f672d6/	270 KB 48 KB	154ms 153ms	Fetch application/json	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-3bdc-7283-8d20-1f7cc7f672d6/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e3e46bfe2e437ec88b337c4893c591c726abfaafe957984466738e317ec5478 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 O2WrPsqEzZtXQecUT5GJ8Q== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status MISS etag 0x8DCA5D56988B2D3 x-ms-lease-status unlocked x-ms-version 2009-09-19 x-content-type-options nosniff expires Thu, 10 Oct 2024 10:25:58 GMT date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json last-modified Tue, 16 Jul 2024 20:25:19 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 1255f22c-d01e-0086-8035-1ac758000000 cf-ray 8cfdab766d18d28e-FRA accept-ranges bytes access-control-allow-origin * content-length 48426 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	iab2V2Data.json Show response cdn.cookielaw.org/vendorlist/	594 KB 77 KB	74ms 73ms	Fetch application/json	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/vendorlist/iab2V2Data.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64cbbf705e59121ddb48cd88275a3d964fa6cf93de9f4f3856ef0a581198d232 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 qLUuatgTnkSBc+8gwY/Eug== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCE843A6276510 x-ms-lease-status unlocked cf-cache-status MISS x-content-type-options nosniff expires Thu, 10 Oct 2024 10:25:58 GMT date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json last-modified Wed, 09 Oct 2024 09:20:42 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 4a436cc6-101e-00d4-7935-1adaaa000000 cf-ray 8cfdab766d1ed28e-FRA accept-ranges bytes access-control-allow-origin * content-length 78316 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otTCF.js Show response cdn.cookielaw.org/scripttemplates/202406.1.0/	60 KB 17 KB	33ms 33ms	Script application/javascript	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202406.1.0/otTCF.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 w7rriz6IwW2xtS9bVJshOg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E56E73A9D1 x-ms-lease-status unlocked cf-cache-status HIT age 15100 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:58 GMT content-type application/javascript last-modified Tue, 16 Jul 2024 22:19:59 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 768119cb-301e-00c3-1294-d81ac9000000 cf-ray 8cfdab766e4190dd-FRA accept-ranges bytes access-control-allow-origin * content-length 17104 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	dy-coll-min.js Show response cdn.dynamicyield.com/scripts/2.43.0/	196 KB 65 KB	22ms 21ms	Script text/javascript	18.244.18.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-13.fra56.r.cloudfront.net Software DYCDN / Resource Hash 2ec6c83ec1824898d15400462916551bf6761d2772bc3baec5b8fba523e03eb7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers vary Accept-Encoding link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" cache-control max-age=31536000 content-encoding gzip etag W/"90e4adaea90c4ceca44f62f926a57eab" age 786362 via 1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id EL8kM507SPcmLOY52YVevMZLu7ooyf4mmMtcgLDUF1G4xMGulPDmSw== date Mon, 30 Sep 2024 07:59:57 GMT content-type text/javascript last-modified Thu, 19 Sep 2024 10:20:33 GMT server DYCDN x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 371 B	59ms 57ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68ON%2FG07zlz4J6qTzF4bYiCnSquAW3pBFSPnLbXTVpdJ5glSlHEBJyxrtRWBElYIXharfvPJ2yDWOv4rDD5nTMUOSo0deQiya%2BdBPW0qNbCYkn9MkELATviG5KVM%2BT3xlz6zfdA9SXHhuA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab77493f9bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 409 B	42ms 40ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2F%2BtS7hr3BtC%2BjIo8aLy3vyUUQdQjbPbY5Zb9g6dMN%2B06wWwWW867jqFicmXOTsJII%2B0oo82MrdPC1NWWNii6K0ZAffG4xKMBidwSfOus8bcHx2RP08i3H%2FR%2FU%2FMcX9hQjYN1uXYnlWuzQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab7749419bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 402 B	53ms 51ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7nQ09MrjeIaS%2B2wKf4nC2eC2H%2BNrL5saICy%2FHsRvyMX95QbXc2hIWN2R7FMLzwT%2F6oqk6kYyHzcH%2BVkFek0H65IV%2FycPVvNfptjfdjcJ5szABnYSplp1oFCNnwH1PYe5GzLMYRY%2BGkRFg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab7749449bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
POST H2	200	8772046 Show response rcom.dynamicyield.com/v3/recommend/	6 KB 2 KB	532ms 160ms	XHR application/json	18.245.86.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rcom.dynamicyield.com/v3/recommend/8772046 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-31.fra60.r.cloudfront.net Software / Resource Hash 7dfe0a8d71e121b51c7188213b7004036a4e67238f2b8ca0a8ad7a0306539aed Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers timing-allow-origin * content-encoding gzip access-control-allow-methods GET, POST via 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 1174 x-amz-cf-id 58nALQA67ArhNiQ5y9ugjtYbn7Q4cnSYoGbbs7PeYMUtHmxVmyYeCA== date Wed, 09 Oct 2024 10:25:59 GMT content-type application/json; charset=UTF-8 vary Accept-Encoding x-amz-cf-pop FRA60-P6 access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
POST H2	200	uia Show response async-px.dynamicyield.com/	0 385 B	440ms 299ms	XHR text/plain	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/uia?cnst=1&_=1728469558927 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id TVTz5g1Yva78aix5xnwndRDYaABIWC5AVCZ0G9PDYDOIzPqys7AvOQ== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 381 B	36ms 35ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gDCit1DYyIJBu7lBfyJRCtPXYwVgSydT98Ra29U0%2FQqzXDqLQRYP%2Fo3mwfk6MH5DHV%2Bsj3kE6QeYpIL5F99xkcRwTokJ6TfEDm7VaA%2BSqAUe4Xum5QV1YuArBptEVMq%2Bcpc3dwrmNuyt7g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab77696e9bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:58 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
GET		kpi pixel.pointmediatracker.com/	0 0
GET H2	200	px secure.adnxs.com/	43 B 1 KB	59ms 59ms	Image image/gif	185.89.210.122 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness x-proxy-origin 212.7.210.181; 212.7.210.181; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT an-x-request-uuid cd2451c6-a475-4ea0-83b1-318f1ac963dc content-length 43 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Wed, 09 Oct 2024 10:25:59 GMT x-xss-protection 0 content-type image/gif server nginx/1.23.4
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	44ms 43ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-length 70 date Wed, 09 Oct 2024 10:25:59 GMT content-type image/gif server Kestrel
POST H2	200	batch async-px.dynamicyield.com/	0 384 B	159ms 117ms	Ping text/plain	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/batch?cnst=1&_=1728469559079_154048 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id Si2r_qGj5fi56sQLbDfxwsh03Ry5CIPS9vU_kQwV5xJ3HCVirTyLPQ== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
GET H2	200	var async-px.dynamicyield.com/	0 0	300ms 299ms	Fetch	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=266207&uid=833166169015212598&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=6351c90559edef7c2e510f0d33c30d43&expSes=46541&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=7604521600331435879&cgtgDecisionId=7604521600102431029&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1728469559253&rri=3625712 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id GKMIEyxR5fZouotGj8cLLtRI2aKfHby599CNazoS-TsqVV6SBmfOkw== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
GET H2	200	var async-px.dynamicyield.com/	0 0	300ms 300ms	Fetch	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=544117&uid=833166169015212598&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=6351c90559edef7c2e510f0d33c30d43&expSes=46541&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=7604521597603406614&cgtgDecisionId=7604521598143392233&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1728469559254&rri=4745792 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id qAA9S41rNRKOSwg4iVG6e4xJISs_vhcHS4bV0oLCdXN3dIdJKk78dQ== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
GET H2	200	var async-px.dynamicyield.com/	0 0	299ms 299ms	Fetch	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=601872&uid=833166169015212598&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=6351c90559edef7c2e510f0d33c30d43&expSes=46541&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=7604521597563924398&cgtgDecisionId=7604521600077590816&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1728469559255&rri=3413720 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id 0vpVn60Mt9ZsfltfiC32trlEKxYZea6kCaJX5aUYaksyTUNUmfI1dQ== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
GET H2	200	var async-px.dynamicyield.com/	0 0	300ms 300ms	Fetch	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=488757&uid=833166169015212598&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28207095%5D&ses=6351c90559edef7c2e510f0d33c30d43&expSes=46541&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=7604521597671461616&cgtgDecisionId=7604521600516570208&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1728469559255&rri=4252701 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id YcxtyVmQNr9wRWO9ljsQz70AeHPPASqblKUjRZ_tk4245JLVH52cKA== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
GET H2	200	var async-px.dynamicyield.com/	0 0	300ms 300ms	Fetch	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=282847&uid=833166169015212598&sec=8772046&t=ri&e=1750936&p=1&ve=13617998&va=%5B28818377%5D&ses=6351c90559edef7c2e510f0d33c30d43&expSes=46541&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=7604521600027897491&cgtgDecisionId=7604521599033578568&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1728469559256&rri=8402997 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id uGRR-R2Tob4vHSisvq4woZgbq0VQ7rZFPn5FKH5dUYT6nlR5Cu_5aQ== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
GET H2	200	var async-px.dynamicyield.com/	0 0	300ms 300ms	Fetch	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=495144&uid=833166169015212598&sec=8772046&t=ri&e=1750954&p=1&ve=13618112&va=%5B28973875%5D&ses=6351c90559edef7c2e510f0d33c30d43&expSes=46541&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=7604521597088815605&cgtgDecisionId=7604521597931511530&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1728469559257&rri=8492732 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id hPwGgfY-fc9O1ippIOak8lPUP1DKenU_V5UoovQYRSgkdaVfDBlboA== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 501 B	57ms 50ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3uXCuD6N1KlBG8ZaVTKzbAEOd9H%2FL2CGSYNx%2F8nLnWOi7%2BwRgmcdTZfxzd9t%2FhKGYSH%2Fx0BTlTuP8jKXbkie6EayS6XPA0PBSJEcx0PH%2Fmr6w8JAFWvsCZ6rzI%2Fkzm%2BzmAnjVvsUoiX%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab7a6d389bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:59 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 410 B	51ms 48ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xz665w0wIaPDF6Kk3pHxjSuwfmU%2BmFFrIkFQt4KcA6ZTnQyecr4jrzzpRPwKdHAe6fkGkUbUjZHcNm3ZuipCV93f%2FLAV2BJAySr4elp4DeFYZMmyTgTXZwLWamiWeFMgnbxQB8iqH3QAxw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab7a7d509bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:59 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
