urlscan.io logo urlscan.io
SecurityTrails logo

www.elfcosmeticsus.us Open in urlscan Pro
37.72.142.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.elfcosmeticsus.us/
Effective URL: https://www.elfcosmeticsus.us/
Submission: On November 05 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 3 countries across 46 domains to perform 196 HTTP transactions. The main IP is 37.72.142.213, located in Georgia and belongs to MALAKMADZE, GE. The main domain is www.elfcosmeticsus.us.
TLS certificate: Issued by R10 on September 9th 2024. Valid for: 3 months.
This is the only time www.elfcosmeticsus.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 37.72.142.213 199242 (MALAKMADZE)
2 9 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.18.11.236 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:21d... 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
2 104.26.13.205 13335 (CLOUDFLAR...)
5 151.101.129.21 54113 (FASTLY)
1 69.192.20.204 16625 (AKAMAI-AS)
1 108.139.47.3 16509 (AMAZON-02)
6 104.18.38.107 13335 (CLOUDFLAR...)
2 34.98.67.3 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 151.101.195.1 54113 (FASTLY)
1 2600:9000:280... 16509 (AMAZON-02)
1 142.250.80.68 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 151.101.65.44 54113 (FASTLY)
1 13.226.94.108 16509 (AMAZON-02)
2 6 68.67.161.182 29990 (ASN-APPNEX)
8 11 52.223.40.198 16509 (AMAZON-02)
2 2 142.251.40.194 15169 (GOOGLE)
2 2 69.173.151.100 26667 (RUBICONPR...)
2 2 68.67.160.75 29990 (ASN-APPNEX)
2 2 35.211.202.130 15169 (GOOGLE)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 2a04:4e42::300 54113 (FASTLY)
2 151.101.1.44 54113 (FASTLY)
1 2600:9000:23c... 16509 (AMAZON-02)
5 10 142.251.40.166 15169 (GOOGLE)
6 142.251.40.198 15169 (GOOGLE)
6 34.49.124.132 396982 (GOOGLE-CL...)
1 2 142.251.41.6 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
8 18.238.80.13 16509 (AMAZON-02)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
6 141.226.224.48 200478 (TABOOLA-AS)
1 142.251.40.200 15169 (GOOGLE)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 31.13.71.7 32934 (FACEBOOK)
2 2a04:4e42:200... 54113 (FASTLY)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
9 184.51.148.162 20940 (AKAMAI-ASN1)
4 2600:9000:280... 16509 (AMAZON-02)
2 34.120.253.250 396982 (GOOGLE-CL...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 44.219.223.51 14618 (AMAZON-AES)
2 18.238.80.101 16509 (AMAZON-02)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
1 151.101.193.140 54113 (FASTLY)
2 151.101.1.140 54113 (FASTLY)
16 34.98.72.95 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.236.132.176 14618 (AMAZON-AES)
4 2a03:2880:f11... 32934 (FACEBOOK)
7 151.101.64.84 54113 (FASTLY)
1 34.149.119.96 15169 (GOOGLE)
1 34.120.16.118 396982 (GOOGLE-CL...)
1 35.190.127.230 15169 (GOOGLE)
1 151.101.0.84 54113 (FASTLY)
2 34.149.130.207 396982 (GOOGLE-CL...)
1 2600:1901:0:5... 396982 (GOOGLE-CL...)
7 34.111.8.32 396982 (GOOGLE-CL...)
1 2 34.149.254.212 396982 (GOOGLE-CL...)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 172.217.165.142 ()
196 64
8    37.72.142.213 (Georgia)

ASN199242 (MALAKMADZE, GE)
www.elfcosmeticsus.us
9    2606:4700:4400::6812:20dd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.media.amplience.net
1    2606:4700:4400::6812:226c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.c1.amplience.net
1    104.18.11.236 (None, )

ASN13335 (CLOUDFLARENET, US)
edge.curalate.com
2    2606:4700:4400::6812:252f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.static.amplience.net
11    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:21dd:400:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dynamicyield.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
2    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
5    151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    69.192.20.204 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-20-204.deploy.static.akamaitechnologies.com
static.ordergroove.com
1    108.139.47.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-3.jfk50.r.cloudfront.net
websdk.appsflyer.com
6    104.18.38.107 (None, )

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
2    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
ut.rd.linksynergy.com
tags.rd.linksynergy.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    151.101.195.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    2600:9000:2807:5600:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
st.dynamicyield.com
1    142.250.80.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net
www.google.com
2    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
5    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    13.226.94.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-108.jfk52.r.cloudfront.net
t.contentsquare.net
6    68.67.161.182 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    68.67.160.75 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
2    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
pips.taboola.com
1    2600:9000:23cb:1a00:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.cnnx.link
10    142.251.40.166 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
6    142.251.40.198 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net
ad.doubleclick.net
6    34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com
sgtm.elfcosmetics.com
2    142.251.41.6 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net
10265292.fls.doubleclick.net
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    18.238.80.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-13.jfk52.r.cloudfront.net
async-px.dynamicyield.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
6    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    142.251.40.200 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f8.1e100.net
www.googletagmanager.com
2    2600:141b:1c00:2588::1931 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
2    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
9    184.51.148.162 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-148-162.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2600:9000:2807:ec00:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.jebbit.com
2    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
3    2606:4700::6812:911 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn8.eu.inside.chat
2    44.219.223.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-223-51.compute-1.amazonaws.com
pixel.pointmediatracker.com
2    18.238.80.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-101.jfk52.r.cloudfront.net
cdn.blisspointmedia.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
2    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
16    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2606:4700::6812:811 (United States)

ASN13335 (CLOUDFLARENET, US)
www8.eu.inside.chat
1    54.236.132.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-132-176.compute-1.amazonaws.com
external-api.jebbit.com
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    34.149.119.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.119.149.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.120.16.118 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.16.120.34.bc.googleusercontent.com
page.cdnbasket.net
1    35.190.127.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.127.190.35.bc.googleusercontent.com
view.cdnbasket.net
1    151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    34.149.130.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.130.149.34.bc.googleusercontent.com
pd.cdnwidget.com
idr.cdnwidget.com
1    2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
ids.cdnwidget.com
7    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
2    34.149.254.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.254.149.34.bc.googleusercontent.com
pix.cdnwidget.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    172.217.165.142 (None, )

ASN- ()
www.youtube.com
Apex Domain
Subdomains		 Transfer
21 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
10742279.fls.doubleclick.net — Cisco Umbrella Rank: 359258
ad.doubleclick.net — Cisco Umbrella Rank: 150
10265292.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
9231397.fls.doubleclick.net — Cisco Umbrella Rank: 393995
4 KB
17 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2308
api.bounceexchange.com — Cisco Umbrella Rank: 2783
394 KB
15 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
trc.taboola.com — Cisco Umbrella Rank: 686
psb.taboola.com — Cisco Umbrella Rank: 5951
trc-events.taboola.com — Cisco Umbrella Rank: 2720
pips.taboola.com — Cisco Umbrella Rank: 1746
cds.taboola.com — Cisco Umbrella Rank: 1697
39 KB
12 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 9046
st.dynamicyield.com — Cisco Umbrella Rank: 8579
async-px.dynamicyield.com — Cisco Umbrella Rank: 9020
258 KB
12 amplience.net
cdn.media.amplience.net — Cisco Umbrella Rank: 13697
cdn.c1.amplience.net — Cisco Umbrella Rank: 27546
cdn.static.amplience.net — Cisco Umbrella Rank: 40972
5 MB
11 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 945
match.adsrvr.org — Cisco Umbrella Rank: 373
7 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
187 KB
9 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
237 KB
8 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 930
7 KB
8 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 479
ib.adnxs.com — Cisco Umbrella Rank: 267
8 KB
8 elfcosmeticsus.us
www.elfcosmeticsus.us
2 MB
6 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2192
616 B
6 elfcosmetics.com
sgtm.elfcosmetics.com — Cisco Umbrella Rank: 154857
4 KB
6 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2490
1 KB
6 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3226
t.paypal.com — Cisco Umbrella Rank: 3852
127 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
496 KB
5 cdnwidget.com
pd.cdnwidget.com — Cisco Umbrella Rank: 3732
ids.cdnwidget.com — Cisco Umbrella Rank: 3761
pix.cdnwidget.com — Cisco Umbrella Rank: 4305
idr.cdnwidget.com — Cisco Umbrella Rank: 5386
2 KB
5 jebbit.com
js.jebbit.com — Cisco Umbrella Rank: 41381
external-api.jebbit.com — Cisco Umbrella Rank: 38201
61 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
6 KB
4 inside.chat
cdn8.eu.inside.chat — Cisco Umbrella Rank: 137286
www8.eu.inside.chat — Cisco Umbrella Rank: 334235
65 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 4830
page.cdnbasket.net — Cisco Umbrella Rank: 4844
view.cdnbasket.net — Cisco Umbrella Rank: 4842
1014 B
3 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 1994
alb.reddit.com — Cisco Umbrella Rank: 1330
859 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
13 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
548 B
2 blisspointmedia.com
cdn.blisspointmedia.com — Cisco Umbrella Rank: 7240
1 KB
2 pointmediatracker.com
pixel.pointmediatracker.com — Cisco Umbrella Rank: 13174
902 B
2 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 3529
7 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 982
25 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
837 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 609
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 399
888 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 413
3 KB
2 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 9877
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5587
699 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
508 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 751
576 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 905
523 B
1 cnnx.link
js.cnnx.link — Cisco Umbrella Rank: 10534
1 KB
1 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3430
88 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
309 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5850
15 KB
1 ordergroove.com
static.ordergroove.com — Cisco Umbrella Rank: 32550
52 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8659
15 KB
1 curalate.com
edge.curalate.com — Cisco Umbrella Rank: 10427
20 KB
196 46
Domain Requested by
16 assets.bounceexchange.com tag.wknd.ai
assets.bounceexchange.com
11 cdn.cookielaw.org www.elfcosmeticsus.us
cdn.cookielaw.org
9 analytics.tiktok.com www.elfcosmeticsus.us
analytics.tiktok.com
9 cdn.media.amplience.net 2 redirects www.elfcosmeticsus.us
8 ct.pinterest.com s.pinimg.com
8 async-px.dynamicyield.com cdn.dynamicyield.com
8 www.elfcosmeticsus.us www.elfcosmeticsus.us
7 match.adsrvr.org 5 redirects www.elfcosmeticsus.us
6 events.bouncex.net
6 trc-events.taboola.com cdn.taboola.com
6 sgtm.elfcosmetics.com www.googletagmanager.com
6 ad.doubleclick.net www.elfcosmeticsus.us
6 10742279.fls.doubleclick.net 3 redirects www.googletagmanager.com
6 secure.adnxs.com 2 redirects www.elfcosmeticsus.us
6 sdk.iad-05.braze.com www.elfcosmeticsus.us
6 www.googletagmanager.com www.elfcosmeticsus.us
www.googletagmanager.com
5 www.paypal.com www.elfcosmeticsus.us
www.paypal.com
4 www.facebook.com
4 9231397.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 js.jebbit.com www.elfcosmeticsus.us
js.jebbit.com
4 insight.adsrvr.org 3 redirects
3 cdn8.eu.inside.chat www.elfcosmeticsus.us
cdn8.eu.inside.chat
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 trc.taboola.com cdn.taboola.com
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 www.youtube.com www.googletagmanager.com
www.youtube.com
3 cdn.dynamicyield.com www.elfcosmeticsus.us
st.dynamicyield.com
2 pix.cdnwidget.com 1 redirects
2 alb.reddit.com
2 cdn.blisspointmedia.com
2 pixel.pointmediatracker.com 2 redirects
2 tag.wknd.ai www.elfcosmeticsus.us
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 idsync.rlcdn.com 2 redirects
2 analytics.google.com www.elfcosmeticsus.us
2 10265292.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 dsum-sec.casalemedia.com 1 redirects www.elfcosmeticsus.us
2 x.bidswitch.net 2 redirects
2 ib.adnxs.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 api.ipify.org www.elfcosmeticsus.us
2 cdn.static.amplience.net www.elfcosmeticsus.us
1 idr.cdnwidget.com
1 pippio.com 1 redirects
1 api.bounceexchange.com assets.bounceexchange.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 pd.cdnwidget.com assets.bounceexchange.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 external-api.jebbit.com js.jebbit.com
1 www8.eu.inside.chat cdn8.eu.inside.chat
1 cds.taboola.com cdn.taboola.com
1 pixel-config.reddit.com www.redditstatic.com
1 pips.taboola.com cdn.taboola.com
1 simage2.pubmatic.com 1 redirects
1 tags.rd.linksynergy.com www.elfcosmeticsus.us
1 stats.g.doubleclick.net www.elfcosmeticsus.us
1 js.cnnx.link cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 t.contentsquare.net www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 st.dynamicyield.com www.elfcosmeticsus.us
1 t.paypal.com www.elfcosmeticsus.us
1 geolocation.onetrust.com cdn.cookielaw.org
1 ut.rd.linksynergy.com tag.rmp.rakuten.com
1 websdk.appsflyer.com www.elfcosmeticsus.us
1 static.ordergroove.com www.elfcosmeticsus.us
1 tag.rmp.rakuten.com www.elfcosmeticsus.us
1 edge.curalate.com www.elfcosmeticsus.us
edge.curalate.com
1 cdn.c1.amplience.net www.elfcosmeticsus.us
196 74
Subject Issuer Validity Valid
www.elfcosmeticsus.us
R10		 2024-09-09 -
2024-12-08		 3 months crt.sh
dm.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-05 -
2025-08-14		 a year crt.sh
c1.amplience.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-15 -
2025-10-23		 a year crt.sh
edge.curalate.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
cookielaw.org
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M03		 2024-08-18 -
2025-09-16		 a year crt.sh
tag.rmp.rakuten.com
WR3		 2024-09-26 -
2024-12-25		 3 months crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.ordergroove.com
Go Daddy Secure Certificate Authority - G2		 2024-08-09 -
2025-08-20		 a year crt.sh
*.appsflyer.com
Amazon RSA 2048 M03		 2024-02-04 -
2025-03-03		 a year crt.sh
sdk.iad-05.braze.com
WE1		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2024-01-23 -
2025-01-22		 a year crt.sh
geolocation.onetrust.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
t.contentsquare.net
Amazon RSA 2048 M03		 2024-08-13 -
2025-09-10		 a year crt.sh
js.cnnx.link
Amazon RSA 2048 M02		 2024-06-09 -
2025-07-08		 a year crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
sgtm.elfcosmetics.com
WR3		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-14 -
2024-11-12		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.jebbit.com
Amazon RSA 2048 M02		 2024-04-23 -
2025-05-21		 a year crt.sh
tag.wknd.ai
R11		 2024-09-15 -
2024-12-14		 3 months crt.sh
eu.inside.chat
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
assets.bounceexchange.com
WR3		 2024-09-15 -
2024-12-14		 3 months crt.sh
data.cdnbasket.net
WR3		 2024-10-28 -
2025-01-26		 3 months crt.sh
page.cdnbasket.net
WR3		 2024-09-07 -
2024-12-06		 3 months crt.sh
view.cdnbasket.net
WR3		 2024-11-05 -
2025-02-03		 3 months crt.sh
pd.cdnwidget.com
R11		 2024-09-08 -
2024-12-07		 3 months crt.sh
ids.cdnwidget.com
R11		 2024-09-08 -
2024-12-07		 3 months crt.sh
*.wunderkind.co
R10		 2024-10-01 -
2024-12-30		 3 months crt.sh
idr.cdnwidget.com
R10		 2024-09-08 -
2024-12-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh

This page contains 11 frames:

Primary Page: https://www.elfcosmeticsus.us/
Frame ID: E31627245BCC7EBEB0B2A1D87DDE7EF8
Requests: 181 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.12&integrationType=SDK
Frame ID: C40894E587BF642547FA783D233D42BE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmeticsus.us
Frame ID: 52C5E0DAB80E862F398A0E65F8C86B65
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CK7OhvewxYkDFZSKdwEdxVEvjQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: 4822A8CCF386E7031016D2F448F821FD
Requests: 1 HTTP requests in this frame

Frame: https://10265292.fls.doubleclick.net/activityi;dc_pre=CLjhkPewxYkDFVK0ywEdG1kL6w;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: CA1C44C35C6C35DF993CD8A8FD7303C2
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CKrOj_iwxYkDFXgOTwgdVv8TSg;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: B8E0BF69179FCFA754119B780F5CC30D
Requests: 1 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=CMmrqfiwxYkDFTy50QQdeC8N8w;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: 95145D64DD054BADA60E5D363E23988D
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 07EDC1255C5865DEF79CFC4AD7EDA2F1
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 36416EDBB43B77EFD740935332888792
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CMOP3_uwxYkDFUqKdwEdDAIiXw;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: B44A553678B6F9560D9A74CF76D06038
Requests: 1 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=CNjC4PuwxYkDFUGZ0QQdT9Igqg;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Frame ID: CFCA3624C8F9B09F90F28C0ED5249A30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

e.l.fs. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. Cosmetics

Page URL History Show full URLs

  1. http://www.elfcosmeticsus.us/ HTTP 307
    https://www.elfcosmeticsus.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

196
Requests

93 %
HTTPS

30 %
IPv6

46
Domains

74
Subdomains

64
IPs

3
Countries

8472 kB
Transfer

17827 kB
Size

75
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.elfcosmeticsus.us/ HTTP 307
    https://www.elfcosmeticsus.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080 HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
Request Chain 17
  • https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080 HTTP 302
  • https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
Request Chain 52
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Request Chain 53
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzRkMzUwN2EtZDBmMC00ZTZiLWFlYTYtMTNkMDExYWYyN2Ew&gdpr=0&gdpr_consent=&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=MzRkMzUwN2EtZDBmMC00ZTZiLWFlYTYtMTNkMDExYWYyN2Ew&gdpr=0&gdpr_consent=&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0&google_error=15 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=34d3507a-d0f0-4e6b-aea6-13d011af27a0&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3378436710752356451&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0 HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Request Chain 54
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Request Chain 55
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7549dba-89fc-469b-840f-f2f77f563f9f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3378436710752356451&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expiration=1733408236&gdpr=0&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expiration=1733408236&gdpr=0&gdpr_consent=&C=1
Request Chain 69
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CK7OhvewxYkDFZSKdwEdxVEvjQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 73
  • https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://10265292.fls.doubleclick.net/activityi;dc_pre=CLjhkPewxYkDFVK0ywEdG1kL6w;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 87
  • https://idsync.rlcdn.com/458359.gif?partner_uid=cbf52927-0833-4d4e-9d36-27214fcb20c8 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGNiZjUyOTI3LTA4MzMtNGQ0ZS05ZDM2LTI3MjE0ZmNiMjBjOBAAGg0I7NGouQYSBQjoBxAAQgBKAA HTTP 307
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=29b4d936b84b29bcc99e51da7501b6b41f2f295ab7edf590a818fa863a96e0cb6ac34734d8e453ee
Request Chain 101
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CKrOj_iwxYkDFXgOTwgdVv8TSg;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 104
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=ac590e6d-d6d7-4315-bc5c-68ffacde1e44&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=432867106 HTTP 302
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif
Request Chain 106
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=34d3507a-d0f0-4e6b-aea6-13d011af27a0&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 120
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CMmrqfiwxYkDFTy50QQdeC8N8w;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 167
  • https://pix.cdnwidget.com/redirect?CID=2oQykpGE2lbXDnssDoSd4UzOqMu&DID=2oQykpgLeBJiFCnaFMQVk3vGeU0&v=&iv=&deviceid=710553794453076817&visitid=1730816239741709&wsid=4142&apikey=2^HIykD HTTP 302
  • https://pippio.com/api/sync?pid=5749 HTTP 307
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Request Chain 173
  • https://www.googleadservices.com/pagead/conversion/698270988/?random=148852873&fst=1730816242785&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&tiba=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&bttype=purchase&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&uip=162.245.206.0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&tag_exp=101823848~101878899~101878944~101925629&s3p=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=143165810&fst=1730816242785&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&tiba=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&uip=162.245.206.0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&tag_exp=101823848~101878899~101878944~101925629&s3p=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChEIgKGnuQYQsvLLmf-Zo56BARIdAIF2TylzG3sJQwPL_YTN4C3crg-xFzJdKAFs8MI&pscrd=IhMIpZzi-rDFiQMVlwxoCB08EAMxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5lbGZjb3NtZXRpY3N1cy51cy8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/698270988/?random=143165810&fst=1730816242785&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&tiba=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&uip=162.245.206.0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&tag_exp=101823848~101878899~101878944~101925629&s3p=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIpZzi-rDFiQMVlwxoCB08EAMxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5lbGZjb3NtZXRpY3N1cy51cy8&is_vtc=1&cid=CAQSKQCa7L7diPytqkohyzly6wkUfdhEx-W15TmCLEqg2rCTOsT3Mpq-IXUW&eitems=ChEIgKGnuQYQsvLLmf-Zo56BARIdAIF2TynsFRTyv8AqXYNeYcBeh-FCYvIvYynPpm4&random=2899197093
Request Chain 181
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CMOP3_uwxYkDFUqKdwEdDAIiXw;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 183
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F HTTP 302
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CNjC4PuwxYkDFUGZ0QQdT9Igqg;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F
Request Chain 185
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=ac590e6d-d6d7-4315-bc5c-68ffacde1e44&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=2059689480 HTTP 302
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif

196 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.elfcosmeticsus.us/
Redirect Chain
  • http://www.elfcosmeticsus.us/
  • https://www.elfcosmeticsus.us/
1019 KB
279 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
fb6f0aea4908f409e88318c237c0056c3fec4e73e99f815d2f20e545bcfa6087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 05 Nov 2024 14:17:11 GMT
etag
W/"66763d5b-feb4f"
last-modified
Sat, 22 Jun 2024 02:56:27 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://www.elfcosmeticsus.us/
Non-Authoritative-Reason
HttpsUpgrades
init.js
www.elfcosmeticsus.us/XT4Gy2ig/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/XT4Gy2ig/init.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:17:11 GMT
content-type
text/html
server
nginx
0624_HPTILE_SPOTLIGHT_SOFTGLAM_D
cdn.media.amplience.net/v/elfcosmetics/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddf771e6fd5c0ff146456f571d974f1a9f5f0aa8ac76f271aeda939bcc075c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
HIT
age
595
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
RI6y2x3tD,l4p5bDg2e,lTTxSknl0,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
p3uzEANf6Q
x-amp-source-height
520
x-amp-cf-worker
true
cf-ray
8ddd774aa8757bb3-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
24426
x-amp-published
Mon, 06 May 2024 23:46:56 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
truncated
/ 		37 B
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
ELF_Bronzer_HomepageTile_Comments_1440x1040
cdn.media.amplience.net/v/elfcosmetics/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d237f9147434eb7ca13c686da4346e03a6210da929e3e7f251370d2d0a149823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
HIT
age
595
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
image/jpeg
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
bwyX4gLvj,l4p5bDg2e,X_K2lO9lh,k4NPUWi7z
cache-control
s-maxage=86400, max-age=1800
x-req-id
66oY_j1fxi
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8ddd774aa87a7bb3-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
37661
x-amp-published
Wed, 05 Jun 2024 19:29:20 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
elf-skin-logo_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/elf-skin-logo_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4526135c25caf69aa3b5ae9c0d208f0f71c4ad23a51a3dacc5875d784f39bf89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
HIT
age
595
x-amp-source-width
289
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
iXKo416cD,l4p5bDg2e,xPkOqKkZZ,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
6BTji47-cm
x-amp-source-height
257
x-amp-cf-worker
true
cf-ray
8ddd774aa8797bb3-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
2803
x-amp-published
Tue, 02 Apr 2024 23:34:45 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
go-wild-bronzies-2024-06-10-headline-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/go-wild-bronzies-2024-06-10-headline-1_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b60bb652094955b45736f763e9240f61f944c699831d13f14b34721d6560b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
HIT
age
595
x-amp-source-width
1136
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
4_KhEaCg0,l4p5bDg2e,QzFMFH4vh,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
r1gKs84_4U
x-amp-source-height
245
x-amp-cf-worker
true
cf-ray
8ddd774aa87b7bb3-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
31390
x-amp-published
Mon, 03 Jun 2024 23:31:19 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
locale-link-rewriter-0.0.2-min
cdn.c1.amplience.net/c/elfcosmetics/ 		553 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:226c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
s-maxage=1800, max-age=120
content-encoding
gzip
cf-cache-status
HIT
cf-ray
8ddd774aad8352cb-LAX
access-control-allow-origin
*
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=1800
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Nov 2024 14:01:18 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmeticsus.us
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.elfcosmeticsus.us
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
soft-glam-satin-2024-5-spotlights_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-spotlights_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
HIT
age
595
x-amp-source-width
2880
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
image/webp
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
duPuIM7RN,l4p5bDg2e,KQtgulBJr,DtzGFM5oJ
cache-control
s-maxage=86400, max-age=1800
x-req-id
i1vxw4Vqhv
x-amp-source-height
1700
x-amp-cf-worker
true
cf-ray
8ddd774aa8777bb3-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
150302
x-amp-published
Mon, 20 May 2024 23:26:06 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
soft-glam-satin-2024-5-background_D-min
cdn.media.amplience.net/i/elfcosmetics/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-background_D-min?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51db2800976ae0311153917c1b90973847211e03c6cafddade13410f9ea3ece0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
HIT
age
595
x-amp-source-width
2880
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
o1m8F6mmu,l4p5bDg2e,4wgAmq7JA,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
GFGv763Nhf
x-amp-source-height
662
x-amp-cf-worker
true
cf-ray
8ddd774aa8787bb3-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
3526
x-amp-published
Mon, 20 May 2024 23:26:15 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
vendor1a41.js
www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/ 		2 MB
717 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"667540a4-2335b5"
expires
Wed, 06 Nov 2024 02:17:12 GMT
date
Tue, 05 Nov 2024 14:17:12 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 08:58:12 GMT
server
nginx
vary
Accept-Encoding
main1a41.js
www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/ 		2 MB
569 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"66754098-1eb0e7"
expires
Wed, 06 Nov 2024 02:17:12 GMT
date
Tue, 05 Nov 2024 14:17:12 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 08:58:00 GMT
server
nginx
vary
Accept-Encoding
pages-home1a41.js
www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/pages-home1a41.js?yocs=1u_1y_
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"66754099-14c9"
expires
Wed, 06 Nov 2024 02:17:12 GMT
date
Tue, 05 Nov 2024 14:17:12 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 08:58:01 GMT
server
nginx
vary
Accept-Encoding
site.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/ 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"50d92f85574de50a7d4a214fa4131720"
x-amz-version-id
.qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr
age
667
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
content-type
application/javascript
last-modified
Fri, 07 Jun 2024 18:56:15 GMT
vary
Accept-Encoding
x-amz-id-2
ecrdJdLmjBEMndr+z4/0I1ubBWRzk51d+krqqlKuhb2lKmCLxjR0miL1sDszQOpemd3NhdB/JSg=
x-amz-replication-status
COMPLETED
cache-control
max-age=1800,s-maxage=1800
x-amz-request-id
PKQMV8XEDV9JZ3ZK
cf-ray
8ddd774c29fe14f0-LAX
server
cloudflare
x-amz-server-side-encryption
AES256
ELF_Bronzer_HomepageTile_Comments_1440x1040
cdn.media.amplience.net/v/elfcosmetics/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040?fmt=auto
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49764ec01740feb1948116ed1f841b74efb21ff4c074d8e7d9927db585a5ea04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
HIT
age
595
x-amp-source-width
1440
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
image/avif
last-modified
Tue, 05 Nov 2024 14:07:17 GMT
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
4tFG1rHSW,l4p5bDg2e,X_K2lO9lh,WepA0szpz
cache-control
s-maxage=86400, max-age=1800
x-req-id
xFn7Ii3Ppz
x-amp-source-height
1040
x-amp-cf-worker
true
cf-ray
8ddd774bc9537bb3-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
13690
x-amp-published
Wed, 05 Jun 2024 19:29:20 GMT
x-amp-srv
CF
x-xss-protection
1; mode=block
server
cloudflare
ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080
  • https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
2606:4700:4400::6812:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
3000
cf-cache-status
HIT
x-amz-version-id
null
etag
"f9cd69df864aaabae94e683234b307a4"
age
595
access-control-allow-methods
GET, HEAD
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
video/mp4
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 06 May 2024 23:46:56 GMT
x-amz-id-2
ckf6svQCdY9fUiKmZA05QS8pG0bruoBRl3UcLsa4PozCPzcFljOVHGDiHAJI8FiWnhcAozLtPOo=
Content-Range
bytes 0-2539191/2539192
x-amz-request-id
FH59B6YSAJDMZE86
cf-ray
8ddd7753e814d7a4-LAX
access-control-allow-origin
*
Content-Length
2539192
server
cloudflare