POST H2	200	t Show response elfcosmetics.youshp.com/cdn-cgi/zaraz/	122 B 471 B	49ms 46ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/cdn-cgi/zaraz/t Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZS5sLmYuJTIwQ29zbWV0aWNzJTNBJTIwQWZmb3JkYWJsZSUyME1ha2V1cCUyMCUyNiUyMFNraW5jYXJlJTIwJTdDJTIwQ2xlYW4lMjBCZWF1dHklMjBQcm9kdWN0cyUyMCU3QyUyMGUubC5mLiUyMENvc21ldGljcyUyMiUyQyUyMnglMjIlM0EwLjc2MTAzMjIzODc0NTMxMDElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmVsZmNvc21ldGljcy55b3VzaHAuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b245157764a23ea85d525b0380019b060e37d87229d856ba066a8fbb80a1b0a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxZKtRWCgGLQmlt7I%2BqszpDzqSW3hdRqDzQQahe%2BrNEmP3lpM2ESHIF50o%2Fp8SO%2FO3rF6dew7iMHWK5FDiXSTEuQH0VTrebDGNOkFUZY3ujGgwQu3r1uLxkoDZJVjJ%2BsmPGyGP3CyRPDmg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cfdab7a7d569bbe-FRA access-control-allow-origin https://elfcosmetics.youshp.com date Wed, 09 Oct 2024 10:25:59 GMT content-type application/json vary Origin, Accept-Encoding server cloudflare access-control-allow-headers Content-Type, Set-Cookie, Cache-Control
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202406.1.0/assets/	13 KB 3 KB	88ms 88ms	Fetch application/json	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 sHJXWIgDpMKY35PyRRy4zQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E56B3084E2 x-ms-lease-status unlocked cf-cache-status MISS x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:59 GMT content-type application/json last-modified Tue, 16 Jul 2024 22:19:54 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 0775df7a-b01e-00d2-7f35-1a2dd2000000 cf-ray 8cfdab7a7a63d28e-FRA accept-ranges bytes access-control-allow-origin * content-length 3003 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/	62 KB 13 KB	65ms 65ms	Fetch application/json	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 LtDYZmcfPNW39lMw/Yu0RQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E56C7CC8BB x-ms-lease-status unlocked cf-cache-status MISS x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:59 GMT content-type application/json last-modified Tue, 16 Jul 2024 22:19:56 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 2e20014d-501e-00be-3035-1a8601000000 cf-ray 8cfdab7a8a6dd28e-FRA accept-ranges bytes access-control-allow-origin * content-length 12723 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202406.1.0/assets/	24 KB 4 KB	67ms 66ms	Fetch text/css	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 HyPJ72TNHxdfOI82cqKVqA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status MISS content-encoding gzip x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:59 GMT content-type text/css last-modified Tue, 16 Jul 2024 22:20:07 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id fc91a1a7-001e-002e-2335-1a134d000000 cf-ray 8cfdab7a8a6fd28e-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
POST H2	200	event qoe-1.yottaa.net/log-nt/	3 B 191 B	120ms 26ms	Ping text/json	15.197.236.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qoe-1.yottaa.net/log-nt/event Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.236.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0540a066b92ce4ca.awsglobalaccelerator.com Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers access-control-allow-origin * access-control-expose-headers X-Results-Data-Source timing-allow-origin * cache-control no-cache date Wed, 09 Oct 2024 10:25:59 GMT content-type text/json access-control-allow-credentials true
GET H3	200	site.min.js Show response edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/	84 KB 20 KB	101ms 46ms	Script application/javascript	104.18.10.236 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.236 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br cf-cache-status HIT etag W/"50d92f85574de50a7d4a214fa4131720" x-amz-version-id .qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr age 794 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript last-modified Fri, 07 Jun 2024 18:56:15 GMT vary Accept-Encoding x-amz-id-2 6cY9mAMu73SrD7POigB8vFDNHhpy0PMxrmHuYyUnVFLdAd3tw2zS6tzOVGrAiV3dD81fugC1Ni2QKW5l2LshL85b+yLfqRYYVEQTHQBzJhk= x-amz-replication-status COMPLETED cache-control max-age=1800,s-maxage=1800 x-amz-request-id RPXSJ13M5FXMKBRV cf-ray 8cfdab7aefd737e9-FRA server cloudflare x-amz-server-side-encryption AES256
GET H2	200	lc1xiabuuw Show response www.clarity.ms/tag/	717 B 972 B	502ms 106ms	Script application/x-javascript	13.107.253.64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/lc1xiabuuw Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 46370ebbad56829c15ecdb83a7d45e8802f1b83cbb368dca595128b5a50849c4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store request-context appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2 expires -1 accept-ranges bytes x-cache CONFIG_NOCACHE content-length 717 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/x-javascript x-azure-ref 20241009T102559Z-185dcd6bb46dwttdybxqse915g00000007t000000000dxn8
GET H2	200	110221.ct.js Show response tag.rmp.rakuten.com/	47 KB 15 KB	73ms 30ms	Script text/javascript	34.102.147.248 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.rmp.rakuten.com/110221.ct.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 248.147.102.34.bc.googleusercontent.com Software / Resource Hash 32f031e725bcbe56636208f00dc879f29d4c4529919e13e65d386b9e59c24247 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000 cache-control max-age=86400 content-encoding gzip x-samesite secure via 1.1 google x-dyn 0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-cache hit date Wed, 09 Oct 2024 10:25:59 GMT content-type text/javascript last-modified Wed, 09 Oct 2024 10:25:59 GMT
GET H2	200	js Show response www.paypal.com/sdk/	425 KB 120 KB	92ms 18ms	Script application/javascript	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48B6) / Resource Hash 9bed601d59585fd5903962b1ef41faba99e16dab2f14282aa08203990dd5f530 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-nAOOU09WGBQCu4m6IIFdfeee+jnXTtJzSrtaSa65/ZBT1W+f' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-nAOOU09WGBQCu4m6IIFdfeee+jnXTtJzSrtaSa65/ZBT1W+f' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers access-control-expose-headers Server-Timing paypal-debug-id 0727191038005 content-encoding gzip etag W/"1d812-k4dGb5bEWXTjrvgQo8hYZNL/W7E" age 8103 origin-trial AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ== x-content-type-options nosniff disable-set-cookie true traceparent 00-00000000000000000000727191038005-b2599652be52f92c-01 server-timing content-encoding;desc="", x-cdn;desc="edgecast" dc ccg11-origin-www-1.paypal.com p3p true date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 09 Oct 2024 08:10:57 GMT vary Accept-Encoding x-frame-options SAMEORIGIN x-cache HIT strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-nAOOU09WGBQCu4m6IIFdfeee+jnXTtJzSrtaSa65/ZBT1W+f' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-nAOOU09WGBQCu4m6IIFdfeee+jnXTtJzSrtaSa65/ZBT1W+f' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp cache-control public, max-age=3600, s-maxage=10800 timing-allow-origin * accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes access-control-allow-origin * content-length 120850 x-xss-protection 1; mode=block server ECAcc (ama/48B6)
GET H/1.1	200 OK	main.js Show response static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/	149 KB 52 KB	335ms 219ms	Script application/javascript	104.102.58.55 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.58.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-58-55.deploy.static.akamaitechnologies.com Software nginx / Express Resource Hash 45da11faad01df42e2e148616f5ca5766a733c5fda30b1ac12b8226f802a197c Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers Strict-Transport-Security max-age=15768000 Vary Accept-Encoding Cache-Control must-revalidate, max-age=900 Content-Encoding gzip Connection keep-alive Expires Wed, 09 Oct 2024 10:40:59 GMT Access-Control-Allow-Origin * Content-Length 53024 Date Wed, 09 Oct 2024 10:25:59 GMT Content-Type application/javascript;charset=UTF-8 X-Powered-By Express Server nginx X-Frame-Options SAMEORIGIN
GET H2	200	/ Show response websdk.appsflyer.com/	51 KB 15 KB	99ms 26ms	Script application/javascript	18.245.60.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://websdk.appsflyer.com/?st=banners& Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.60.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-60-28.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-amz-cf-pop FRA60-P5 content-encoding gzip etag W/"7ee104753099f9f00003724eb0a4c433" age 1520 via 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront) alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id eEBm_gNqLZpq3K0lV4KY_c-ChcraHmECqdwSadmI9qV4keH3ZM-H6w== date Wed, 09 Oct 2024 10:00:40 GMT content-type application/javascript vary Accept-Encoding server AmazonS3 last-modified Tue, 01 Oct 2024 07:07:49 GMT x-amz-server-side-encryption AES256
GET H2	200	favicon.ico elfcosmetics.youshp.com/	34 KB 4 KB	667ms 659ms	Other image/x-icon	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.youshp.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-amzn-remapped-content-length 34494 content-encoding br cf-cache-status MISS etag W/"86be-1926ca343a0" x-amzn-remapped-connection close report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRSM%2BsVxJJfdNA58V682109WoPfd8TawoqefYIBft%2Bo%2BobK5%2BTbgJG3Qhbno%2FYRtBNpPQnyaaPQ41EL%2FWc9m39ROP3fmwea6mcrFJqcw2DuRkS7Ts0l5Gw%2FelMbZ7QmGWzl4RV9VzKauOw%3D%3D"}],"group":"cf-nel","max_age":604800} x-amzn-requestid 9c2b43eb-1113-4222-b6ee-cb4a6ff08244 x-cache Hit from cloudfront x-amz-cf-id 3ejjgC7x93kzOVxcowvG9Xku7KlQIt6ZFGoNgvuak4nZkCbwBvFQpQ== date Wed, 09 Oct 2024 10:26:00 GMT content-type image/x-icon last-modified Tue, 08 Oct 2024 14:58:12 GMT vary Accept-Encoding x-yottaa-optimizations ob/1 si/36D18cae0e61-1728336458-1177123607 tts/1728062963110 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-yottaa-os 200 x-yottaa-forcecache true cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-apigw-id fVhOaEJ0iYcEZtQ= x-amzn-remapped-date Tue, 08 Oct 2024 14:59:14 GMT x-amzn-trace-id Root=1-670548c2-54070da97b1bfba242a1bbe3;Parent=79ef2b35cf1ce1be;Sampled=0;Lineage=1:2b75b0e9:0 access-control-allow-credentials true via 1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront) cf-ray 8cfdab7aada39bbe-FRA x-yottaa-metrics 36218cae0e30/[21,18,-] 36D18cae0e61/[hit] access-control-allow-origin * x-amz-cf-pop FRA60-P6 server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	310 KB 104 KB	59ms 51ms	Script application/javascript	172.217.16.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f8.1e100.net Software Google Tag Manager / Resource Hash e4c2fb8748403788e53a686ae97e95f99865949be14cfc6e5b7e441b357301ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 09 Oct 2024 10:25:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106122 x-xss-protection 0 server Google Tag Manager
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	413ms 43ms	Script text/javascript	172.217.16.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f14.1e100.net Software ESF / Resource Hash 13d682efdb90ab7ba1bae5c3101079149b930cae071121df3e374a83e77a531c Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} x-content-type-options nosniff origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 expires Wed, 09 Oct 2024 10:25:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info." date Wed, 09 Oct 2024 10:25:59 GMT content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 content-security-policy require-trusted-types-for 'script' cache-control private, max-age=0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" x-xss-protection 0 server ESF
GET H2	200	shimmer-shine-2024-10-2-IMAGE-3_D cdn.media.amplience.net/i/elfcosmetics/	74 KB 0	1ms 1ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-IMAGE-3_D?fmt=auto Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash f73c79986ae2b7b4d32aa7bb6eb19ef17097bdf44f7df1ce662d8f05123ace53 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag jKM9rDXFC,l4p5bDg2e,ACsaFi5NF,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:57 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id nDLMVlDw2S x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 75375 x-amp-published Mon, 23 Sep 2024 21:32:44 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	destination Show response www.googletagmanager.com/gtag/	225 KB 81 KB	41ms 38ms	Script application/javascript	172.217.16.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f8.1e100.net Software Google Tag Manager / Resource Hash a0c2af72d1b3d5a2548cd5559a288de87bc05b5282ec2f6700807e1a9ac4940c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Wed, 09 Oct 2024 10:25:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 09 Oct 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 82205 x-xss-protection 0 server Google Tag Manager
GET H2	200	destination Show response www.googletagmanager.com/gtag/	225 KB 80 KB	49ms 47ms	Script application/javascript	172.217.16.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f8.1e100.net Software Google Tag Manager / Resource Hash 16516f32445526a63d9a76b74fcdbd87e3c12a99e4c938c536b88af26ba2890b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Wed, 09 Oct 2024 10:25:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 09 Oct 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 82208 x-xss-protection 0 server Google Tag Manager
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1691051/	82 KB 25 KB	375ms 274ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1691051/tfa.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d5c1233c49da492f9f4b5d2de5b58573c8a78a8003f957532735b7e185e9d384 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip etag "3c26752e866b70d111524c7e044a5757" x-amz-version-id cB6ubwZWiMN3cMdHhTGOsybENBUtGXdu age 0 x-cache HIT date Wed, 09 Oct 2024 10:25:59 GMT last-modified Sun, 06 Oct 2024 11:11:17 GMT x-served-by cache-mad22048-MAD x-cache-hits 0 content-type application/javascript; charset=utf-8 x-amz-id-2 3bhsWtR3Kb4kZCNma6rviWTkhqzzvCeZ61oIy0H78Rxmb0yDnSdh7c/+qaXJD3lAF2ysPOjLG1Zq6umA4gZdjXpkZGWononw vary Accept-Encoding x-amz-replication-status COMPLETED cache-control private,max-age=14401 x-timer S1728469560.593000,VS0,VE233 via 1.1 varnish x-amz-request-id ASB53SA94T3VF70Y accept-ranges bytes access-control-allow-origin * abp 11 content-length 25584 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	1a8bfa042c9c5.js Show response t.contentsquare.net/uxa/	351 KB 84 KB	82ms 27ms	Script application/javascript	18.244.18.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.contentsquare.net/uxa/1a8bfa042c9c5.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-115.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a27fdecc283c15918bad37b7954ba7fe7bc786174f40f913420acc25629854b4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br etag "c6cb25e1e3ee58ff369c80d5e22cc77f" age 0 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id Gg8LgvjAIyNLwUwn5y3_6WgJanrJ2X3vwKrIEVKrraqdzVU9sKn4Bg== date Tue, 08 Oct 2024 12:41:50 GMT content-type application/javascript;charset=utf-8 last-modified Thu, 03 Oct 2024 19:49:18 GMT vary Origin cache-control max-age=900 timing-allow-origin * cross-origin-resource-policy cross-origin via 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront) accept-ranges bytes content-length 85390 x-amz-cf-pop FRA56-P11 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	destination Show response www.googletagmanager.com/gtag/	225 KB 80 KB	46ms 46ms	Script application/javascript	172.217.16.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f8.1e100.net Software Google Tag Manager / Resource Hash 37ec05013f030371c8ff1e41c6ba1003ec1f15a7cbadf389aa108701d94eaa37 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Wed, 09 Oct 2024 10:25:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 09 Oct 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 82118 x-xss-protection 0 server Google Tag Manager
GET H2	200	core.js Show response s.pinimg.com/ct/	5 KB 2 KB	428ms 21ms	Script application/javascript	23.206.208.183 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/core.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-183.deploy.static.akamaitechnologies.com Software / Resource Hash 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 86400 cache-control max-age=7200 access-control-expose-headers X-CDN content-encoding br etag "b37f6fea55e9029c9c9d413c47f69cb7" x-cdn akamai access-control-allow-methods GET accept-ranges bytes alt-svc h3=":443"; ma=600 access-control-allow-origin * content-length 1878 content-type application/javascript vary Accept-Encoding, Origin x-amz-server-side-encryption AES256
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	226 KB 58 KB	45ms 22ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash 48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4440, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug GZwNaZ7FSzsTWrk87dMwnptBIIqWuNnH9i+2Shc3M2x4lqvekt9M8o5UhVC9UYmLf1ZzoKo9sCPXhAs/Fgatmw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 59131 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	464ms 49ms	Script application/javascript	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control public, max-age=60 nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} content-encoding gzip etag "bed9b675380c07edc84c03d0f362b192" report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 12103 date Wed, 09 Oct 2024 10:25:59 GMT last-modified Mon, 23 Sep 2024 17:14:22 GMT content-type application/javascript vary Accept-Encoding,Origin server snooserv x-amz-server-side-encryption AES256
GET H2	200	bat.js Show response bat.bing.com/	49 KB 15 KB	409ms 30ms	Script application/javascript	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "803483b3aaadb1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 10DC3A3892394FF1A3D69ECAE2932211 Ref B: AMS231020615051 Ref C: 2024-10-09T10:25:59Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 14402 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript last-modified Thu, 19 Sep 2024 15:43:41 GMT vary Accept-Encoding
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	8 KB 3 KB	210ms 114ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9c57bfd75c8e733b2cc3fba347810fbfa9ff38c3b13cd6b43e53f78883e5db75 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip expires Wed, 09 Oct 2024 10:25:59 GMT server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 4264f6d x-tt-trace-host 015547b42e38dafb745eb0415774d1767462bee87a0991144bd8e7fa85373d69bf7eac23a57d50567b2d4e8b4438a86daed91d9f10615f67564d1f68d57e8d98ffce0d7356466b41dd6d8bccb6463ee7b26e05b6b145bfa15b2846c1fb615df627 x-origin-response-time 91,2.20.179.90 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241009102559D063BD0A098E006A9B98-1DDAECA078625656-00 x-tt-logid 20241009102559D063BD0A098E006A9B98 server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	7 KB 3 KB	207ms 114ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 25866537edb5791772184def62e930cec0ef4bf7a6f744b2d440cbea998d5631 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip expires Wed, 09 Oct 2024 10:25:59 GMT server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 4264f6e x-tt-trace-host 015547b42e38dafb745eb0415774d1767462bee87a0991144bd8e7fa85373d69bf8ffc2dd03990aeb91a574fc7bf3076558920f23a0f49260832b97cd98c45c381c887ae3ce030af749fdf2f8c11ddc49a6de90850e0a5caaf38fa24f940107523 x-origin-response-time 91,2.20.179.90 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241009102559EB1D9B03629EE16EF52C-2500512519564E4E-00 x-tt-logid 20241009102559EB1D9B03629EE16EF52C server nginx
GET H2	200	widget.js Show response js.jebbit.com/companion/v1/	44 KB 45 KB	442ms 39ms	Script text/javascript	13.35.58.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-92.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-amz-version-id M.fQKrXkVHcvymDK9D8bU4BvoS660wdj etag "9ee6264c1a592ca4976fb94c91ef8c87" age 61592 via 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 45384 x-amz-cf-id lM4-6QupBT0LtNTR2ZnoA56AwacTItYBkmve8TVWh0F13_0FcTc00w== date Tue, 08 Oct 2024 17:19:29 GMT content-type text/javascript last-modified Mon, 07 Oct 2024 17:19:22 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 x-amz-server-side-encryption AES256
GET H2	200	i.js Show response tag.wknd.ai/4142/	18 KB 6 KB	187ms 17ms	Script text/plain	34.120.253.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.wknd.ai/4142/i.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.253.120.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 33a3822569ec10d8b063db8692ab26b72fac0f03cd0749c707fe0b8d36bec5fd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip etag 600bf934854eec age 1561 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 09:59:58 GMT content-type text/plain; charset=utf-8 vary Accept-Encoding link <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect cache-control public,max-age=60 timing-allow-origin * x-envoy-upstream-service-time 1 x-envoy-decorator-operation tag-router.tag-router.svc.cluster.local:80/* via 1.1 google access-control-allow-origin * content-length 5944 server istio-envoy x-region us-central1
GET H3	200	include.js Show response cdn8.eu.inside.chat/gtm/IN-1011171-EC/	24 KB 6 KB	112ms 64ms	Script application/javascript	104.18.8.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubdomains cache-control public, max-age=3600 content-encoding br cf-bgj minify etag W/"01e251ada13db1:0" cf-cache-status HIT cf-ray 8cfdab7d1f35dbec-FRA expires Wed, 09 Oct 2024 11:25:59 GMT cf-polished origSize=38567 date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript last-modified Tue, 01 Oct 2024 08:15:40 GMT vary Accept-Encoding server cloudflare