Redirect headers

cf-cache-status
HIT
age
595
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
Nqa1bYrSJ,l4p5bDg2e,lTTxSknl0
cache-control
s-maxage=86400, max-age=1800
location
https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4
x-amp-cf-worker
true
cf-ray
8ddd774bd9597bb3-LAX
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
x-amp-srv
CF
server
cloudflare
b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/
Redirect Chain
  • https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080
  • https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
2606:4700:4400::6812:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
3000
cf-cache-status
HIT
x-amz-version-id
null
etag
"bb4f3cb26295704a9279f0ebaaaca661"
age
595
access-control-allow-methods
GET, HEAD
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
video/mp4
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 05 Jun 2024 19:29:19 GMT
x-amz-id-2
6WKv8+kqAFpSRpBGGNGSXCruAVwMRI0qgyo4WFe8VyEnCxqo7b1txQiw6j5Pg/yag0yGZAezEjQ=
Content-Range
bytes 0-1946953/1946954
x-amz-request-id
FH5BB68JFB166DQB
cf-ray
8ddd7753e80dd7a4-LAX
access-control-allow-origin
*
Content-Length
1946954
server
cloudflare

Redirect headers

cf-cache-status
HIT
age
595
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:12 GMT
edge-control
max-age=86400
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
edge-cache-tag
RJ2EA5tGN,l4p5bDg2e,X_K2lO9lh
cache-control
s-maxage=86400, max-age=1800
location
https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4
x-amp-cf-worker
true
cf-ray
8ddd774bd95a7bb3-LAX
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
x-amp-srv
CF
server
cloudflare
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCFC9F5ED5E337
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
44803
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/javascript
last-modified
Mon, 04 Nov 2024 07:07:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ae139fa6-f01e-00d5-73d5-2edb57000000
cf-ray
8ddd77529b950d5c-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
gtm.js
www.googletagmanager.com/ 		552 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9956aa6e577180802d6ca07c1e0af6140024b2d491aba9a6205486ec82ba670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 05 Nov 2024 14:17:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
146118
x-xss-protection
0
server
Google Tag Manager
api_dynamic.js
cdn.dynamicyield.com/api/8772046/ 		572 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
031891366cb372682dad9fd5caab813101f2e6cf0554376b28413cf277d29dd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=30
content-encoding
gzip
etag
W/"6768bb3660d73c681249a7dcb6add360"
age
11
via
1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
4R2jKJbLh2ZzrLkKcwgfMWqBgM03ov8AlxdTmy7a0dO8M-dButyEfQ==
date
Tue, 05 Nov 2024 14:17:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Nov 2024 12:52:47 GMT
server
DYCDN
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
api_static.js
cdn.dynamicyield.com/api/8772046/ 		395 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
72ff5a1f7f8d2a84d8976552d8a42bb69c9ff70656b0c902af9c57902de5b3c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=28800
content-encoding
gzip
etag
W/"15bb49298c3e6444486bceb2176f1eaa"
age
20070
via
1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
nRdIDUIIll1DBmh_eXW6mfnUmTFphs4h2vbSXVEOf_rhAXk0OGUxQA==
date
Tue, 05 Nov 2024 08:42:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 15:26:16 GMT
server
DYCDN
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
110221.ct.js
tag.rmp.rakuten.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
a4082e2251f7f6b4f042842260bac0fb0a9ad35e03752c79f2aabbe18f458d85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=86400
content-encoding
gzip
x-samesite
secure
via
1.1 google
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
hit
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
text/javascript
last-modified
Tue, 05 Nov 2024 14:17:13 GMT
/
api.ipify.org/ 		24 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f035c7ccba1e210d803fd67ad4d13a420cd698f51109e15903d6a3febf7173ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ddd7752c9ed2f6e-LAX
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=70480&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3970&recv_bytes=2242&delivery_rate=55988&cwnd=233&unsent_bytes=0&cid=cb68590272b56f6e&ts=154&x=0"
content-length
24
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
api.ipify.org/ 		24 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f035c7ccba1e210d803fd67ad4d13a420cd698f51109e15903d6a3febf7173ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ddd7753bac72f6e-LAX
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=70502&sent=12&recv=16&lost=0&retrans=0&sent_bytes=4335&recv_bytes=2303&delivery_rate=55988&cwnd=236&unsent_bytes=0&cid=cb68590272b56f6e&ts=307&x=0"
content-length
24
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/json
vary
Origin
server
cloudflare
js
www.paypal.com/sdk/ 		425 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fa4a24e56a5f43d0a2382698cabcd2605b99d72bfc04510e148775bc91347eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f9480946e20f2
content-encoding
gzip
etag
W/"1d85c-vSAYDxzp7DNTcynG/Z16cKn0qwE"
age
9283
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f9480946e20f2-eeaada35b6e3ca28-01
server-timing
"traceparent;desc="00-0000000000000000000f9480946e20f2-23ae146c60dc9fa3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-bur-kbur8200079-BUR, cache-bur-kbur8200079-BUR
x-cache-hits
3, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-xnwiF0X1DuOSYnSKZt9Dh5Th28r9kTTp1rWkayO7ig4jXMaU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730816233.413934,VS0,VE4
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
120924
x-xss-protection
1; mode=block
main.js
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/main1a41.js?yocs=1u_1y_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.20.204 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-20-204.deploy.static.akamaitechnologies.com
Software
nginx / Express
Resource Hash
0c22692fd69ca82d18566270bcbf1bd4c8b2f53fcc163cbd2dbffd6dfd0f8c5e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Strict-Transport-Security
max-age=15768000
Vary
Accept-Encoding
Cache-Control
must-revalidate, max-age=900
Content-Encoding
gzip
Connection
keep-alive
Expires
Tue, 05 Nov 2024 14:32:13 GMT
Access-Control-Allow-Origin
*
Content-Length
53116
Date
Tue, 05 Nov 2024 14:17:13 GMT
Content-Type
application/javascript;charset=UTF-8
X-Powered-By
Express
Server
nginx
X-Frame-Options
SAMEORIGIN
/
websdk.appsflyer.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-3.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-cf-pop
JFK50-P1
content-encoding
br
etag
W/"7ee104753099f9f00003724eb0a4c433"
age
2596
via
1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
NzXv5Ljp388ARbyR0ErM18jlc7LrMp19qrTVQeFh_pBi2Ap80mkoVw==
date
Tue, 05 Nov 2024 13:33:58 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Tue, 01 Oct 2024 07:07:49 GMT
x-amz-server-side-encryption
AES256
authorize
www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		548 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=ME_IWtEVxt6VeEehjoWfVOTm4MqEebg3lerDem233qw
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
text/html
server
nginx
/
sdk.iad-05.braze.com/api/v3/data/ 		709 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ce398755176d7bb65a5a106fd0e3a165297640d7f21323c1509c5d5a0fe794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmeticsus.us/
X-Braze-TriggersRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
6ee0ccaa-22f7-40de-9663-7a57941112a4
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"c3ce398755176d7bb65a5a106fd0e3a1"
access-control-allow-methods
POST, GET
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.135199
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1730816235
cf-ray
8ddd77552c682ab5-LAX
x-ratelimit-remaining
488.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8ddd77542b8b2ab5-LAX
content-encoding
gzip
date
Tue, 05 Nov 2024 14:17:13 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
experience.min.js
edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/ 		0
0
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
aY7kJA0jlzEL9QWHODNZDw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA5D566A7B63C
age
594
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Wed, 06 Nov 2024 14:17:13 GMT
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:25:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
c6645a48-e01e-00a7-2285-29aa69000000
cf-ray
8ddd775419512b7d-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
1832
x-ms-blob-type
BlockBlob
server
cloudflare
jsp
ut.rd.linksynergy.com/ 		148 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/110221.ct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
23ea38484e3fa6133fac9d3fa9ca6aa24e8b9ef4defa6620649f13148baa6746
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
date
Tue, 05 Nov 2024 14:17:13 GMT
x-samesite
secure
content-type
text/plain; charset=utf-8
local
www.paypal.com/credit-presentment/experiments/ Frame C408 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.12&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
7715
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1523
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
correlation-id
f754442606682
date
Tue, 05 Nov 2024 14:17:13 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-rcjjDmCYbnZKEiOs2pd/xEvI80U"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f754442606682
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f754442606682-f44fc67273fc084e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f754442606682-e74e0ceeff887ec7-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
587, 0
x-served-by
cache-bur-kbur8200139-BUR, cache-bur-kbur8200139-BUR
x-timer
S1730816234.923862,VS0,VE5
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmeticsus.us&t=xo&v=5.0.463&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ffhLnTf/AS26j+xiEoyKiZuVcAf7mTEKFNCPITfsRaz/RgfQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

paypal-debug-id
f9374340bc1ce
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
56839
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f9374340bc1ce-2a1abfa82573356c-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-bur-kbur8200079-BUR, cache-bur-kbur8200079-BUR
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ffhLnTf/AS26j+xiEoyKiZuVcAf7mTEKFNCPITfsRaz/RgfQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730816234.772536,VS0,VE5
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8ddd77562cb52ab8-LAX
access-control-allow-origin
*
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
ts
t.paypal.com/ 		42 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1730816233884&g=600&completeurl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&ru=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
db20c889d3242
correlation-id
db20c889d3242
expires
Tue, 05 Nov 2024 14:17:14 GMT
traceparent
00-0000000000000000000db20c889d3242-87bfaf9258fa9108-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000db20c889d3242-c90b6471de7d385a-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
image/gif
x-served-by
cache-bur-kbur8200148-BUR
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1730816234.094120,VS0,VE48
via
1.1 varnish
accept-ranges
bytes
authorize
www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 		548 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=s9buERbzRoPMelRhihhUsZcUDIpvUbkiahABT_DrpBU
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

c_x-pwa-request
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:17:13 GMT
content-type
text/html
server
nginx
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee66778dba8431b64c285bbfcc94d437a298b46e129512f2371e3c7d13a2bcd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
59367
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=461723
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
68f325c9-c01e-007c-2313-240ebf000000
cf-ray
8ddd77574fbf0d5c-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8ddd77574ebb2ab5-LAX
content-encoding
gzip
date
Tue, 05 Nov 2024 14:17:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb13e9c26057efaf974aa6f40ee9616e4c7d92bf963e6ce80455561a55a11d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmeticsus.us/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
29
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
b6778a85-7ae4-44da-8777-55994d7a47ce
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"edb13e9c26057efaf974aa6f40ee9616"
access-control-allow-methods
POST, GET
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.048611
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1730816235
cf-ray
8ddd77583fab2ab5-LAX
x-ratelimit-remaining
487.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ 		20 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v_4b.a5/mobify/bundle/11418/vendor1a41.js?yocs=1u_1y_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfcosmeticsus.us/
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Braze-Req-Tokens-Remaining
28
X-Braze-FeatureFlagsRequest
true
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age
7200
x-request-id
5c5fc8cd-fbc3-458c-ab68-f57a4c3fd987
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"e92f434a50c76d6e52d0d3cc91cdf185"
access-control-allow-methods
POST, GET
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.038374
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1730816235
cf-ray
8ddd7758c8422ab5-LAX
x-ratelimit-remaining
482.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
sync
sdk.iad-05.braze.com/api/v3/feature_flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/feature_flags/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8ddd77574ebf2ab5-LAX
content-encoding
gzip
date
Tue, 05 Nov 2024 14:17:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
st
st.dynamicyield.com/ 		160 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=pzesjz3i36cuxxnea2qh3l56jsxrhywi&ref=&scriptVersion=2.44.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:5600:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6361afc85e34c0b40ecd5bdaac3b4c5baef74a94a4822dd8c22a1f9e28c48e1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
content-encoding
gzip
via
1.1 7f9811832df4c0ab77fe1a54ea6ba566.cloudfront.net (CloudFront)
expires
Tue, 05 Nov 2024 14:17:13 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-amz-cf-id
KwRn8m47f6mxHADITDjr5mAVEF2VAP0mFwXObUtuBH3r2AHFvmTHGg==
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P6
js
www.googletagmanager.com/gtag/ 		315 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af30ad09ee7c61a2827e7df6838b13fb1c8a63b46d781c979c0906b5de54bb89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 05 Nov 2024 14:17:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107588
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=841646024.1730816235&auid=647214912.1730816235&npa=0&gtm=45He4au0v896608294za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730816234540&tfd=3214&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options
nosniff
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires
Tue, 05 Nov 2024 14:17:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
destination
www.googletagmanager.com/gtag/ 		229 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25e26594b519c847b3e55dc7aef2d56cadc5d473106b639e21c4c9b4db08db36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 05 Nov 2024 14:17:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83643
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75af44c111fb56615680a1ace75c374177bb7f7d1a6bc7132227df732be79443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 05 Nov 2024 14:17:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85011
x-xss-protection
0
server
Google Tag Manager
tfa.js
cdn.taboola.com/libtrc/unip/1691051/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
902be7e3440e4c3a980af18149fdaedc6bacb12e778d070683bf7ada4f8ff606

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
"adb5c9ead829e9477719146e238a6c9e"
x-amz-version-id
yEdOa1CqhNvZuF0vXSiObR9ghJ8Ym0aq
age
51
x-cache
HIT
date
Tue, 05 Nov 2024 14:17:14 GMT
last-modified
Sun, 03 Nov 2024 11:10:53 GMT
x-served-by
cache-lax-kwhp1940026-LAX
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
z3nLFdRHl7EICCDeTHERklQ8SgZ/eNCKEStdWmMYHnHSL2GTbnkjP/k2/sjjqDC2xAT9EZcQ3+Q=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1730816235.750651,VS0,VE2
via
1.1 varnish
x-amz-request-id
KP12Q1VE8NSN8SCQ
accept-ranges
bytes
access-control-allow-origin
*
abp
5
content-length
25631
server
AmazonS3
x-amz-server-side-encryption
AES256
1a8bfa042c9c5.js
t.contentsquare.net/uxa/ 		371 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-108.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dc33809c863fbdc63a5ba93cd0bbe8e10f205991697350cf44b14a5572a83ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
etag
"7b2fb62ade7a1c27cef402b5eea0ceb1"
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Wxmyt-xTk1p0smDFaLupIdSC7CvlIHfLt7nKq0gfkA5kVZ-lCgORxw==
date
Tue, 05 Nov 2024 13:36:21 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding, Origin
last-modified
Wed, 30 Oct 2024 13:35:12 GMT
cache-control
max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 20807453c5a15da53ec1d3eb5e2fdcca.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
89847
x-amz-cf-pop
JFK52-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.245; 162.245.206.245; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
a9eda3e9-e652-4425-8054-5077bd05cf25
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:17:15 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.245; 162.245.206.245; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
02710fd2-3754-47d2-9ef7-75a67331fc1b
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:17:14 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzRkMzUwN2EtZDBmMC00ZTZiLWFlYTYtMTNkMDExYWYyN2Ew&gdpr=0&gdpr_consent=&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d01...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=MzRkMzUwN2EtZDBmMC00ZTZiLWFlYTYtMTNkMDExYWYyN2Ew&gdpr=0&gdpr_consent=&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0&google_error=15
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=34d3507a-d0f0-4e6b-aea6-13d011af27a0&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3378436710752356451&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
70
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
image/gif
server
Kestrel

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:17 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.245; 162.245.206.245; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
bb8a5e35-fcac-4f9d-9ece-773208966e72
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:17:15 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.245; 162.245.206.245; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
dc9d5587-0c30-4697-9e51-82d0c077f67f
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:17:14 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7549dba-89fc-469b-840f-f2f77f563f9f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3378436710752356451&ttd_tdid=34d3507a-d0f0-4e6b-aea6-13d011af27a0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expiration=1733408236&gdpr=0&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expiration=1733408236&gdpr=0&gdpr_consent=&C=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expiration=1733408236&gdpr=0&gdpr_consent=&C=1
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gf8dtqe6lLZuRWkR8HJr4Mco1NFR84PdsUFzOQU4cV%2Fg94dLMaVOEDQJ9y7kWOqEiBpDFW%2BNJHEpEJOQy%2BTa1uIIPKzlEYifmWd2rfi5ZvLFQQDItJfU9CuNeA7GKrTfDA54IDnnYD4iNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddd77683b38091e-LAX
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 05 Nov 2024 14:17:16 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/rum?cm_dsp_id=39&external_user_id=34d3507a-d0f0-4e6b-aea6-13d011af27a0&expiration=1733408236&gdpr=0&gdpr_consent=&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X68578eP%2FD1VdI1wz4rllWboR3HRyT2cpqFw1NQzD%2B55qm%2F4M5Bx%2FJLXnqqQ9sLIjbmo4RvsGCKB1MIP1ipJ7%2BTwpRz9tW1KBIabJOps9USWQtMgEKSMM4Al%2FClfIyJmjCjAAQ1VXsP1eA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddd7767aa6c091e-LAX
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 05 Nov 2024 14:17:16 GMT
vary
Accept-Encoding
server
cloudflare
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-4242-7b08-962b-1b36bd38c178/ 		230 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/01909eed-4242-7b08-962b-1b36bd38c178/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fcec3362c6e4f01b70b0c1b03c3892318f16ba44995683422daeb59552642c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
KPGY3GMDj7sSbC8xjf6+Kw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCA5D56C43B421
age
594
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Wed, 06 Nov 2024 14:17:14 GMT
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:25:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
99c8748a-401e-0044-6a2c-2d4fe6000000
cf-ray
8ddd775a788b2b7d-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
40699
x-ms-blob-type
BlockBlob
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 52C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmeticsus.us
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:07:20 GMT
expires
Wed, 05 Nov 2025 14:07:20 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56B3084E2
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
593
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
6c32a2f1-801e-00bc-6585-2984fb000000
cf-ray
8ddd775b79ab2b7d-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
3003
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
LtDYZmcfPNW39lMw/Yu0RQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E56C7CC8BB
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
593
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
9fbf8ef9-901e-0046-2c60-2b4d1c000000
cf-ray
8ddd775b79ad2b7d-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
12723
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
593
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
051f6356-f01e-00d5-4d85-29db57000000
cf-ray
8ddd775b79ae2b7d-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
unip
trc.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Fwww.elfcosmeticsus.us%252F&data=%257B%2522timestamp%2522%253A%252211%252F5%252F2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1730816234830&mrir=u&vi=1730816234807&cv=20241102-3-RELEASE&tos=10&ssd=1&scd=0&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL&psb=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmeticsus.us
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 05 Nov 2024 14:17:15 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-to-nlb-rtt
916
x-served-by
cache-bur-kbur8200089-BUR
x-service-version
v1
x-timer
S1730816235.018357,VS0,VE2
x-vcl-time-ms
2
topics_api
psb.taboola.com/ 		65 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1730816235.999808,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-lax-kwhp1940073-LAX
server
Varnish
x-cache-hits
0
cnxtag-min.js
js.cnnx.link/roi/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:1a00:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
max-age=600
content-encoding
gzip
age
366
via
1.1 google, 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kTFNr3nO4Z1-Jl-X9zDqJAdvJTOU06v3DyOnbDSJn7ICDc8rNISWfw==
date
Tue, 05 Nov 2024 14:11:08 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
JFK50-P1
unip
trc.taboola.com/1691051/log/3/ 		0
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1691051/log/3/unip?ce=ecomm&en=HOME_PAGE_VISIT&ref=null&item-url=https%253A%252F%252Fwww.elfcosmeticsus.us%252F&data=%257B%2522timestamp%2522%253A%252211%252F5%252F2024%2522%252C%2522eventType%2522%253A%2522HOME_PAGE_VISIT%2522%257D&cnxclid=undefined&tim=1730816234830&mrir=u&vi=1730816234807&cv=20241102-3-RELEASE&tos=10&ssd=1&scd=0&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL&psb=true
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 05 Nov 2024 14:17:15 GMT
content-type
image/gif
x-served-by
cache-lax-kwhp1940026-LAX
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
831
pragma
no-cache
x-timer
S1730816235.092024,VS0,VE4
x-vcl-time-ms
4
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.elfcosmeticsus.us
x-service-version
v1
server
nginx
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
83166
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
image/svg+xml
last-modified
Sat, 02 Nov 2024 02:18:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
812d9f92-a01e-0001-4157-2d9277000000
cf-ray
8ddd775c2bf00d5c-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
593
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
image/svg+xml
last-modified
Mon, 04 Nov 2024 17:30:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
a0d8a51a-f01e-009a-7760-2f1f4f000000
cf-ray
8ddd775c3a702b7d-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCFAE4A9298BCE
age
78510
cf-cache-status
HIT
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
image/png
last-modified
Sat, 02 Nov 2024 02:18:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
d61733a2-b01e-0096-2852-2df1be000000
cf-ray
8ddd775c5c070d5c-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
4036
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
5726
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:17:14 GMT
content-type
image/svg+xml
last-modified
Mon, 04 Nov 2024 07:07:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c8c8d831-b01e-00fb-2ede-2e5b90000000
cf-ray
8ddd775c5c080d5c-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
activityi;dc_pre=CK7OhvewxYkDFZSKdwEdxVEvjQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;...
10742279.fls.doubleclick.net/ Frame 4822
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=19368026...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CK7OhvewxYkDFZSKdwEdxVEvjQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfco...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CK7OhvewxYkDFZSKdwEdxVEvjQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
377
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:15 GMT
expires
Tue, 05 Nov 2024 14:17:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CK7OhvewxYkDFZSKdwEdxVEvjQ;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;uaa=;uab=;uaf...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flhp;ord=4935692478316;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1936802652;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:17:15 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"6047510342854789932"}],"aggregatable_trigger_data":[{"filters":[{"14":["12142143"]}],"key_piece":"0x4ebbd8ce23de2c1b","source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]},{"key_piece":"0x2d398dcd9707c6e2","not_filters":{"14":["12142143"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20457392":34,"20457393":34,"20457394":34,"20457395":3345,"21":6356,"22981708":131,"22981709":131,"22981710":131,"22981711":12713,"24748276":32,"24748277":32,"24748278":32,"24748279":3177,"628477676":32,"628477677":32,"628477678":32,"628477679":3177,"628627208":32,"628627209":32,"628627210":32,"628627211":3177,"642003348":32,"642003349":32,"642003350":32,"642003351":3177,"642003440":32,"642003441":32,"642003442":32,"642003443":3177,"642887056":65,"642887057":65,"642887058":65,"642887059":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"4986586725374814413","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6047510342854789932","filters":[{"14":["12142143"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6047510342854789932","filters":[{"14":["12142143"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6047510342854789932","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6047510342854789932","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10742279"]}}
content-type
image/png
x-xss-protection
0
server
cafe
collect
sgtm.elfcosmetics.com/g/ 		692 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=163627005.1730816235&ecid=458897738&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=841646024.1730816235&sst.adr=1&sst.ude=0&_s=1&sid=1730816234&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3693&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
177c457d89f90ff5f9cac296e5eef6286991bf9e77656f2c67096d912bd80f31
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:15 GMT
content-type
text/plain
server
Google Frontend
collect
sgtm.elfcosmetics.com/g/ 		65 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=163627005.1730816235&ecid=458897738&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=841646024.1730816235&sst.adr=1&sst.ude=0&_s=2&sid=1730816234&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=pageview&ep.vendor_id=pinterest&ep.email=&ep.event_id=1730816637457_17308170712179&ep.external_id=&ep.pinterest_pixel_id=549755876323&_et=5&tfd=3712&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:15 GMT
content-type
text/plain
server
Google Frontend
activityi;dc_pre=CLjhkPewxYkDFVK0ywEdG1kL6w;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
10265292.fls.doubleclick.net/ Frame CA1C
Redirect Chain
  • https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
  • https://10265292.fls.doubleclick.net/activityi;dc_pre=CLjhkPewxYkDFVK0ywEdG1kL6w;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10265292.fls.doubleclick.net/activityi;dc_pre=CLjhkPewxYkDFVK0ywEdG1kL6w;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
369
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:15 GMT
expires
Tue, 05 Nov 2024 14:17:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10265292.fls.doubleclick.net/activityi;dc_pre=CLjhkPewxYkDFVK0ywEdG1kL6w;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10265292;type=conte0;cat=homep0;ord=6485491405418;npa=1;auiddc=647214912.1730816235;ps=1;pcor=182382972;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787185z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:17:15 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"10768524215168963542"}],"aggregatable_trigger_data":[{"filters":[{"14":["10220349"]}],"key_piece":"0xa5a65f0fe11f4bdd","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x64e3eafd3534fec8","not_filters":{"14":["10220349"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"245054321035350357","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10768524215168963542","filters":[{"14":["10220349"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10768524215168963542","filters":[{"14":["10220349"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10768524215168963542","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10768524215168963542","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10265292"]}}
content-type
image/png
x-xss-protection
0
server
cafe
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.44.0/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Requested by
Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=pzesjz3i36cuxxnea2qh3l56jsxrhywi&ref=&scriptVersion=2.44.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DYCDN /
Resource Hash
2ec6c83ec1824898d15400462916551bf6761d2772bc3baec5b8fba523e03eb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