POST H2	200	batch async-px.dynamicyield.com/	0 383 B	127ms 123ms	Ping text/plain	13.35.58.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/batch?cnst=1&_=1728469559565_978934 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.43.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-72.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods POST, GET, OPTIONS via 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 0 x-amz-cf-id pznBrA_-U9J3PdkwF43_udF3fxCbTZ8fdOBtKtMEnge4l9ti96IqCg== date Wed, 09 Oct 2024 10:25:59 GMT x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 489 B	70ms 70ms	Fetch image/svg+xml	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 tXyZydHjxQshFMbbBT1/8A== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status MISS content-encoding gzip x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:59 GMT content-type image/svg+xml last-modified Wed, 09 Oct 2024 04:03:42 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id b19a1138-301e-0100-0435-1ad5df000000 cf-ray 8cfdab7bae32d28e-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	31ms 30ms	Image mage/png	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 E8+sk/ECzKgTUVtDLikiIA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8DCE7B193C6FDC3 age 38373 cf-cache-status HIT x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:59 GMT content-type mage/png last-modified Tue, 08 Oct 2024 15:55:05 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id af130655-c01e-00dd-0cb8-19c024000000 cf-ray 8cfdab7bca8e90dd-FRA accept-ranges bytes access-control-allow-origin * content-length 4036 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	37ms 37ms	Image image/svg+xml	104.18.87.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-md5 Y+c301RBZNK39PvKQWrIBw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 29904 content-encoding gzip x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:59 GMT content-type image/svg+xml last-modified Tue, 08 Oct 2024 15:55:05 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id e47f772b-b01e-00d9-4cbd-1935a6000000 cf-ray 8cfdab7bca9290dd-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	src=10265292;dc_pre=CKnLgPGKgYkDFdBsHgIdp5I0Hw;type=conte0;cat=homep0;ord=3827508595622;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181787185z8896608294za20... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=3827508595622;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181787185z8... https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKnLgPGKgYkDFdBsHgIdp5I0Hw;type=conte0;cat=homep0;ord=3827508595622;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=deni...	42 B 107 B	87ms 84ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKnLgPGKgYkDFdBsHgIdp5I0Hw;type=conte0;cat=homep0;ord=3827508595622;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 09 Oct 2024 10:26:00 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers cache-control no-cache, must-revalidate timing-allow-origin * location https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CKnLgPGKgYkDFdBsHgIdp5I0Hw;type=conte0;cat=homep0;ord=3827508595622;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? pragma no-cache cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 09 Oct 2024 10:25:59 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET		experience.min.js edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/	0 0
GET H2	200	src=9231397;dc_pre=CKLPgPGKgYkDFVNkHgIdc1E1Bw;type=retarget;cat=globa0;ord=3127243108952;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=3127243108952;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0... https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKLPgPGKgYkDFVNkHgIdc1E1Bw;type=retarget;cat=globa0;ord=3127243108952;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;u...	42 B 118 B	71ms 67ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKLPgPGKgYkDFVNkHgIdc1E1Bw;type=retarget;cat=globa0;ord=3127243108952;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 09 Oct 2024 10:26:00 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers cache-control no-cache, must-revalidate timing-allow-origin * location https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CKLPgPGKgYkDFVNkHgIdc1E1Bw;type=retarget;cat=globa0;ord=3127243108952;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? pragma no-cache cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 09 Oct 2024 10:25:59 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET H2	200	src=10742279;dc_pre=CJnSgPGKgYkDFdloHgIdniw9RA;type=elf8j0;cat=glo_flhp;ord=2586162288585;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denie... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=2586162288585;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJnSgPGKgYkDFdloHgIdniw9RA;type=elf8j0;cat=glo_flhp;ord=2586162288585;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;...	42 B 107 B	87ms 84ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJnSgPGKgYkDFdloHgIdniw9RA;type=elf8j0;cat=glo_flhp;ord=2586162288585;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 09 Oct 2024 10:26:00 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers cache-control no-cache, must-revalidate timing-allow-origin * location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJnSgPGKgYkDFdloHgIdniw9RA;type=elf8j0;cat=glo_flhp;ord=2586162288585;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? pragma no-cache cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 09 Oct 2024 10:25:59 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET H2	200	src=10742279;dc_pre=CIq2gvGKgYkDFWRhHgIdG4girw;type=elf8j0;cat=glo_flap;ord=8842161124283;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denie... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=8842161124283;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CIq2gvGKgYkDFWRhHgIdG4girw;type=elf8j0;cat=glo_flap;ord=8842161124283;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;...	42 B 107 B	85ms 82ms	Image image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CIq2gvGKgYkDFWRhHgIdG4girw;type=elf8j0;cat=glo_flap;ord=8842161124283;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 09 Oct 2024 10:26:00 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers cache-control no-cache, must-revalidate timing-allow-origin * location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CIq2gvGKgYkDFWRhHgIdG4girw;type=elf8j0;cat=glo_flap;ord=8842161124283;npa=1;u1=https%3A%2F%2Felfcosmetics.youshp.com%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4a70v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;tcfd=10001;tag_exp=101671035~101747727;epver=2;~oref=https%3A%2F%2Felfcosmetics.youshp.com? pragma no-cache cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Wed, 09 Oct 2024 10:25:59 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 118 B	275ms 198ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4a70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101529665~101671035~101747727&cid=768868140.1728469560&ecid=1278251925&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=206502309.1728469558&sst.etld=google.nl&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=1&sid=1728469559&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5955&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache x-accel-buffering no access-control-allow-credentials true x-content-type-options nosniff via 1.1 google access-control-allow-origin https://elfcosmetics.youshp.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:26:00 GMT content-type text/plain server Google Frontend
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	348ms 289ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4a70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101529665~101671035~101747727&cid=768868140.1728469560&ecid=1278251925&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=206502309.1728469558&sst.etld=google.nl&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=2&sid=1728469559&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=pageview&ep.vendor_id=pinterest&ep.email=&ep.event_id=1728469842849_17284697702969&ep.external_id=&ep.pinterest_pixel_id=549755876323&_et=4&tfd=5973&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache x-accel-buffering no access-control-allow-credentials true x-content-type-options nosniff via 1.1 google access-control-allow-origin https://elfcosmetics.youshp.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:26:00 GMT content-type text/plain server Google Frontend
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 298 B	201ms 155ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4a70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101529665~101671035~101747727&cid=768868140.1728469560&ecid=1278251925&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=IA&sst.rnd=206502309.1728469558&sst.etld=google.nl&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=3&sid=1728469559&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=view_promotion&ep.promotions=%5Bobject%20Object%5D&ep.promotion_name=2024-10-08-Beauty%20Squad%20Holiday%20Shop%20FAN-Side%20by%20Side%20v2&ep.promotion_id=28694fb5-981d-4e70-94d2-90c0f3b5a921&ep.creative_name=Banner%20Side-by-Side&_et=1&tfd=5987&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache x-accel-buffering no access-control-allow-credentials true x-content-type-options nosniff via 1.1 google access-control-allow-origin https://elfcosmetics.youshp.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:26:00 GMT content-type text/plain server Google Frontend
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	307ms 261ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4a70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101529665~101671035~101747727&cid=768868140.1728469560&ecid=1278251925&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=206502309.1728469558&sst.etld=google.nl&sst.gcsub=region1&sst.adr=1&sst.ude=0&_s=4&sid=1728469559&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&ep.vendor_id=facebook&ep.event_id=1728469842849_172846977029616&ep.email=&ep.phone=&ep.facebook_pixel_id=1638306756445368&_et=2&tfd=5987&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache x-accel-buffering no access-control-allow-credentials true x-content-type-options nosniff via 1.1 google access-control-allow-origin https://elfcosmetics.youshp.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:26:00 GMT content-type text/plain server Google Frontend
GET H2	200	local www.paypal.com/credit-presentment/experiments/ Frame 4ED4	0 0	96ms 20ms	Document text/html	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.12&integrationType=SDK Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48BF) / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Xss-Protection 1; mode=block Request headers Referer https://elfcosmetics.youshp.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-expose-headers Server-Timing age 50220 cache-control s-maxage=86400, max-age=0 content-encoding gzip content-length 1524 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com content-type text/html; charset=utf-8 date Wed, 09 Oct 2024 10:26:00 GMT dc ccg11-origin-www-1.paypal.com etag W/"1479-HDYU31A2OAwV7vaCH30AAQQyfps" last-modified Tue, 08 Oct 2024 20:29:00 GMT origin-trial AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id 018000ba58859 permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server ECAcc (ama/48BF) server-timing content-encoding;desc="", x-cdn;desc="edgecast" strict-transport-security max-age=63072000; includeSubDomains; preload timing-allow-origin * traceparent 00-0000000000000000000018000ba58859-d0c39b3d5f38f553-01 vary Accept-Encoding x-cache HIT x-xss-protection 1; mode=block