vary
accept-encoding
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"90e4adaea90c4ceca44f62f926a57eab"
age
184911
via
1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
TGyAWbNzQvC6mUNEPf7w1QyDldQZd5FTmnPJcJt_lCXzeahCPA00MQ==
date
Sun, 03 Nov 2024 10:55:25 GMT
content-type
text/javascript
last-modified
Sun, 13 Oct 2024 09:14:17 GMT
server
DYCDN
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
www-widgetapi.js
www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
age
32872
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 05:09:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 05:09:23 GMT
last-modified
Wed, 30 Oct 2024 04:17:07 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10143
x-xss-protection
0
server
sffe
collect
analytics.google.com/g/s/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.google.com/g/s/collect?dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&tag_exp=101823848~101878899~101878944~101925629&_gsid=5D80LRC85Ns0ALaHvo8vmRzFjjjB0LiQ
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:15 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&tid=G-5D80LRC85N&cid=1gVDt8%2FQErZ%2BkRCELA4NVX2kMsyccZtAHt3MYc9%2FFLA%3D.1730816235&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&tag_exp=101823848~101878899~101878944~101925629&aip=1
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:15 GMT
content-type
text/plain
server
Golfe2
uia
async-px.dynamicyield.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/uia?cnst=1&_=1730816235441
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
kOLqhwvIot-ejiygiD_8nJWr5rd2KEAB6gr4h9afLZ0qQbi2427E0A==
date
Tue, 05 Nov 2024 14:17:15 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=548129&uid=-4467570588102547222&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=f031a317bb5a3f76aa373eda8709dc02&expSes=76819&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=-1796880206884532784&cgtgDecisionId=-1796880209157343959&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730816234495&rri=9664166
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Pg74eDqSJtSe_oGAuJhfxCMLiiRy6gsmRdj-Q1VIPD53FAlcwjhCyw==
date
Tue, 05 Nov 2024 14:17:15 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=671989&uid=-4467570588102547222&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=f031a317bb5a3f76aa373eda8709dc02&expSes=76819&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=-1796880208299851060&cgtgDecisionId=-1796880207619926713&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730816234496&rri=7458745
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
G2p4_uaknZCUn-ilrgu_9C6x1AVMa6rX2Bz7hZGPQ1jD00R7vG3wuA==
date
Tue, 05 Nov 2024 14:17:15 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=446919&uid=-4467570588102547222&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=f031a317bb5a3f76aa373eda8709dc02&expSes=76819&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=-1796880207968892665&cgtgDecisionId=-1796880210193528984&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730816234497&rri=9203033
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
v5vitjiu_qN4YYTaf8RB-8pGzP9zxzbcF5iQKnHaicPWlB0hEqEFIg==
date
Tue, 05 Nov 2024 14:17:15 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=143497&uid=-4467570588102547222&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28646951%5D&ses=f031a317bb5a3f76aa373eda8709dc02&expSes=76819&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=-1796880209211217719&cgtgDecisionId=-1796880206652417605&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730816234498&rri=9267364
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Jx7aaROzaMNx-i2DAFHjE4pc15qoKbcUU14TrPVLawm992QaOBA-Vw==
date
Tue, 05 Nov 2024 14:17:15 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=697157&uid=-4467570588102547222&sec=8772046&t=ri&e=1750936&p=1&ve=13617998&va=%5B28818377%5D&ses=f031a317bb5a3f76aa373eda8709dc02&expSes=76819&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=-1796880207979597296&cgtgDecisionId=-1796880206570514425&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730816234499&rri=5791787
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
S0jFMQ84QzSGYIO54SG_frNSZ58UvhJMHMkkbZMB9STG-dVSAw446Q==
date
Tue, 05 Nov 2024 14:17:15 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
var
async-px.dynamicyield.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/var?cnst=1&_=407371&uid=-4467570588102547222&sec=8772046&t=ri&e=1750954&p=1&ve=13618112&va=%5B29271653%5D&ses=f031a317bb5a3f76aa373eda8709dc02&expSes=76819&aud=884367.884385.884387.1167402.1324059.1846919.2356145.884374.1004358.1092373.1274296.1426804.1443347.1182144.799438.799440&expVisitId=-1796880208968068195&cgtgDecisionId=-1796880209480343441&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1730816234500&rri=884123
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
lpkx_boYgbKHmEGEnMYpCr4WoBlZSnDnO0OgQzjvJnzTJe4ImQcj2A==
date
Tue, 05 Nov 2024 14:17:15 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
batch
async-px.dynamicyield.com/ 		0
385 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://async-px.dynamicyield.com/batch?cnst=1&_=1730816235544_910761
Requested by
Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.44.0/dy-coll-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-13.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 44bf771f8484aeae8f408da7ade14f32.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
qcsvuIjFHyZggYA_XKYyDvj1JkIxzImFkiTg9jBR019yq1ZFAuOmtw==
date
Tue, 05 Nov 2024 14:17:16 GMT
x-amz-cf-pop
JFK52-P5
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
cs
tags.rd.linksynergy.com/
Redirect Chain
  • https://idsync.rlcdn.com/458359.gif?partner_uid=cbf52927-0833-4d4e-9d36-27214fcb20c8
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGNiZjUyOTI3LTA4MzMtNGQ0ZS05ZDM2LTI3MjE0ZmNiMjBjOBAAGg0I7NGouQYSBQjoBxAAQgBKAA
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=29b4d936b84b29bcc99e51da7501b6b41f2f295ab7edf590a818fa863a96e0cb6ac34734d8e453ee
37 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=29b4d936b84b29bcc99e51da7501b6b41f2f295ab7edf590a818fa863a96e0cb6ac34734d8e453ee
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Tue, 05 Nov 2024 14:17:16 GMT
x-samesite
secure
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=29b4d936b84b29bcc99e51da7501b6b41f2f295ab7edf590a818fa863a96e0cb6ac34734d8e453ee
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 05 Nov 2024 14:17:16 GMT
unip
trc-events.taboola.com/1691051/log/3/ 		0
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1588&scd=0&ssd=1&est=1730816234819&ver=36&isls=true&src=i&invt=1500&msa=3297&rv=1&tim=1730816236409&mrir=u&vi=1730816234807&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-origin
https://www.elfcosmeticsus.us
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 05 Nov 2024 14:17:17 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=1588&scd=0&ssd=1&est=1730816234819&ver=36&isls=true&src=i&invt=1500&msa=3297&rv=1&tim=1730816236409&mrir=u&vi=1730816234807&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmeticsus.us
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 05 Nov 2024 14:17:16 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
destination
www.googletagmanager.com/gtag/ 		229 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.200 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
04334c34f7229a84060088639a8d17485457ebc64ab8561ee5b3c0d9eea1da0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 05 Nov 2024 14:17:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83635
x-xss-protection
0
server
Google Tag Manager
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2588::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
82750f27be03d4b9e57a91dfa19180873ddbb22dd81aba6854dd7b7ea08c1e9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
86400
cache-control
max-age=7200
access-control-expose-headers
X-CDN
content-encoding
br
etag
"ff059a8682cea8fb697d8b71b2e62b93"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
1879
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-xzJiCEDE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-xzJiCEDE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=24, mss=1232, tbw=8213, tp=13, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
oKQHCWD6xMAGl3W5H4ZZpKZlfptSg54z0wPsAGgNtAQbZmkTgJWPI0dmLkGKDBUuVw3N9ajSJJ3VoVI2n0KpIA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Tue, 05 Nov 2024 14:17:17 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F6FA9284A7F241F591365692D937FF7B Ref B: LAX311000109049 Ref C: 2024-11-05T14:17:17Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
json
trc.taboola.com/1691051/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1691051/trc/3/json?tim=1730816237500&data=%7B%22id%22%3A657%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1730816234807%2C%22cv%22%3A%2220241102-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Delfcosmetics-sccnx%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1730816237499%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22tos%22%3A2679%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7205a73b3eebc497352c834c61cea476f6a20f741769f0a5fc29e49fa1908073

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-lax-kwhp1940026-LAX
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
967
x-timer
S1730816238.562076,VS0,VE15
x-vcl-time-ms
15
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.1653125
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v2
server
nginx
events.js
analytics.tiktok.com/i18n/pixel/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3e0189b1cf26349d68eaaafba3ca5ebb38aaf7ede59f9e9beb75e76f16f35d6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
expires
Tue, 05 Nov 2024 14:17:17 GMT
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=3, origin; dur=14
x-cache
TCP_MISS from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
12368064
x-tt-trace-host
010522778f3f8eb274a64badeceef15946db9566693656421b88939b558ab5ef4e1689d64fff6380ce849be9f06a388706e69769aac210f3c99b206803627050c78a810a102aebd61a06bf87aa1fa2ba495e7f708d4cf66beeec9f191eb6e4e573
x-origin-response-time
15,184.51.148.207
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241105141717BD288FEE4631D8BFCACC-0A2D22E548F4FEAF-00
content-length
2411
x-tt-logid
20241105141717BD288FEE4631D8BFCACC
server
nginx
events.js
analytics.tiktok.com/i18n/pixel/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e8255ffa0cb6be7c00ad9ddfdb4a0b754ea7b5abd2be7be603e72ec33d2f6f85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
expires
Tue, 05 Nov 2024 14:17:17 GMT
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=1, origin; dur=14
x-cache
TCP_MISS from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
12368065
x-tt-trace-host
010522778f3f8eb274a64badeceef15946db9566693656421b88939b558ab5ef4e226c512cdaf15ab143a0e278e90499b3419a418b02c52e605cc3bd07f5124828abf1f701fbedf0fb7f6a0558bab41699a32821f0300919d12b6155a3d6c53f9b
x-origin-response-time
15,184.51.148.207
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241105141717055124692545CDC11E58-3B78C3A95D4C38A9-00
content-length
2384
x-tt-logid
20241105141717055124692545CDC11E58
server
nginx
widget.js
js.jebbit.com/companion/v1/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:ec00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
M.fQKrXkVHcvymDK9D8bU4BvoS660wdj
etag
"9ee6264c1a592ca4976fb94c91ef8c87"
age
47998
via
1.1 ab5e6646c9366e9d37d7495e5d416b28.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
45384
x-amz-cf-id
ICXxrzLYfC-F66j2X9NLbJg6SfwspnTcRZhzJfXfShhcPmGo6izXWg==
date
Tue, 05 Nov 2024 00:57:20 GMT
content-type
text/javascript
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
i.js
tag.wknd.ai/4142/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/4142/i.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
de9c3c4ac891a0938c75ce0f455c92bfd86ca7adaf1aebcda0888f817b243cd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
e8a95b77284131
age
177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:14:20 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
cache-control
public,max-age=60
timing-allow-origin
*
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
access-control-allow-origin
*
content-length
5949
server
istio-envoy
x-region
us-central1
include.js
cdn8.eu.inside.chat/gtm/IN-1011171-EC/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:911 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"01e251ada13db1:0"
age
460
cf-cache-status
HIT
expires
Tue, 05 Nov 2024 15:17:17 GMT
cf-polished
origSize=38567
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 08:15:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=3600
cf-ray
8ddd776dea5914f4-LAX
server
cloudflare
activityi;dc_pre=CKrOj_iwxYkDFXgOTwgdVv8TSg;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;u...
10742279.fls.doubleclick.net/ Frame B8E0
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=97160057...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CKrOj_iwxYkDFXgOTwgdVv8TSg;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfco...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CKrOj_iwxYkDFXgOTwgdVv8TSg;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
377
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:17 GMT
expires
Tue, 05 Nov 2024 14:17:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CKrOj_iwxYkDFXgOTwgdVv8TSg;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
sgtm.elfcosmetics.com/g/ 		350 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=163627005.1730816235&ecid=458897738&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=IA&sst.rnd=841646024.1730816235&sst.adr=1&sst.ude=0&_s=3&sid=1730816234&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=view_promotion&ep.promotions=%5Bobject%20Object%5D&ep.promotion_name=2024-04-makeupRemoverAcneFocus-tile2%20-%20Banner%20Side%20By%20Side%20(v2)&ep.promotion_id=51900033-4b71-48b7-9139-a1faa2b92b79&ep.creative_name=Banner%20Side-by-Side&_et=1&tfd=6232&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
fcf3595f4164b720243abe6a47a60d77178fd4d45bdfc47b5948873f482a61e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
text/plain
server
Google Frontend
collect
sgtm.elfcosmetics.com/g/ 		65 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=163627005.1730816235&ecid=458897738&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=841646024.1730816235&sst.adr=1&sst.ude=0&_s=4&sid=1730816234&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=page_view&ep.vendor_id=facebook&ep.event_id=1730816637457_173081707121728&ep.email=&ep.phone=&ep.facebook_pixel_id=1638306756445368&_et=2509&tfd=6232&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
text/plain
server
Google Frontend
pixel.gif
cdn.blisspointmedia.com/assets/img/
Redirect Chain
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=ac590e6d-d6d7-4315-bc5c-68ffacde1e44&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=un...
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif
807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blisspointmedia.com/assets/img/pixel.gif
Protocol
H2
Server
18.238.80.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-101.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
null
etag
"18b3e43abad26bdac6f4cea944777b62"
age
30172
via
1.1 282af6dbb4c478f6651ee2a13940179e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
807
x-amz-cf-id
L0C4f2_VthRuWbu5KmVCNPv5dV-BfNZc2XdF7AmKPLt91B93QD8zrg==
date
Tue, 05 Nov 2024 05:54:27 GMT
content-type
image/gif
last-modified
Mon, 08 Apr 2019 16:24:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5