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 5 KB	342ms 342ms	Script application/x-javascript	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=elfcosmetics.youshp.com&t=xo&v=5.0.460&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhd/35BE) / Resource Hash 3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-AZy+Zwt0R4IgKY9fHxNfiBIzF92F3H+zSwnnJZVPpUOLMY8l' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers paypal-debug-id 078a385b23b29 content-encoding gzip etag W/"2fa1-jxsR74+mGy9/tfIPXuzhzw2WmKM" origin-trial AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ== x-content-type-options nosniff traceparent 00-0000000000000000000078a385b23b29-1515513032608e64-01 server-timing content-encoding;desc="", x-cdn;desc="edgecast" dc ccg11-origin-www-1.paypal.com date Wed, 09 Oct 2024 10:26:00 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-AZy+Zwt0R4IgKY9fHxNfiBIzF92F3H+zSwnnJZVPpUOLMY8l' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; cache-control public, max-age=3600 timing-allow-origin * accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") x-xss-protection 1; mode=block server ECAcc (lhd/35BE)
OPTIONS H2	204	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	260ms 177ms	Preflight	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhd/3588) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://elfcosmetics.youshp.com cache-control max-age=0, no-cache, no-store, must-revalidate date Wed, 09 Oct 2024 10:26:00 GMT dc ccg11-origin-www-1.paypal.com origin-trial AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id 067057717075b permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server ECAcc (lhd/3588) server-timing content-encoding;desc="", x-cdn;desc="edgecast" strict-transport-security max-age=63072000; includeSubDomains; preload timing-allow-origin * traceparent 00-0000000000000000000067057717075b-111ba573dab20fc4-01 vary Accept-Encoding Origin, Access-Control-Request-Headers x-content-type-options nosniff
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/	963 B 745 B	202ms 197ms	XHR application/json	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhd/35E3) / Resource Hash 47d81cc8caca5d131afd8ee4cd4e2af8f0d6c9ea7ce67f733219c7a9d33248fe Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://elfcosmetics.youshp.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 accept application/json content-type application/json Response headers paypal-debug-id 002520418231b content-encoding gzip etag W/"3c3-s9zEKwlvKwHqyrN9eIHNwKgxjC4" origin-trial AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ== x-content-type-options nosniff traceparent 00-0000000000000000000002520418231b-fb6eb81a46bb9eff-01 server-timing content-encoding;desc="", x-cdn;desc="edgecast" dc ccg11-origin-www-1.paypal.com date Wed, 09 Oct 2024 10:26:00 GMT content-type application/json; charset=utf-8 vary Accept-Encoding, Origin strict-transport-security max-age=63072000; includeSubDomains; preload cache-control max-age=0, no-cache, no-store, must-revalidate timing-allow-origin * accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 access-control-allow-credentials true permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") access-control-allow-origin https://elfcosmetics.youshp.com content-length 570 server ECAcc (lhd/35E3)
GET H2	200	jsp Show response ut.rd.linksynergy.com/	148 B 404 B	103ms 24ms	Script text/plain	34.98.67.3 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 3.67.98.34.bc.googleusercontent.com Software / Resource Hash 7fc9f6679bfa2bdaf3b36b9591f4d16d2d703a92d4c0bae9dada3def2de21b97 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers via 1.1 google strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148 date Wed, 09 Oct 2024 10:26:00 GMT x-samesite secure content-type text/plain; charset=utf-8
GET H3	200	1638306756445368 Show response connect.facebook.net/signals/config/	80 KB 16 KB	215ms 215ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1638306756445368?v=2.9.170&r=stable&domain=elfcosmetics.youshp.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash b74b9bea6ff41fcbe42d724a98568bb4409cb6127183d9988bd4a87e2557cf6a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Wed, 09 Oct 2024 10:26:00 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=74, mss=1232, tbw=67270, tp=63, tpl=0, uplat=176, ullat=0 pragma public x-fb-debug Tofj9HMHl3I1x5po9Vp/8Y1eEnOYvcCgsGFEClgo/g0T9l+5vrAXz8xoWc/E8unGL3qyuGjGWztedy493UAFXQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	main.MWEzNzVlZGY0MQ.js Show response analytics.tiktok.com/i18n/pixel/static/	341 KB 96 KB	23ms 22ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWEzNzVlZGY0MQ.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4e9f6a80a2c5e548c6cdb6ab88151d457a77c8f33a626b3153aed2846b59a56a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-cache TCP_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18 x-tt-trace-id 00-24100812444993CBDE6798FA730CD067-4631E56C352D59EB-00 content-length 97876 date Wed, 09 Oct 2024 10:26:00 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 2024100812444993CBDE6798FA730CD067 server nginx x-akamai-request-id 426610d x-tt-trace-host 01ff49486275349e4e826553dcbfec6063234721e63fc54a939c3d0c4e01d677b15c79cf784fd4f0042e96bcebfa63379491c585a8e35d9795f76afde74daab9eb7c56e92cfe51d62656ad5cfc5b917bf8d8c657534bc6372b9cf95927eef3e483
GET H2	200	main.MWEzNzVlZGY0MA.js Show response analytics.tiktok.com/i18n/pixel/static/	336 KB 95 KB	60ms 60ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWEzNzVlZGY0MA.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 0fa4b363e8c64be0ce5fc394e33075b0d4475f41a1d49cb02da79ebbac12829e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-cache TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16 x-tt-trace-id 00-241008124449AE9A27E089386504FCD0-6DF276194C0CB86A-00 content-length 96184 date Wed, 09 Oct 2024 10:26:00 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 20241008124449AE9A27E089386504FCD0 server nginx x-akamai-request-id 4266122 x-tt-trace-host 01e3d3591af99c65d26c9ef87fab21fd8b3834e7c07d14287fee898e71e430950116b3fa2d7464320254629d4673f3cf43dc8031650e3807a4246f0102e58555c6a9fb2a8ff7bca923c49d7cfeb208250c56edf7aa5693b002aee6302e160e130e
GET H2	200	topics_api Show response psb.taboola.com/	65 B 280 B	145ms 50ms	Fetch text/html	151.101.65.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://psb.taboola.com/topics_api Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control private, max-age=2592000 retry-after 0 x-timer S1728469561.515947,VS0,VE0 observe-browsing-topics ?1 via 1.1 varnish accept-ranges bytes access-control-allow-origin * x-cache HIT content-length 65 date Wed, 09 Oct 2024 10:26:00 GMT content-type text/html; charset=utf-8 x-served-by cache-mad2200100-MAD server Varnish x-cache-hits 0
GET H2	200	json Show response trc.taboola.com/1691051/trc/3/	3 KB 2 KB	89ms 80ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1691051/trc/3/json?tim=1728469560409&data=%7B%22id%22%3A445%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1728469560393%2C%22cv%22%3A%2220241006-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Felfcosmetics.youshp.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Delfcosmetics-sccnx%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1728469560408%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Felfcosmetics.youshp.com%2F%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 8b50caa7a4d3fc2c7a704d55c8c0830b7d2b050848b6bc0c252c33a93440db1b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding gzip x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-log-content-encoding gzip date Wed, 09 Oct 2024 10:26:00 GMT content-type application/javascript; charset=utf-8 x-served-by cache-mad22048-MAD x-cache-hits 0 vary Accept-Encoding x-fastly-to-nlb-rtt 28822 x-timer S1728469560.469375,VS0,VE39 x-vcl-time-ms 39 access-control-allow-credentials true via 1.1 varnish cpu 0.20675 accept-ranges bytes access-control-allow-origin * x-service-version v1 server nginx
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/8579e400/www-widgetapi.vflset/	31 KB 10 KB	24ms 23ms	Script text/javascript	172.217.16.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8579e400/www-widgetapi.vflset/www-widgetapi.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f14.1e100.net Software sffe / Resource Hash 36cb859be5a639c678f317d76c5c589da1b5e08820fcce41d67c38b517efa959 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding br age 9402 report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} x-content-type-options nosniff expires Thu, 09 Oct 2025 07:49:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 07:49:18 GMT last-modified Mon, 07 Oct 2024 04:13:34 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" content-length 10417 x-xss-protection 0 server sffe
GET H3	200	ig.js Show response cdn8.eu.inside.chat/	124 KB 42 KB	37ms 36ms	Script text/javascript	104.18.8.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn8.eu.inside.chat/ig.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e7ec27ffa6415cdcf64d625027e70be21af31e687dbc5f922b750ed85087926 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubdomains cache-control public, max-age=3600 content-encoding br cf-bgj minify cf-cache-status HIT age 40 cf-ray 8cfdab80dbbedbec-FRA expires Wed, 09 Oct 2024 11:26:00 GMT cf-polished origSize=171336 date Wed, 09 Oct 2024 10:26:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.47/	64 KB 27 KB	49ms 49ms	Script application/javascript	13.107.253.64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.47/clarity.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-azure-ref 20241009T102600Z-185dcd6bb46dwttdybxqse915g00000007t000000000dxs4 cache-control public, max-age=86400 x-ms-version 2018-03-28 content-encoding br etag W/"0x8DCE6D934B3DB75" x-fd-int-roxy-purgeid 51562430 x-ms-request-id 2364d687-701e-003e-3f20-19b9a4000000 access-control-allow-origin * x-cache TCP_HIT date Wed, 09 Oct 2024 10:26:00 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding last-modified Mon, 07 Oct 2024 14:06:14 GMT
GET H2	200	main.97c41ef3.js Show response s.pinimg.com/ct/lib/	82 KB 23 KB	49ms 48ms	Script application/javascript	23.206.208.183 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/lib/main.97c41ef3.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-183.deploy.static.akamaitechnologies.com Software / Resource Hash e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers access-control-max-age 86400 cache-control max-age=1209600 access-control-expose-headers X-CDN content-encoding br etag "e1539e83e14f862d3b381b23e74d63fa" x-cdn akamai access-control-allow-methods GET accept-ranges bytes access-control-allow-origin * content-length 23701 content-type application/javascript vary Accept-Encoding, Origin x-amz-server-side-encryption AES256
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_16331p/	3 B 124 B	188ms 51ms	XHR application/json	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_16331p/config Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control max-age=14400 content-encoding gzip via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 27 date Wed, 09 Oct 2024 10:26:00 GMT content-type application/json