Redirect headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
location
https://cdn.blisspointmedia.com/assets/img/pixel.gif
x-amz-apigw-id
AxtVPHFDoAMEnQw=
x-amzn-trace-id
Root=1-672a28ed-1d8e06f640e418743c5035fa;Parent=1ea126587b71b9e0;Sampled=0;Lineage=1:07bbc27a:0
x-amzn-requestid
b5fcbdd4-8282-429b-b9a0-9bb8445f75dc
access-control-allow-origin
*
content-length
2
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/json
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.245; 162.245.206.245; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
a10fd352-6413-48e3-8837-7a047b672806
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:17:17 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=34d3507a-d0f0-4e6b-aea6-13d011af27a0&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
70
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 05 Nov 2024 14:17:17 GMT
server
nginx
activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;uaa=;uab=;uafv...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=3837239923624;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=971600571;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:17:17 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"8546982759337731876"}],"aggregatable_trigger_data":[{"filters":[{"14":["12119809"]}],"key_piece":"0xc590256f79404a73","source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]},{"key_piece":"0x42ca465d2505809f","not_filters":{"14":["12119809"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20457392":34,"20457393":34,"20457394":34,"20457395":3345,"21":6356,"22981708":131,"22981709":131,"22981710":131,"22981711":12713,"24748276":32,"24748277":32,"24748278":32,"24748279":3177,"628477676":32,"628477677":32,"628477678":32,"628477679":3177,"628627208":32,"628627209":32,"628627210":32,"628627211":3177,"642003348":32,"642003349":32,"642003350":32,"642003351":3177,"642003440":32,"642003441":32,"642003442":32,"642003443":3177,"642887056":65,"642887057":65,"642887058":65,"642887059":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"17001121893619901127","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8546982759337731876","filters":[{"14":["12119809"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"8546982759337731876","filters":[{"14":["12119809"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"8546982759337731876","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"8546982759337731876","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10742279"]}}
content-type
image/png
x-xss-protection
0
server
cafe
logger
www.paypal.com/xoplatform/logger/api/ 		980 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
899aa9075402e93667bb2cd6caee1c6747037e5e88ba595853bcaf0581cf316a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfcosmeticsus.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f130277eecc34
content-encoding
br
etag
W/"3d4-AcDfj0eTC7OOMxU8+g3+IoMT004"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f130277eecc34-d6c98a670cab91d7-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-bur-kbur8200021-BUR, cache-bur-kbur8200021-BUR
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730816238.975107,VS0,VE41
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://www.elfcosmeticsus.us
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.elfcosmeticsus.us
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 05 Nov 2024 14:17:17 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f130277759d59
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f130277759d59-ab47096c344b3f93-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-bur-kbur8200021-BUR, cache-bur-kbur8200021-BUR
x-timer
S1730816238.854777,VS0,VE40
favicon.ico
www.elfcosmeticsus.us/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.elfcosmeticsus.us/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.72.142.213 , Georgia, ASN199242 (MALAKMADZE, GE),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
548
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
text/html
server
nginx
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
2251
x-cache
HIT
date
Tue, 05 Nov 2024 14:17:17 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-lax-kwhp1940026-LAX
x-cache-hits
2609
content-type
application/javascript
x-amz-id-2
m67mDYPayGBSAxwv/jRezAdv4OOiej6ewd6IlAmWH9cbRG5vvkSgDsl2a2u0x/PS13viPApAFTA=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1730816238.726843,VS0,VE0
via
1.1 varnish
x-amz-request-id
20SD55QM5DA16P2N
accept-ranges
bytes
access-control-allow-origin
*
abp
22
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
"2fdf3e79d5e851201a0d52a886453d8b"
x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
age
18518
x-cache
HIT
date
Tue, 05 Nov 2024 14:17:17 GMT
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
x-served-by
cache-lax-kwhp1940026-LAX
x-cache-hits
12987
content-type
application/javascript
x-amz-id-2
94ADuRAuS6nYeh4tkBCpQ6g8GcLxa3WDk2djHX+zS+FNtVS/zSvVcUq9mFARaWzUu0qreFu2L64=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1730816238.726844,VS0,VE0
via
1.1 varnish
x-amz-request-id
VP9PVJTP5TA8D9AQ
accept-ranges
bytes
access-control-allow-origin
*
abp
50
content-length
6467
server
AmazonS3
x-amz-server-side-encryption
AES256
/
pips.taboola.com/ 		4 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store
retry-after
0
access-control-allow-methods
GET
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.elfcosmeticsus.us
x-cache
HIT
content-length
4
date
Tue, 05 Nov 2024 14:17:17 GMT
x-served-by
cache-lax-kwhp1940073-LAX
server
Varnish
x-cache-hits
0
config
pixel-config.reddit.com/pixels/t2_16331p/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_16331p/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/json
t2_16331p_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1730816237784&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=294c77060388e36df673b2c095cebed40e6beecb4c289ec9ac09e47705b2106e&uuid=dfc3b60e-7992-41f9-a9c2-fdf8b257b22e&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
image/gif
server
Varnish
ig.js
cdn8.eu.inside.chat/ 		167 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat/ig.js
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:911 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf055e03c860dd88d9d4017203050548dc930d6b78749b07320c9b08f3625071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
public, max-age=3600
content-encoding
gzip
cf-cache-status
HIT
etag
75fd15fd6fcf6083994b9a43ad8e8323
age
329
cf-ray
8ddd776e7af014f4-LAX
expires
Tue, 05 Nov 2024 15:17:17 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
59762
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
collect
analytics.google.com/g/s/ 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.google.com/g/s/collect?dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&tag_exp=101823848~101878899~101878944~101925629&_gsid=5D80LRC85NWYM2eoWDKXMtHLpirS3giw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
text/plain
server
Golfe2
runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		908 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=zwy9lg==, md5=HCxXU9+1dkCoulTxEZNLMA==
etag
"1c2c5753dfb57640a8ba54f111934b30"
age
44160
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
509
date
Tue, 05 Nov 2024 02:01:18 GMT
last-modified
Thu, 31 Oct 2024 19:40:36 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY0_t_5UHUL1e7WVgHjb6UaJfPJeEO4T33wx_DuXIrfoaKymYe0bWef7pUuh-xC_p6Df0A8
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403635956853
content-length
509
server
UploadServer
activityi;dc_pre=CMmrqfiwxYkDFTy50QQdeC8N8w;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745...
9231397.fls.doubleclick.net/ Frame 9514
Redirect Chain
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=13807987...
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CMmrqfiwxYkDFTy50QQdeC8N8w;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=und...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9231397.fls.doubleclick.net/activityi;dc_pre=CMmrqfiwxYkDFTy50QQdeC8N8w;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
446
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:18 GMT
expires
Tue, 05 Nov 2024 14:17:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9231397.fls.doubleclick.net/activityi;dc_pre=CMmrqfiwxYkDFTy50QQdeC8N8w;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745;uaa=;uab=;ua...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=5916756991334;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1380798745;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:17:18 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"12981577186800882556"}],"aggregatable_trigger_data":[{"filters":[{"14":["8259474"]}],"key_piece":"0xb9654a92cc244722","source_keys":["12","13","14","15","16","17","18","19","20","21","22938932","22938933","22938934","22938935","628473576","628473577","628473578","628473579","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","641998712","641998713","641998714","641998715","642025028","642025029","642025030","642025031","643969340","643969341","643969342","643969343"]},{"key_piece":"0x8e35906a51ae25c0","not_filters":{"14":["8259474"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22938932","22938933","22938934","22938935","628473576","628473577","628473578","628473579","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","641998712","641998713","641998714","641998715","642025028","642025029","642025030","642025031","643969340","643969341","643969342","643969343"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22938932":34,"22938933":34,"22938934":34,"22938935":3345,"628473576":32,"628473577":32,"628473578":32,"628473579":3177,"628795380":32,"628795381":32,"628795382":32,"628795383":3177,"628812176":32,"628812177":32,"628812178":32,"628812179":3177,"641998712":32,"641998713":32,"641998714":32,"641998715":3177,"642025028":34,"642025029":34,"642025030":34,"642025031":3345,"643969340":32,"643969341":32,"643969342":32,"643969343":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"13247954123364020540","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"12981577186800882556","filters":[{"14":["8259474"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"12981577186800882556","filters":[{"14":["8259474"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"12981577186800882556","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"12981577186800882556","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9231397"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-origin
*
cache-control
no-store
date
Tue, 05 Nov 2024 14:17:18 GMT
server
nginx
1638306756445368
connect.facebook.net/signals/config/ 		79 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1638306756445368?v=2.9.176&r=stable&domain=www.elfcosmeticsus.us&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
495808ac63ddcd70c9653d0a4dc69a597fe6d9ed1533c18b462ad94674de9358
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-a9yfo5Iz' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-a9yfo5Iz' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=135, rtx=0, c=80, mss=1232, tbw=74153, tp=71, tpl=0, uplat=93, ullat=0
pragma
public
x-fb-debug
GbAwamnWLj3Q6ETosaaSzmpVYPvBC1q+Cqy1cw4z6tnucAz7Uaflu9Uy086GzyZo4sSmfzdExOWKxYzpHtK1kg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
5013978.js
bat.bing.com/p/action/ 		364 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5013978.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D426D9DFED91460FBEC7F77C77654A86 Ref B: LAX311000109049 Ref C: 2024-11-05T14:17:18Z
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
config
www8.eu.inside.chat/ 		4 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Fwww.elfcosmeticsus.us&sid=1&j=1
Requested by
Host: cdn8.eu.inside.chat
URL: https://cdn8.eu.inside.chat/ig.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:811 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8ddd7770cbf8100f-LAX
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=86400
content-length
4
p3p
CP="insert_p3p_privacy_policy_here"
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/json; charset=UTF-8
last-modified
Sat, 01 Jan 2000 00:00:00 GMT
server
cloudflare
main.MTJhNGMzN2YwMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		342 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
TCP_HIT from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-tt-trace-id
00-24102412444059DC4577003A069B9506-3925216879506C88-00
content-length
97153
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024102412444059DC4577003A069B9506
server
nginx
x-akamai-request-id
1236810e
x-tt-trace-host
01760100c434c8c47af8aaf5ca5f4fd01ed7f49e9dc439df259f5a294634105d9401781296df19a78b932d5322afd2368b628c287f920d5ee6732fb1ce30186f5311bea3472b51f1acaac92be3e95497dba74edaf5dbd6f21fb968c6a305c9597c
main.MTJhNGMzN2YwMA.js
analytics.tiktok.com/i18n/pixel/static/ 		336 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8838b00c4d65fb353a4fc115fb3d5ec4ac665dddd47131dbcb41799e5ce6b25a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
TCP_HIT from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-24102412443680F23ADC451076FDC5BD-0617D29B90AC21CF-00
content-length
95241
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024102412443680F23ADC451076FDC5BD
server
nginx
x-akamai-request-id
12368119
x-tt-trace-host
01b171d0b5d106e3dc17b726e83a860bd609941a413b1f8df3da434063e384c440eab280cbae838b8f57bd87fa37640309b1df0223a4bdc4647d15b8a8fe66b79946e9ae6b9d90408e9cd677fe0cc4f98dcdb472d43e284887fae01e88fab7b287
main.be180668.js
s.pinimg.com/ct/lib/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.be180668.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2588::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3afb9988267a380488bd5d0cc82ef645c2c96093316c97c10b636a8c09b0682b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-max-age
86400
cache-control
max-age=1209600
access-control-expose-headers
X-CDN
content-encoding
br
etag
"826854c5f0c7214ebf36eaa3251aac05"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
23668
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=5e3c7efb-e3db-40b6-b915-02830f580a5b&bo=1&sid=a9f121e09b8011ef94955fb6c0ffa1f0&vid=a9f151209b8011ef9b66c5872c8191b9&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&p=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&r=&lt=6127&evt=pageLoad&sv=1&cdb=AQER&rn=73372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CE9D8B85761A4A7E95BAB1E57120F068 Ref B: LAX311000109049 Ref C: 2024-11-05T14:17:18Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 05 Nov 2024 14:17:17 GMT
widget.css
js.jebbit.com/companion/v1/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.css
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:ec00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
fgLtE0C.phC7FjS26Fxc9wt33wvWl9V5
etag
"c2b625a2843069c776e8a618c90b952a"
age
70994
via
1.1 ab5e6646c9366e9d37d7495e5d416b28.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15522
x-amz-cf-id
W4YAQpJ6QVOQU7ALKntGYQFL1BJNQkYXqYYFoJZsHHi9i5XDPqGzew==
date
Mon, 04 Nov 2024 18:34:05 GMT
content-type
text/css
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
launcher_configs
external-api.jebbit.com/moments/v2/ 		2 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzdXMudXMlMkY=&completedLightboxCampaigns=W10=&jebbitCookies=
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.132.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-132-176.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