GET H2	200	t2_16331p_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 699 B	444ms 49ms	XHR application/json	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control max-age=300 nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} content-encoding gzip report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 97 date Wed, 09 Oct 2024 10:26:00 GMT content-type application/json vary Accept-Encoding,Origin server snooserv
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	186ms 58ms	Image image/gif	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1728469560476&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=d67a94148cccec5ee65c25ff95baa7f64f958359434b782fcae869ebf746caeb&uuid=5241ccd6-4504-4bc2-9802-a3ad042b81d4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_5afed25b&dpm=&dpcc=&dprc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} retry-after 0 cross-origin-resource-policy cross-origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish accept-ranges bytes content-length 42 date Wed, 09 Oct 2024 10:26:00 GMT content-type image/gif server Varnish
GET H2	200	widget.css js.jebbit.com/companion/v1/	15 KB 16 KB	35ms 33ms	Stylesheet text/css	13.35.58.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.css Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-92.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-amz-version-id fgLtE0C.phC7FjS26Fxc9wt33wvWl9V5 etag "c2b625a2843069c776e8a618c90b952a" age 61592 via 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 15522 x-amz-cf-id p6Ex5Wyo5i38X5XSxyO3Xo-BxOvgD20iF0B1h-es2XBKRdR8JFxobA== date Tue, 08 Oct 2024 17:19:29 GMT content-type text/css last-modified Mon, 07 Oct 2024 17:19:22 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 x-amz-server-side-encryption AES256
GET		launcher_configs external-api.jebbit.com/moments/v2/	0 0
GET H2	200	holiday-gift-shop-2024-10-IMAGE-3_D cdn.media.amplience.net/i/elfcosmetics/	32 KB 32 KB	26ms 25ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-3_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-3_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-3_D?fmt=auto&w=2460%203x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 493e40fb447d662159ccfcabd695a5de78aef241733a35456aa7b7e67639f998 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag 1pEyav_DB,l4p5bDg2e,PTz_i_D2r,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:26:00 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id s_loOj4CwD x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 32335 x-amp-published Tue, 08 Oct 2024 15:55:02 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H2	200	5013978.js Show response bat.bing.com/p/action/	370 B 420 B	43ms 41ms	Script application/javascript	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5013978.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2FD61F3482CD4108BD12814D56F93355 Ref B: AMS231020615051 Ref C: 2024-10-09T10:26:00Z x-cache CONFIG_NOCACHE date Wed, 09 Oct 2024 10:25:59 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	ts t.paypal.com/	42 B 634 B	336ms 208ms	Image image/gif	151.101.195.1 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1728469560656&g=-120&completeurl=https%3A%2F%2Felfcosmetics.youshp.com%2F&ru=https%3A%2F%2Felfcosmetics.youshp.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers access-control-expose-headers Server-Timing paypal-debug-id 0f3d15f0f687c correlation-id 0f3d15f0f687c expires Wed, 09 Oct 2024 10:26:00 GMT traceparent 00-00000000000000000000f3d15f0f687c-bfd2c420f2159db9-01 x-cache MISS, MISS p3p CP="CAO IND OUR SAM UNI STA COR COM" server-timing "traceparent;desc="00-00000000000000000000f3d15f0f687c-4df3475448a1841e-01"";content-encoding;desc="",x-cdn;desc="fastly" date Wed, 09 Oct 2024 10:26:00 GMT content-type image/gif x-served-by cache-lhr-egll1980027-LHR, cache-mad2200131-MAD x-cache-hits 0, 0 vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload cache-control max-age=0, no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache x-timer S1728469561.807526,VS0,VE166 via 1.1 varnish, 1.1 varnish accept-ranges bytes
GET H2	200	identify_7bf75739.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	30ms 28ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-cache TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10 x-tt-trace-id 00-2408300225259566A772C0142480CD10-602315FD6571BF12-00 content-length 39455 date Wed, 09 Oct 2024 10:26:00 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 202408300225259566A772C0142480CD10 server nginx x-akamai-request-id 426684f x-tt-trace-host 013c7db2a56d644dc8fd7f6e7ecd689b12a07851d62b1d7cbea7620bdccb515c6097130239d0d03cd7097d4e2c6d6c93d708d19d604bda57f5f1af32042e6c53070f89e179ae570644e5bbf2061d1e6fc869a20a793784dee2941056a3936597ab
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 873 B	183ms 179ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWEzNzVlZGY0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers x-cache-remote TCP_MISS from a23-218-223-91.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Wed, 09 Oct 2024 10:26:00 GMT server-timing cdn-cache; desc=MISS, edge; dur=98, origin; dur=41, inner; dur=29 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) date Wed, 09 Oct 2024 10:26:00 GMT x-akamai-request-id 991f117f.42669a5 access-control-allow-headers Authorization,* x-tt-trace-host 015547b42e38dafb745eb0415774d176744044ebb5d616476ab0e50900aeb6620509429b6532d7df4f6618a527a9c08a1e531964a65a441c4c859abb454f92542853d95d646a107756748ec3f8965fe847b55bfaeb9dbd0ef308bfd3eea88c6ac3ade928b0c5f0897b6622508794e1a65c x-origin-response-time 41,23.218.223.91 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-2410091026001D6E5EA9724A716A1ECA-0B28218B37781BE9-00 content-length 0 x-parent-response-time 132,2.20.179.90 x-tt-logid 202410091026001D6E5EA9724A716A1ECA server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 871 B	172ms 170ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWEzNzVlZGY0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers x-cache-remote TCP_MISS from a23-201-31-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Wed, 09 Oct 2024 10:26:00 GMT server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=31, inner; dur=27 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) date Wed, 09 Oct 2024 10:26:00 GMT x-akamai-request-id e142c86.42669a6 access-control-allow-headers Authorization,* x-tt-trace-host 015547b42e38dafb745eb0415774d176744044ebb5d616476ab0e50900aeb662058172b3fd7e8a9b8cbb423aef652dfbcce678963d45f520ba1bc11942878df3b32f107b218e2a9aa71bb28ee731db0abcc3aaf3e363e6e5c0f2e75c92049746a122d8d826fd1abebeb26b3bc1f77176e4 x-origin-response-time 31,23.201.31.148 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-2410091026003B44692C4F5DC084A293-70EB5C9D4D606618-00 content-length 0 x-parent-response-time 119,2.20.179.90 x-tt-logid 202410091026003B44692C4F5DC084A293 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 712 B	171ms 167ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWEzNzVlZGY0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Wed, 09 Oct 2024 10:26:00 GMT server-timing inner; dur=21, cdn-cache; desc=MISS, edge; dur=6, origin; dur=115 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) date Wed, 09 Oct 2024 10:26:00 GMT x-akamai-request-id 42669b0 access-control-allow-headers Authorization,* x-tt-trace-host 015547b42e38dafb745eb0415774d1767462bee87a0991144bd8e7fa85373d69bf1e786a48e87ce0ac59271d2675264502a4d001a107de909cc26aaf005ed22478620c4125cfde6a65d737172c2a305b4ec4d6bae37f3d135c262500849356b9d4 x-origin-response-time 115,2.20.179.90 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241009102600D1681347E7980F73C2EA-21C44F5D535406D8-00 content-length 0 x-tt-logid 20241009102600D1681347E7980F73C2EA server nginx
GET H2	200	/ www.facebook.com/tr/	0 274 B	392ms 19ms	Image text/plain	157.240.252.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&rl=&if=false&ts=1728469560794&sw=1600&sh=1200&v=2.9.170&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1728469560774.842983093686298587&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1728469560276&coo=false&eid=1728469842849_172846977029616&tm=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1317, tbw=2941, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Wed, 09 Oct 2024 10:26:01 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	550ms 179ms	Image image/png	157.240.252.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&rl=&if=false&ts=1728469560794&sw=1600&sh=1200&v=2.9.170&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1728469560774.842983093686298587&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1728469560276&coo=false&eid=1728469842849_172846977029616&tm=1&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423720237309934025"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa90e50505ca4fe26","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1521466687872304"]},"debug_reporting":true,"debug_key":"1956537053396016199"} date Wed, 09 Oct 2024 10:26:01 GMT content-type image/png vary Accept-Encoding x-fb-debug S+fz4T1NcgYoJEy/FywzeDPbb5N4m8UnGqIUwZndmkkwBjxLKZ+D9t7pPl5mPBbJ+slU3v2FmjcDzEsCx5ASRg== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423720237309934025", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=14, mss=1317, tbw=3259, tp=-1, tpl=-1, uplat=149, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 678 B	225ms 84ms	XHR application/json	151.101.0.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1728469560945&dep=2%2CPAGE_LOAD Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers access-control-expose-headers Epik,Pin-Unauth content-encoding gzip x-pinterest-rid-128bit 5881270b33fcf1d711989e9d1e94d411 expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443";ma=600 date Wed, 09 Oct 2024 10:26:01 GMT content-type application/json; charset=utf-8 cache-control no-cache,no-store,must-revalidate,max-age=0 pragma no-cache x-envoy-upstream-service-time 1 x-cdn fastly access-control-allow-credentials true referrer-policy origin pin-unauth dWlkPVlUWXdPV0kxWkdFdE5UQXpZaTAwTURkbExXSXdaVEl0WkdKaE5EUmxOVGhtT1dSbA pinterest-version 4122d0a0078fd5189b02a6a90108b65336ce16c4 access-control-allow-origin https://elfcosmetics.youshp.com content-length 186 x-pinterest-rid 1267937692764918
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 325 B	225ms 84ms	XHR application/json	151.101.0.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221728469842849_172846977029616%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1728469560952&dep=5%2CEVENT_TAGS_ABSENT Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers access-control-expose-headers Epik,Pin-Unauth content-encoding gzip x-pinterest-rid-128bit a17fce384c2e0f07a45cd40a91bced4e expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443";ma=600 date Wed, 09 Oct 2024 10:26:01 GMT content-type application/json; charset=utf-8 cache-control no-cache,no-store,must-revalidate,max-age=0 pragma no-cache x-envoy-upstream-service-time 1 x-cdn fastly access-control-allow-credentials true referrer-policy origin pin-unauth dWlkPU4yTXpORGhoWTJJdE1HRm1ZeTAwTnpObExXSXpNREF0WWpaa1ptRmtaR1l6WlRKbA pinterest-version 4122d0a0078fd5189b02a6a90108b65336ce16c4 access-control-allow-origin https://elfcosmetics.youshp.com content-length 186 x-pinterest-rid 1184357426193740