surrogate-control
no-store
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-content-type-options
nosniff
expires
0
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-dns-prefetch-control
off
pragma
no-cache
access-control-allow-credentials
true
x-download-options
noopen
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
2
x-xss-protection
1; mode=block
main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		523 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1896b06be97eca5aad535cab0f7ed231162345d36268d0145bd2b05ee5651a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=W+J82g==, md5=+T3IbaBawv6BCFAaGQBTOg==
etag
"f93dc86da05ac2fe8108501a1900533a"
age
37935
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
115941
date
Tue, 05 Nov 2024 03:45:03 GMT
last-modified
Thu, 31 Oct 2024 19:40:22 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY10sn3GECMDPKROB5jAXNte4jV2N7klNl0bOxzhBs3URO_1CiG9TxFfaGWjcGRk_3bZLxEWCZUFZw
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403622446972
content-length
115941
server
UploadServer
cjs_min_3a843477d8e318f67237a66d0a58c542.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/4142/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
gzip
x-goog-hash
crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
etag
"1eb885454ea6bef1c9747800702959de"
age
35263
ad-auction-allowed
true
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
15748
date
Tue, 05 Nov 2024 04:29:35 GMT
last-modified
Mon, 22 Apr 2024 20:59:52 GMT
content-type
text/javascript; charset=utf-8
x-guploader-uploadid
AHmUCY2hb1l6F6TrSaxcm2taa6uq0KWAyq-xi_Zihh-MaaEedu4YcebLrS4omoEQ5vzG0OH7Exc
cache-control
public,max-age=31536000,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1713819592631797
content-length
15748
server
UploadServer
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&rl=&if=false&ts=1730816238247&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730816238240.155562868534688918&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1730816237990&coo=false&eid=1730816637457_173081707121728&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=2958, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&rl=&if=false&ts=1730816238247&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730816238240.155562868534688918&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1730816237990&coo=false&eid=1730816637457_173081707121728&tm=1&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433799138795790229"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa230b3a6a6e8856b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1521466687872304"]},"debug_reporting":true,"debug_key":"2695766399882296867"}
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
u/q1iEQyUaKKI0EuuaziFRTeOmuUx9a5gJPZtvYSSyN44NZ/LO8EsBXpLkK0SlK9qeZ6mbACd/SYstbXF+VP7A==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433799138795790229", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=3272, tp=-1, tpl=-1, uplat=77, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
ct.pinterest.com/user/ 		321 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1730816238275&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
64315b89761da630b8a7015b49501a06
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/json; charset=utf-8
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU5qQmlaR05pWXpJdE16UXpOeTAwWlRrNUxUa3pPVGt0TlRKaFpUSTFNakV5T1dOag
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
186
x-pinterest-rid
1330560511567305
/
ct.pinterest.com/user/ 		321 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221730816637457_173081707121728%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1730816238276&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
7e80effef4978321c3e46d4b74024e28
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/json; charset=utf-8
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPVpHWXlNREpsWVRVdFkySm1NaTAwT0dNNUxUa3lZamd0TmpCa1lUUmhNbVkzTm1WbA
pinterest-version
b218925b9f1d26340084c4ce1e3a371e6eb7a251
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
186
x-pinterest-rid
1411552730292226
/
ct.pinterest.com/v3/ 		35 B
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1730816238279
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-pinterest-rid-128bit
89bfbdaff5a06f34c87afb5739e5e44f
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443";ma=600
content-length
35
date
Tue, 05 Nov 2024 14:17:18 GMT
x-pinterest-rid
1444613510679638
content-type
image/gif
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.119.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.119.149.34.bc.googleusercontent.com
Software
/
Resource Hash
341af97aff2123965563dcac83cd91c96d4069bf98a38f1a78a26006d45e37c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Access-Control-Allow-Origin
*
Date
Tue, 05 Nov 2024 14:17:18 GMT
Content-Type
application/json
Access-Control-Allow-Headers
Origin, Content-Type, Accept
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.16.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.16.120.34.bc.googleusercontent.com
Software
/
Resource Hash
333e62715e266d0c761ffa44237843334e5d536b379a13e80cf1438a6ee214af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Access-Control-Allow-Origin
*
Date
Tue, 05 Nov 2024 14:17:18 GMT
Content-Type
application/json
Access-Control-Allow-Headers
Origin, Content-Type, Accept
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.190.127.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
230.127.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6449ca02be1be4d67e5103959e6b80c38ec1d12909a2f0560b76f48d1d452b68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Access-Control-Allow-Origin
*
Date
Tue, 05 Nov 2024 14:17:18 GMT
Content-Type
application/json
Access-Control-Allow-Headers
Origin, Content-Type, Accept
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-cache
TCP_MEM_HIT from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id
00-240830022526558A2EB3CE10F785EF4E-25F48E13A851BE61-00
content-length
39332
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240830022526558A2EB3CE10F785EF4E
server
nginx
x-akamai-request-id
1236827d
x-tt-trace-host
017ea62d71802cd818b956d209b6356534b2c76c34ea942690955af1e960e6f63371c11af7287ab906f2776f3c5458c62869a63a69c5c8f465fd6dc9be5a66461ff6617ea6fe4db13c9c0b07cf184c973fa371fc492ac69b900586cc27b35e59b3
pixel
analytics.tiktok.com/api/v2/ 		0
722 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:17:18 GMT
server-timing
inner; dur=27, cdn-cache; desc=MISS, edge; dur=10, origin; dur=35
x-cache
TCP_MISS from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:17:18 GMT
x-akamai-request-id
12368293
access-control-allow-headers
Authorization,*
x-tt-trace-host
010522778f3f8eb274a64badeceef15946db9566693656421b88939b558ab5ef4e6fb411d6c5ddf97bd1ec9b832adc45dc1bcc151c093b7b150489a8082d7cea369c07bbb95168ddcae79bc773871d7bb1dbd55294afecdd15bf57ea4001c0de67
x-origin-response-time
37,184.51.148.207
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105141718322C73983EA1A6C056CF-2409D7714CD2788E-00
content-length
0
x-tt-logid
20241105141718322C73983EA1A6C056CF
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
720 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:17:18 GMT
server-timing
inner; dur=25, cdn-cache; desc=MISS, edge; dur=8, origin; dur=37
x-cache
TCP_MISS from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:17:18 GMT
x-akamai-request-id
12368294
access-control-allow-headers
Authorization,*
x-tt-trace-host
010522778f3f8eb274a64badeceef15946db9566693656421b88939b558ab5ef4eb3fec22499f26d1ad38102a771fce2bb17368181779c52843a43777ac61c6b26bb7573c82c547a5d85bdec9733908debb8186c180621c140ad37c76c8226d683
x-origin-response-time
37,184.51.148.207
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24110514171811D13A110168AABB4A86-1D273307623F4634-00
content-length
0
x-tt-logid
2024110514171811D13A110168AABB4A86
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
720 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:17:18 GMT
server-timing
inner; dur=52, cdn-cache; desc=MISS, edge; dur=9, origin; dur=61
x-cache
TCP_MISS from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:17:18 GMT
x-akamai-request-id
12368295
access-control-allow-headers
Authorization,*
x-tt-trace-host
010522778f3f8eb274a64badeceef15946db9566693656421b88939b558ab5ef4e226c512cdaf15ab143a0e278e90499b3a481d7ae273606f011e14f040962f42a9fc49930b2718379b90f8b870414f39d646a5b18a14626d2717669e90b33e717
x-origin-response-time
62,184.51.148.207
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241105141718055124692545CDC11EAF-098C51FE1BFB5572-00
content-length
0
x-tt-logid
20241105141718055124692545CDC11EAF
server
nginx
inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_75060a85c1a4aebcc6f779b9e84db722.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=df/Fww==, md5=CihY9k4bsokmzU8kBOwKQw==
etag
"0a2858f64e1bb28926cd4f2404ec0a43"
age
149815
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5475
date
Sun, 03 Nov 2024 20:40:23 GMT
last-modified
Thu, 31 Oct 2024 19:40:17 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY04dMbQiyi-qVXgEPv80x_KQJ99PkAt5FOi1F6lFQq-4MpWkpfc600pXNBkgSXGg6X63h7k8hzSqNFFbL4
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403617040771
content-length
5475
server
UploadServer
sms-v2_e39203556bab2366e56296ce42e974a7.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ==
etag
"684b816ff7fa85526ab4b729fb5f0c91"
age
144968
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1303
date
Sun, 03 Nov 2024 22:01:10 GMT
last-modified
Thu, 31 Oct 2024 19:40:38 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY0R4fiTym9bgafIGBEzrMEpFLglfdcENr6r6X6uoNpIeiBE6CAcucGlXR_9k8MvaZELV8JBQ51qaU6KQg8
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403638782676
content-length
1303
server
UploadServer
onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=YWhgXQ==, md5=E+t6bCqMhb3KnLqECwDbLA==
etag
"13eb7a6c2a8c85bdca9cba840b00db2c"
age
42205
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5039
date
Tue, 05 Nov 2024 02:33:53 GMT
last-modified
Thu, 31 Oct 2024 19:40:27 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY30vzp3AKVR2Pi5I4fQv8uxbu7FC8EwkXBhqZtlnUOdqjqWBtMkmkVCHUexxV3MKCAx_t4M1EZt7Sbg5WI
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403627837427
content-length
5039
server
UploadServer
jquery-3.7.1.min.js
assets.bounceexchange.com/assets/bounce/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
content-encoding
br
etag
W/"2c872dbe60f4ba70fb85356113d8b35e"
age
40522
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
87533
date
Tue, 05 Nov 2024 03:01:56 GMT
last-modified
Thu, 31 Oct 2024 19:40:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3obgDStclxXh8WsAynlxhtuDlspfkQl5bud3IM5to9l3lkR2LWVOegszAShoz30XJjOadk_K5QJQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1730403600522086
content-length
31017
server
UploadServer
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
etag
"16d5d552603d86726ae439fc61299d42"
age
1908
x-cdn
fastly
alt-svc
h3=":443";ma=600
content-length
4103
date
Tue, 05 Nov 2024 14:17:18 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame 07ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 05 Nov 2024 14:17:19 GMT
pinterest-version
b218925b9f1d26340084c4ce1e3a371e6eb7a251
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
1219787489167710
x-pinterest-rid-128bit
3c15bfd50a13f144a9478e963d11f093
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 3641 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
ad-auction-allowed
true
age
647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Tue, 05 Nov 2024 14:06:31 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Thu, 31 Oct 2024 19:39:59 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1730403599174353
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
AHmUCY00OlU218DVwaNN5rfxinFNVqEdI78hvwWmwFOp4pCNKpHko4pmoAjPv1GL1H6LW2EByyU
/
ct.pinterest.com/v3/ 		35 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221730816637457_173081707121728%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1730816238743&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22external_id%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPU5qQmlaR05pWXpJdE16UXpOeTAwWlRrNUxUa3pPVGt0TlRKaFpUSTFNakV5T1dOag%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-pinterest-rid-128bit
38a73b05fa0e7ad6ae245dddefb7d822
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version
b218925b9f1d26340084c4ce1e3a371e6eb7a251
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443";ma=600
content-length
35
date
Tue, 05 Nov 2024 14:17:18 GMT
x-pinterest-rid
1254825766955200
content-type
image/gif
act
analytics.tiktok.com/api/v2/pixel/ 		0
725 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.162 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 05 Nov 2024 14:17:19 GMT
server-timing
inner; dur=464, cdn-cache; desc=MISS, edge; dur=22, origin; dur=485
x-cache
TCP_MISS from a184-51-148-207.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Tue, 05 Nov 2024 14:17:19 GMT
x-akamai-request-id
123683bd
access-control-allow-headers
Authorization,*
x-tt-trace-host
010522778f3f8eb274a64badeceef15946db9566693656421b88939b558ab5ef4e6fb411d6c5ddf97bd1ec9b832adc45dc01f219c5d10ec4c11608129ec9be6379670eb364491145d222310d8b85c4455249124fdfd1f9a9ff79f1ec0e8254cfdf
x-origin-response-time
486,184.51.148.207
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2411051417186CF638F5D51515B9A86B-42F456BE4FE6989F-00
content-length
0
x-tt-logid
202411051417186CF638F5D51515B9A86B
server
nginx
lookup
pd.cdnwidget.com/ 		74 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pd.cdnwidget.com/lookup?deviceID=undefined&bxwid=4142&bxdid=710553794453076817&visitID=1730816239020043&enableUID2=false
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-envoy-upstream-service-time
6
x-envoy-decorator-operation
id-resolution.id-resolution.svc.cluster.local:9000/*
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
date
Tue, 05 Nov 2024 14:17:19 GMT
content-type
application/json
server
istio-envoy
c
ids.cdnwidget.com/ 		445 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=090069190&GCS2=MTcyLjE3LjAuMywxMC4yLjIxMC4yNDIsZmRiZjoxZDM3OmJiZTA6OjQ1OjI6OmYyLGZkYmY6MWQzNzpiYmUwOjo0NToyOjpmMg==&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22rFSbRKlt2RXiNSQ%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A4%2C%22IDStageStart%22%3A4%2C%22netComplete%22%3A173%2C%22obsReqdata%22%3A344%2C%22obsReqview%22%3A352%2C%22obsReqpage%22%3A355%2C%22IDStagePrefire%22%3A355%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A-10%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%22710553794453076817%22%2C%22visitid%22%3A%221730816239020043%22%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
a32efc22e9616566ce70cfa47c38aa9b586243355514d660ed22634707b93abb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
445
date
Tue, 05 Nov 2024 14:17:19 GMT
content-type
application/json
vary
Origin
init1.js
api.bounceexchange.com/bounce/ 		103 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=1006&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYBmABgA58A2AJmIE5j8AWTYALxCitNMwHcApgCMcqYIID6qACZRmLGpgBOgnCAA2cNBgI9SAD3w1eKwTEHLVyqNgCGGjagQBzSXGUaoAC2DAADjgApMQAgkE0AGIRkfxxAHSCGjBIIDgAtoJoSDhwOPF5MZgAbqhiwJKpIADWqIJQQYQAQhE0Gv6tIeE0NL4BwTQArGERg1GjUXH8icmpGVmoOXkFA2PRPREAwq3KnSMbB9s9ggZ7oURklOSkxOS0NI0AItggNXUNza04-MVnMA44QRbVoyWRnVqEfCkQbDQj0ZjMYakQhUSiETo0I40UoyM4XCjUOj0UgmUjMYjAnq-DYjT49DQgFwuQQyaQIP4AoGY1qCYqWSQMpkstkcjSAyk0JB2ZQVACOwAAnmdSBKpTLJMUHHAuQ8wiruT1csJ0uIJKyMOUdV1-mKuVjBczWc5pDJBAg0DA6riaaEbeKDZLpRVAcBRf6sWrQz6-UDCI8Jf4ZJFUMocMAADIgOze3WhYDKbUSmQucF0mhlAAKqlKIDymzyoEyu2jnIlZQAynBREhlKhhJYw3bWmUAConYCd7u9-vN3Mx1V2JDeKTAAa5-GUWgMJgUuNPErSnAAbQdwucAF1YJyD6mj7z+aenQhLzGb8fI5J5QrL3xNbeP5qWiCD+b5Hv4yggKy4GLMBV62qB4GQZICB2JkL7Xn+x7OmmIBINU6HwZhR5GiafjCha4iwa+RFVLUUjpJBDiSOBahusAl75tqoGPmyLpsagnosgRgKgR+IbCYICEyP4kg4NUcASaJQaKURLHFLJ8kqa6MBHgBWqwb+2knoyjq8bI-GCTIWnmLpQayVkim0XUkigCAArSsycEicI-hQHwWS+UeABEkZBQANCFdgSC4IDKAq4UhcueG1sACXeCAmQJYhMhwCgCWAtKS5BeemD+KuPgZZJqTpP4Th2MgUgwBodguLYxTeHYUBAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
0cecaee1808a8e5b78d5be9bf78ab05711441d3cc30ff0cf72c007f39d07a86a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
x-envoy-upstream-service-time
24
x-envoy-decorator-operation
legacy-api-tier1.legacy-api.svc.cluster.local:80/*
via
1.1 google
expires
0
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date
Tue, 05 Nov 2024 14:17:19 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Tue, 05 Nov 2024 14:17:19 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
unip
trc-events.taboola.com/1691051/log/3/ 		0
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4591&scd=0&ssd=1&est=1730816234819&ver=36&isls=true&src=i&invt=3000&msa=3297&rv=1&tim=1730816239412&vi=1730816234807&ri=9ea7509ce501a09cacf13907f2ddc2f0&sd=v2_8df29a1f1d1bb9b1cb2b6cd4e2d73db3_fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b_1730816237_1730816237_CNawjgYQq5tnGLeqv-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA&ui=fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-origin
https://www.elfcosmeticsus.us
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 05 Nov 2024 14:17:19 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=4591&scd=0&ssd=1&est=1730816234819&ver=36&isls=true&src=i&invt=3000&msa=3297&rv=1&tim=1730816239412&vi=1730816234807&ri=9ea7509ce501a09cacf13907f2ddc2f0&sd=v2_8df29a1f1d1bb9b1cb2b6cd4e2d73db3_fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b_1730816237_1730816237_CNawjgYQq5tnGLeqv-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA&ui=fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmeticsus.us
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 05 Nov 2024 14:17:19 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_945f37949f8f8ce4c4244cecb2df29ef.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
gzip
x-goog-hash
crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
etag
"54f61bdcbfb6f81427c8a6803f48b02f"
age
26131
ad-auction-allowed
true
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6053
date
Tue, 05 Nov 2024 07:01:48 GMT
last-modified
Tue, 13 Dec 2022 17:12:22 GMT
content-type
text/css
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3LEspk6obKbHBE93O4gyTbfbanlbptsRSKz1CuDTLjnFYvd11TX4SmE19KkZ6fs5HgDf2C7u9qhQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1670951542233151
content-length
6053
server
UploadServer
visit
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoANARm8oGYAQmwAyITLAAebSQA4AbAH15AFgCUbAIIAHbaQQB1BACMA0lBoN+Adkb95bdqYASAFTwiaAYTakQAawQ2AHEEAGN-Ag1qZi8ACyQCAFsgum5+ZhYs1hiAZRQAMxQkEEt6Gzt5ADJQCBgkBALkBqQcGvAoaApMABNxNG10BFgkUhw4yEhtMBpyzVm6BdoAd1XGBFICsIIwFMgQMLB4Rngl9rroBrACUlh9gkxJHG55ZmZzzqubu5AHgE9njF3rVOmF4JBksBiiAUMZ9GAcJRrMJqNRSAQ0BgeopxDRqAJ5qiiqREHjvHiEMBkIp0ZiENjcaiCXjiaSmdQfKiwsVIIoAI6QP5k-iEmJkjl47lIXlQ26pfEivE5fES1HaRLY9UHeXMokoEk61XUdUEbGYFApYWi1mGznUcSKMAQiJWln6tkqu1HYxJKCQemKB51HWKvUG8V27YEfwgBCKJKm-WKdUIRDYV2oyBIWC2vG0rE4zA4npYfYFWM9DPUG0RyU8x0ISBVmvsu3aHraR3+WDN925rk83vh1t4lPALs9pmh6t9snWAAiHxgUZjCERyLxYGWwCtLbtfUrU9F1m4zHo5WsAE4VCpysxrPJZNxrLXUaBDwrNM+Mk-5NR+Je1gqM+zCXuSb6uhuC7gcaPS0CASBOiIBAoB+BJZjmME9GgkEovaYAAAoNKABDwF44LJMgu6zka4C5LAxhgGEJTGFRR57ni4CuAgkiQPRjHMSArFINRw6RigYRxHGkAzEe37ML+-6Xvw6RIvOMEFMATZydYP4vEpMEoAQVo5HapDaFWExTLJcxLEsqzLOsmzbLsjYHEcYAnDZiwjqiKCyZ+pl4sA2g7nJWFVmhRoiUe4qepKWlWvJikATBEBoSKAC0fBGmgzFWvQsgwUkJkwaQiU6Xpf6pUa3JJIMIBoJgAXMhuqLULehU2LhwVhYFZUVZ+yX6al0FGtQqjyNe9A9W+fUEkFqLldpQ26QpI1gdBW2LvAyBDNg0DGIkyyIK08SJCkVS7agGAHVSiG-JgzwZNkLBXad+0wHoKCQAUBBIEkOBiBIkjvXtt0wCWoBhI2fzaGuJZgP4ELaFUYJOpRSDQHE-nbJg93+j0ODvBgBDQNssDYEgfzbCWOAAKq5FUpPk6RVM06aCD8AzuSaMzCBkxT7PmikDOYFA9JsLkkA-am-Nkw0aCPTgXh8yziuPSLa5ePqIB-Ug4soPL5NQACACipBSwgaCUz0BDG9oOwy6QtNrpezAdfQxsUPskCwHT-D8Iwl7ew8St+3T2XcLIjAqMbeP7JgpauzgAByfMNOiqE6-VKCNc1ABq1DE1UCZ0+8ywmMGIBE8BKjUEuNfPGtKWAcB1igVUUPak3J5nhe163hkD5PtYVSDBgoAIMsTfcFUiB8jmmAw037xhH4pb7CkToWtozdVUpsgAWjG-YCg2ggPdEAPDgMtoPwXeUtqOA9FUkBxAhmo8n8joQjdcZ9DALCfQRMbRvyIAQHArx3gT2knDNccRKLz1IkgGGOBK7GCqJ9HA11kEFF5E3agBAACKfx-DaDQCIBAggABSIBaBeHNLQPAxCC7+H4MAUI9N3g4yQAyImRDSHkOCGbNExhODzmamAecBBcg9BUPTIgAB5PkeBYBAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:17:19 GMT
content-type
image/gif
pageview
events.bouncex.net/track.gif/ 		42 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdBOgGYDGA9oQLYS4YHQskJNR9AGShIsBIg6jcXXlBCoYIAEboIhTMQDsAIWpV0XMJAAmAfRgA7M2UpUqbEOkIRnVAMJm0BCothZWEHaOzhRmHl4+btQBbhzquLYAjrgAntGuVAAMvslUqajpaujICVQuZkWJ-mbAqFx2LUI1dW5x3sXNrXYOIPx5sZ59jSWOtoTKHADWYz0TXU1uIlq8MPgRtlwOhDtdMSvx-SlcXAtwtrxtnrYtehAOuMtUuKjVF+aWNvYHPZrK9BGw4NYPr01iUyulvO9Eqd3KtfsBrMBZgtkFDUVMzHDced8W5nlAsTikfloc5DAARaTgaBwJDca5wI4ALwgmAArABOXmM2QshQgBwHISeHD4IjdOi0RjwFjsbh8ARCERiCS0YXM+Rsm4QWzKLihdSQTDQvVyVlXI0m7LAHmkYBeG2iw23Lk8gCMABYAGykSTcXjABThzAFUMqCO4DhsaOx8MoQjAZNhiNgYAZmOoVhcEDWPwjUAwMCHABqVGT9xByfgEC0R1wEBg1kw-oDVEksFbHcwvsMpAKAA5fYGqKR+YZu4YCvzJCDYBx253DL6CrzeaRDPz-f7dwVDIGJ4YPQhB77JN4MtUHGvr6H0HA3oJ+HMy0OR+PJ9P+THbsXzfXAQGAGAoGCI4DkwMCwBDFdOkwaxJFwbAYFQdo0myWZlFQJlbGsGBCG0XRO2tXBOS4TBAwKGMZGNHJnRwFQIFvLg0DXTAmy0SQmTeTBRGCDi2HSQcqC4ABFbIFmAMAABkIGMAApGAaD8YYaAAWSkqsFlIKAAHEIAAVRjbB1EiTtJJkuSjIAUXMLQAA06UOQg6S4ABlax-VMzkAHkMm05AgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:17:19 GMT
content-type
image/gif
0860ab24f45bc22b8f13cc8d6647caaa.jpg
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/0860ab24f45bc22b8f13cc8d6647caaa.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cef923d56729944b2ae70b4e78b864efbb81a1db323d25882483aa8d935f9528