OPTIONS H2	200	unip trc.taboola.com/1691051/log/3/ Frame	0 0	77ms 69ms	Preflight	151.101.65.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Felfcosmetics.youshp.com%252F&data=%257B%2522timestamp%2522%253A%25229-10-2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1728469560439&vi=1728469560393&ri=54112404cfaa968669bc61727a66ca9a&cv=20241006-3-RELEASE&tos=598&ssd=1&scd=0&it=JS_PIXEL&psb=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-origin https://elfcosmetics.youshp.com allow GET, HEAD, POST, TRACE, OPTIONS content-length 0 date Wed, 09 Oct 2024 10:26:01 GMT p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" server nginx via 1.1 varnish x-cache MISS x-cache-hits 0 x-fastly-to-nlb-rtt 28369 x-served-by cache-mad2200100-MAD x-service-version v1 x-timer S1728469561.027898,VS0,VE30 x-vcl-time-ms 30
GET H2	204	unip Show response trc.taboola.com/1691051/log/3/	0 134 B	84ms 70ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Felfcosmetics.youshp.com%252F&data=%257B%2522timestamp%2522%253A%25229-10-2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1728469560439&vi=1728469560393&ri=54112404cfaa968669bc61727a66ca9a&cv=20241006-3-RELEASE&tos=598&ssd=1&scd=0&it=JS_PIXEL&psb=true Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Attribution-Reporting-Eligible trigger Referer https://elfcosmetics.youshp.com/ Response headers x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" date Wed, 09 Oct 2024 10:26:01 GMT content-type image/gif x-served-by cache-mad22048-MAD x-cache-hits 0 cache-control no-cache x-fastly-to-nlb-rtt 25712 pragma no-cache x-timer S1728469561.116982,VS0,VE29 x-vcl-time-ms 29 access-control-allow-credentials true via 1.1 varnish accept-ranges bytes access-control-allow-origin https://elfcosmetics.youshp.com x-service-version v1 server nginx
GET H2	204	0 bat.bing.com/action/	0 287 B	46ms 39ms	Image text/plain	150.171.27.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=4e5ead50-183c-4ffb-bdc4-a70ce2d23ff6&sid=e1650920862811ef90ccbb4fb3f1919d&vid=e1653700862811ef8798af038ad817d8&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&p=https%3A%2F%2Felfcosmetics.youshp.com%2F&r=&lt=5111&evt=pageLoad&sv=1&cdb=AQEV&rn=571768 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 267799DF075D41859DDF7F9884729336 Ref B: AMS231020615051 Ref C: 2024-10-09T10:26:01Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Wed, 09 Oct 2024 10:26:00 GMT
GET H3	403	config Show response www8.eu.inside.chat/	4 B 354 B	153ms 81ms	XHR application/json	104.18.8.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Felfcosmetics.youshp.com&sid=1&j=1 Requested by Host: cdn8.eu.inside.chat URL: https://cdn8.eu.inside.chat/ig.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://elfcosmetics.youshp.com/ Response headers strict-transport-security max-age=31536000; includeSubdomains cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate cf-cache-status DYNAMIC pragma no-cache access-control-allow-credentials true cf-ray 8cfdab84efe71c30-FRA expires Sat, 01 Jan 2000 00:00:00 GMT access-control-allow-origin https://elfcosmetics.youshp.com content-length 4 p3p CP="insert_p3p_privacy_policy_here" date Wed, 09 Oct 2024 10:26:01 GMT content-type application/json; charset=UTF-8 last-modified Sat, 01 Jan 2000 00:00:00 GMT server cloudflare
GET H2	200	shimmer-shine-2024-10-2-IMAGE-4_D cdn.media.amplience.net/i/elfcosmetics/	88 KB 0	10ms 10ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/shimmer-shine-2024-10-2-IMAGE-4_D?fmt=auto Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 24de956c46f155629cbf20697ef0a3d056ccc15a1b9b2534de14d1419aa0d1f7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag DR_mxaNiC,l4p5bDg2e,Ggjij5bS8,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:25:57 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id xhvmx9mkLU x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 90321 x-amp-published Mon, 23 Sep 2024 21:32:45 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 874 B	234ms 212ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWEzNzVlZGY0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers x-cache-remote TCP_MISS from a104-112-235-207.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Wed, 09 Oct 2024 10:26:01 GMT server-timing cdn-cache; desc=MISS, edge; dur=99, origin; dur=31, inner; dur=27 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-) date Wed, 09 Oct 2024 10:26:01 GMT x-akamai-request-id 270158ea.426730c access-control-allow-headers Authorization,* x-tt-trace-host 015547b42e38dafb745eb0415774d1767464234f6d43a3b2060561d83a340fe6af87621cd972d2a79878179f65870fd97045da90e340fc296020b7079d965694d0d210bd2b09ad9a6338be1de4b36a8af3831e29d8dc66b5fc70d7889ba836ed484065bd7f1fbfcb465152d806216e01d0 x-origin-response-time 31,104.112.235.207 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241009102601E81A94EC0087256B5DE5-1D6691FF92825134-00 content-length 0 x-parent-response-time 118,2.20.179.90 x-tt-logid 20241009102601E81A94EC0087256B5DE5 server nginx
GET H2	200	cnxtag-min.js Show response js.cnnx.link/roi/	2 KB 1 KB	467ms 30ms	Script text/javascript	13.224.189.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.cnnx.link/roi/cnxtag-min.js?id=316282 Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-25.fra2.r.cloudfront.net Software / Resource Hash d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control max-age=600 content-encoding gzip age 441 via 1.1 google, 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id O3vqvZQoo1w-KrkF2q_zjPqa4otjE9mHGLh_Dq43gdm_U44z7vOdhA== date Wed, 09 Oct 2024 10:18:40 GMT content-type text/javascript;charset=UTF-8 vary Accept-Encoding x-amz-cf-pop FRA2-C1
GET H2	200	runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	908 B 1 KB	423ms 40ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-goog-metageneration 1 access-control-expose-headers etag, Content-Type content-encoding br x-goog-hash crc32c=zwy9lg==, md5=HCxXU9+1dkCoulTxEZNLMA== etag "1c2c5753dfb57640a8ba54f111934b30" age 2554516 ad-auction-allowed true x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 509 date Mon, 09 Sep 2024 20:50:45 GMT last-modified Mon, 09 Sep 2024 20:50:37 GMT content-type text/javascript x-guploader-uploadid AD-8ljvu3356Fbywfww6El-qwhwfx-0hJbR7i9WE-ldipkNtv0W-IVJZzSrOwmEvKEjAE4ViCLA cache-control public,max-age=31536000 x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1725915037857422 content-length 509 server UploadServer
GET H2	200	/ Show response ct.pinterest.com/v3/	35 B 207 B	91ms 84ms	Fetch image/gif	151.101.0.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Felfcosmetics.youshp.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1728469561087 Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache,no-store,must-revalidate,max-age=0 pragma no-cache x-envoy-upstream-service-time 1 x-pinterest-rid-128bit b876a0628d3f47dec765162fbfaba882 x-cdn fastly access-control-allow-credentials true referrer-policy origin expires Sat, 01 Jan 2000 00:00:00 GMT pinterest-version 4122d0a0078fd5189b02a6a90108b65336ce16c4 access-control-allow-origin https://elfcosmetics.youshp.com alt-svc h3=":443";ma=600 content-length 35 date Wed, 09 Oct 2024 10:26:01 GMT x-pinterest-rid 1436791458053040 content-type image/gif
POST H/1.1	204 No Content	collect Show response f.clarity.ms/	0 287 B	717ms 325ms	XHR text/plain	51.8.44.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://f.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.47/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/x-clarity-gzip Referer https://elfcosmetics.youshp.com/ Response headers Request-Context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8 Access-Control-Allow-Origin https://elfcosmetics.youshp.com Date Wed, 09 Oct 2024 10:26:01 GMT Vary Origin Server nginx Connection keep-alive Access-Control-Allow-Credentials true
GET H2	200	/ Show response ct.pinterest.com/v3/	35 B 357 B	86ms 85ms	Fetch image/gif	151.101.0.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221728469842849_172846977029616%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1728469561229&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22external_id%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPVlUWXdPV0kxWkdFdE5UQXpZaTAwTURkbExXSXdaVEl0WkdKaE5EUmxOVGhtT1dSbA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Felfcosmetics.youshp.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache,no-store,must-revalidate,max-age=0 pragma no-cache x-envoy-upstream-service-time 1 x-pinterest-rid-128bit 00f9d2b1c9bde77368ca91c495a54694 x-cdn fastly access-control-allow-credentials true referrer-policy origin expires Sat, 01 Jan 2000 00:00:00 GMT pinterest-version 4122d0a0078fd5189b02a6a90108b65336ce16c4 access-control-allow-origin https://elfcosmetics.youshp.com alt-svc h3=":443";ma=600 content-length 35 date Wed, 09 Oct 2024 10:26:01 GMT x-pinterest-rid 7551007998750312 content-type image/gif
GET H2	200	main-v2_a309003486d642470198f85ecb7568cf.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	518 KB 113 KB	35ms 8ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_a309003486d642470198f85ecb7568cf.br.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 78a416722caaab0e6050f22534ce0bf9e50114d131dd564c9de7a4e9dd8b23df Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-goog-metageneration 1 access-control-expose-headers etag, Content-Type content-encoding br x-goog-hash crc32c=DWfb1A==, md5=gidWVc9FT1v7wWwhvFrB+Q== etag "82275655cf454f5bfbc16c21bc5ac1f9" age 62668 ad-auction-allowed true x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 115445 date Tue, 08 Oct 2024 17:01:33 GMT last-modified Tue, 08 Oct 2024 17:01:26 GMT content-type text/javascript x-guploader-uploadid AHmUCY2HLgjO_McUdNqVmZ8SiXSrpHQAz7y7coyBcsqLTeVuTqH-XVb2vC4U881iMbjCbq409SE cache-control public,max-age=31536000 x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1728406886167421 content-length 115445 server UploadServer
GET H2	200	cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	49 KB 16 KB	96ms 71ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-goog-metageneration 1 access-control-expose-headers etag, Content-Type content-encoding gzip x-goog-hash crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g== etag "1eb885454ea6bef1c9747800702959de" age 1956439 ad-auction-allowed true x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 15748 date Mon, 16 Sep 2024 18:58:42 GMT last-modified Mon, 22 Apr 2024 20:59:52 GMT content-type text/javascript; charset=utf-8 x-guploader-uploadid AD-8ljuGzIMZeS5gqD4VINvU5gVXdsTBT2u-VwRQ6K9HMJhOGmondUIuF7gD6FrbK0l5XSiWAZU cache-control public,max-age=31536000,no-transform x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1713819592631797 content-length 15748 server UploadServer
GET H3	200	inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	19 KB 5 KB	31ms 29ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-goog-metageneration 1 access-control-expose-headers etag, Content-Type content-encoding br x-goog-hash crc32c=df/Fww==, md5=CihY9k4bsokmzU8kBOwKQw== etag "0a2858f64e1bb28926cd4f2404ec0a43" age 1115026 ad-auction-allowed true x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 5475 date Thu, 26 Sep 2024 12:42:15 GMT last-modified Wed, 25 Sep 2024 13:57:07 GMT content-type text/javascript x-guploader-uploadid AD-8ljvCa6Z9abcReJEo9zit-Cp4We8TCnqmiuRiGH18rDW_mGVB_9MniJGdSEmYllzp_xOUqiM cache-control public,max-age=31536000 x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1724762528130326 content-length 5475 server UploadServer
GET H3	200	sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 1 KB	41ms 39ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-goog-metageneration 1 access-control-expose-headers etag, Content-Type content-encoding br x-goog-hash crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ== etag "684b816ff7fa85526ab4b729fb5f0c91" age 263329 ad-auction-allowed true x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 1303 date Sun, 06 Oct 2024 09:17:12 GMT last-modified Thu, 03 Oct 2024 13:55:39 GMT content-type text/javascript x-guploader-uploadid AD-8ljvOEcWaPvd-GQ7JtNABjnK8GxmMXyenoB4lnDW4bJePR-jgDLulRlbWeLT1zqrBUL0ZsQ cache-control public,max-age=31536000 x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1715027704071310 content-length 1303 server UploadServer
GET H3	200	onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	16 KB 5 KB	31ms 30ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-goog-metageneration 1 access-control-expose-headers etag, Content-Type content-encoding br x-goog-hash crc32c=YWhgXQ==, md5=E+t6bCqMhb3KnLqECwDbLA== etag "13eb7a6c2a8c85bdca9cba840b00db2c" age 1018041 ad-auction-allowed true x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 5039 date Fri, 27 Sep 2024 15:38:40 GMT last-modified Wed, 25 Sep 2024 13:57:18 GMT content-type text/javascript x-guploader-uploadid AD-8ljt-B8bFnDpiBtjYONn5oIRdrAWIOxGguzHOOll937wDNgVon3fXl1wcITyzfXpyTHSBxHnyAzsGLA cache-control public,max-age=31536000 x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1724859510756984 content-length 5039 server UploadServer
GET H3	200	token_create.js Show response ct.pinterest.com/static/ct/	4 KB 4 KB	50ms 47ms	Script application/javascript	151.101.0.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/static/ct/token_create.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-control max-age=7200 timing-allow-origin https://ct.pinterest.com etag "16d5d552603d86726ae439fc61299d42" age 1532 x-cdn fastly alt-svc h3=":443";ma=600 content-length 4103 date Wed, 09 Oct 2024 10:26:01 GMT content-type application/javascript vary Accept-Encoding x-amz-server-side-encryption AES256
GET H2	200	ct.html ct.pinterest.com/ Frame 345D	0 0	197ms 86ms	Document text/html	151.101.192.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/ct.html Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Referer https://elfcosmetics.youshp.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443";ma=600 cache-control max-age=86400 content-encoding gzip content-length 323 content-type text/html; charset=utf-8 date Wed, 09 Oct 2024 10:26:01 GMT pinterest-version 4122d0a0078fd5189b02a6a90108b65336ce16c4 referrer-policy origin x-cdn fastly x-envoy-upstream-service-time 3 x-pinterest-rid 1363138702658401 x-pinterest-rid-128bit f6855499aeedf21bbd2c6a474b68869e
GET H2	200	holiday-gift-shop-2024-10-IMAGE-4_D cdn.media.amplience.net/i/elfcosmetics/	23 KB 23 KB	37ms 36ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-4_D?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-4_D?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/holiday-gift-shop-2024-10-IMAGE-4_D?fmt=auto&w=2460%203x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 998c5758c1563ef4c58b46bc7f6a7b648aa66a18bf1e880ea160161c2a03f5f8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers cache-tag IUIyP8QUu,l4p5bDg2e,1i50EBQW9,WepA0szpz x-amp-source-width 1440 x-content-type-options nosniff date Wed, 09 Oct 2024 10:26:01 GMT content-type image/avif x-frame-options DENY cache-control max-age=1800, s-maxage=86400 x-req-id J77rUuHL0v x-amp-source-height 1040 accept-ranges bytes access-control-allow-origin * content-length 23371 x-amp-published Tue, 08 Oct 2024 15:55:02 GMT x-amp-srv A x-xss-protection 1; mode=block server Unknown
GET H3	200	jquery-3.7.1.min.js Show response assets.bounceexchange.com/assets/bounce/	85 KB 30 KB	27ms 17ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js Requested by Host: elfcosmetics.youshp.com URL: https://elfcosmetics.youshp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers x-goog-metageneration 1 access-control-expose-headers etag, Content-Type x-goog-hash crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg== content-encoding br etag W/"2c872dbe60f4ba70fb85356113d8b35e" age 481842 ad-auction-allowed true x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 87533 date Thu, 03 Oct 2024 20:35:19 GMT last-modified Thu, 03 Oct 2024 13:55:01 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding x-guploader-uploadid AD-8ljsHtkw0PyzPflhBBf9AwqycWCjyXeqHKO6KKHtXldIgQgUSe1wdI0hyJQgpTKwo3TtH_Q cache-control public,max-age=31536000 x-goog-storage-class MULTI_REGIONAL accept-ranges none access-control-allow-origin * x-goog-generation 1727963701642726 content-length 31015 server UploadServer
GET H2	204	unip Show response trc-events.taboola.com/1691051/log/3/	0 252 B	50ms 20ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1667&scd=0&ssd=1&est=1728469560397&ver=36&isls=true&src=i&invt=1500&msa=3866&rv=1&tim=1728469562065&vi=1728469560393&ri=54112404cfaa968669bc61727a66ca9a&ref=null&cv=20241006-3-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Attribution-Reporting-Eligible trigger Referer https://elfcosmetics.youshp.com/ Response headers access-control-allow-origin https://elfcosmetics.youshp.com cache-control no-cache p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" date Wed, 09 Oct 2024 10:26:02 GMT pragma no-cache server nginx access-control-allow-credentials true
OPTIONS H2	200	unip trc-events.taboola.com/1691051/log/3/ Frame	0 0	74ms 13ms	Preflight	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1667&scd=0&ssd=1&est=1728469560397&ver=36&isls=true&src=i&invt=1500&msa=3866&rv=1&tim=1728469562065&vi=1728469560393&ri=54112404cfaa968669bc61727a66ca9a&ref=null&cv=20241006-3-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-origin https://elfcosmetics.youshp.com allow GET, HEAD, POST, TRACE, OPTIONS content-length 0 date Wed, 09 Oct 2024 10:26:02 GMT p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" server nginx
GET H2	451	458359.gif idsync.rlcdn.com/	0 98 B	60ms 19ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/458359.gif?partner_uid=4c2de68e-07ca-4b0f-b6d7-e7b2f6f9c681 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://elfcosmetics.youshp.com/ Response headers via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 09 Oct 2024 10:26:02 GMT
POST H/1.1	204 No Content	collect Show response f.clarity.ms/	0 287 B	493ms 296ms	XHR text/plain	51.8.44.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://f.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.47/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/x-clarity-gzip Referer https://elfcosmetics.youshp.com/ Response headers Request-Context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8 Access-Control-Allow-Origin https://elfcosmetics.youshp.com Date Wed, 09 Oct 2024 10:26:02 GMT Vary Origin Server nginx Connection keep-alive Access-Control-Allow-Credentials true
POST H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 214 B	264ms 263ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4a70v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13m3m3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101529665~101671035~101747727&cid=768868140.1728469560&ecid=1278251925&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=206502309.1728469558&sst.etld=google.nl&sst.gcsub=region1&sst.adr=1&sst.ude=0&sid=1728469559&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.youshp.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&_s=5&tfd=10995&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://elfcosmetics.youshp.com/ Response headers cache-control no-cache x-accel-buffering no access-control-allow-credentials true x-content-type-options nosniff via 1.1 google access-control-allow-origin https://elfcosmetics.youshp.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 09 Oct 2024 10:26:05 GMT content-type text/plain server Google Frontend
GET H2	204	unip Show response trc-events.taboola.com/1691051/log/3/	0 251 B	15ms 14ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4670&scd=0&ssd=1&est=1728469560397&ver=36&isls=true&src=i&invt=3000&msa=3866&rv=1&tim=1728469565068&vi=1728469560393&ri=54112404cfaa968669bc61727a66ca9a&ref=null&cv=20241006-3-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Attribution-Reporting-Eligible trigger Referer https://elfcosmetics.youshp.com/ Response headers access-control-allow-origin https://elfcosmetics.youshp.com cache-control no-cache p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" date Wed, 09 Oct 2024 10:26:05 GMT pragma no-cache server nginx access-control-allow-credentials true
OPTIONS H2	200	unip trc-events.taboola.com/1691051/log/3/ Frame	0 0	15ms 14ms	Preflight	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4670&scd=0&ssd=1&est=1728469560397&ver=36&isls=true&src=i&invt=3000&msa=3866&rv=1&tim=1728469565068&vi=1728469560393&ri=54112404cfaa968669bc61727a66ca9a&ref=null&cv=20241006-3-RELEASE&item-url=https%3A%2F%2Felfcosmetics.youshp.com%2F&it=JS_PIXEL Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://elfcosmetics.youshp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-origin https://elfcosmetics.youshp.com allow GET, HEAD, POST, TRACE, OPTIONS content-length 0 date Wed, 09 Oct 2024 10:26:05 GMT p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" server nginx
POST H/1.1	204 No Content	collect Show response f.clarity.ms/	0 287 B	101ms 98ms	XHR text/plain	51.8.44.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://f.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.47/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/x-clarity-gzip Referer https://elfcosmetics.youshp.com/ Response headers Request-Context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8 Access-Control-Allow-Origin https://elfcosmetics.youshp.com Date Wed, 09 Oct 2024 10:26:05 GMT Vary Origin Server nginx Connection keep-alive Access-Control-Allow-Credentials true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn-fsly.yottaa.net

URL

https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/

Domain

cdn-fsly.yottaa.net

URL

https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/

Domain

cdn-fsly.yottaa.net

URL

https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d4210220/www.elfcosmetics.com/v~4b.a7/

Domain

pixel.pointmediatracker.com

URL

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=4337bf34-6729-4990-8bf0-7f1518c9269a&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1054831997

Domain

edge.curalate.com

URL

https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js

Domain

external-api.jebbit.com

URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZlbGZjb3NtZXRpY3MueW91c2hwLmNvbSUyRg==&completedLightboxCampaigns=W10=&jebbitCookies=