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=MTqQwQ==, md5=CGCrJPRbwiuPE8yNZkfKqg==
etag
"0860ab24f45bc22b8f13cc8d6647caaa"
age
41267
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
86329
date
Tue, 05 Nov 2024 02:49:32 GMT
last-modified
Fri, 01 Nov 2024 19:19:11 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY3VTAuqYycVuOVD89vTSdpiI3auDRaSSiFR7wzDgf92WdgP1H1j6Py6gHlnLtpRTDVcG1VHTX5vMA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730488751388465
content-length
86329
server
UploadServer
59a941c096f98029341d8c56b7b89113.png
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/59a941c096f98029341d8c56b7b89113.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f9c91dd6030ee0311497f63531e9e27cb31cb8468a74c0b8482075bdbaa80b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=8aFhaA==, md5=WalBwJb5gCk0HYxWt7iREw==
etag
"59a941c096f98029341d8c56b7b89113"
age
36454
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
18352
date
Tue, 05 Nov 2024 04:09:45 GMT
last-modified
Tue, 25 Aug 2020 15:57:40 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY3acy6102ygJg6YeIrr2SArb4zIL5c6bGBMNOnhYOXGYE95tSHciYoqTsL7_qxxKgzCfyy8AjFVAQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1598371060392963
content-length
18352
server
UploadServer
6aa18944a3ad2c224d37dafb46afa35f.jpg
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/6aa18944a3ad2c224d37dafb46afa35f.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
41edca74f63e4546256206b316479052b81b5d8fe3b810424d302bd4bf70c9ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=H/B1bQ==, md5=aqGJRKOtLCJNN9r7Rq+jXw==
etag
"6aa18944a3ad2c224d37dafb46afa35f"
age
304845
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
93895
date
Sat, 02 Nov 2024 01:36:34 GMT
last-modified
Mon, 08 Apr 2024 16:27:35 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY2uKZOsrtLwOvIQl2o5nkyarDCdqL3qM_eHPNY_Vc7XmQf14JE-CA0Dc1FgNuo95qvjxBNkUC2VFA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1712593655184176
content-length
93895
server
UploadServer
16f45df19355361dc1c101036c0035b0.png
assets.bounceexchange.com/assets/uploads/clients/3258/creatives/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/3258/creatives/16f45df19355361dc1c101036c0035b0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
915046d9ebab575f9b2f8ba9a35e030b2be55b1439edce6e72f7a19b4a55bd45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=pklVBw==, md5=FvRd8ZNVNh3BwQEDbAA1sA==
etag
"16f45df19355361dc1c101036c0035b0"
age
36120
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2419
date
Tue, 05 Nov 2024 04:15:19 GMT
last-modified
Thu, 01 Apr 2021 03:01:32 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY34xBVSOSB4jy-f9y9uVkQz5a76-FUtwdlPCQ27Cl1YlS_1pYSmBb7NAt1SYq8cH6rLnJ4
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1617246092060079
content-length
2419
server
UploadServer
hash.gif
pix.cdnwidget.com/
Redirect Chain
  • https://pix.cdnwidget.com/redirect?CID=2oQykpGE2lbXDnssDoSd4UzOqMu&DID=2oQykpgLeBJiFCnaFMQVk3vGeU0&v=&iv=&deviceid=710553794453076817&visitid=1730816239741709&wsid=4142&apikey=2^HIykD
  • https://pippio.com/api/sync?pid=5749
  • https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
68 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Protocol
H2
Server
34.149.254.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.254.149.34.bc.googleusercontent.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
date
Tue, 05 Nov 2024 14:17:20 GMT
content-type
image/png

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 05 Nov 2024 14:17:20 GMT
graph
idr.cdnwidget.com/ 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idr.cdnwidget.com/graph?cookieID=2oQykpGE2lbXDnssDoSd4UzOqMu&deviceID=2oQykpgLeBJiFCnaFMQVk3vGeU0&bxdid=710553794453076817&bxvid=1730816239741709&bxwid=4142&gm=true&apikey=2^HIykD&loadID=rFSbRKlt2RXiNSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-envoy-upstream-service-time
0
x-envoy-decorator-operation
id-resolution.id-resolution.svc.cluster.local:9000/*
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 05 Nov 2024 14:17:20 GMT
server
istio-envoy
eligible
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=E4UwNg9ghgJgwlAtgBygSwOYDsDOA1AJgF4AGAMhgwC40cBlAVwCMcBjYNJkYIgMyjA4QFarQAKoAG5oIDHHDkAXCIm58BQkVVZRWACxAAVOkQCMAdgDMJABymAbAUsBOS6ctkGARzNkhGVSxFAH00GBwiMh0UdGwwogJ7ABZ7ZySAVj9ZYFYQIiZZLFyADzIoDBAgogArHDJECBg88gB3EBY0RRB4pNMkgjJpHE74i2s7RxdzXvMSZwoQaVz481MSdPTLczSM63N7O3MyVArpEBbRvxAvBkrlmASosDRKxUU0VRxFJGQzK1sHAQkiQLEkni8glBkGhJNxhhAsERvhgPE0lnkYGRFHo0MAYMFUMBFABPYJfCDAcogYIwWhQJhgEAPfiCYSKABeECI9hI5BO1JJyDyehUwhwEF4IXiBAgAEViQBrZAYAAyIAAQgApNAAMTgWCgOoAsrK8ArLJIAOIgACq5D0UDxoQeMvlSstAFECGAmAANAAiuBw-ogdBgSRt7IA8l4jQwgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:17:20 GMT
content-type
image/gif
pop
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pop?wklz=A4e2C4EMGMBcEsBukEgHYF4EFsCmAnAMn1wBsRIATAYUm2EngHM0BnANQCYMAGQp3CHDQQAVzSx8ATxGVcGAKoBlfoPAkm8dBmoBBVUJET4aXBNnyAcvtEBHDAEZC0Og2Zp4lDJwBsAFh8ATj8AVkJWMXxoeQAjMTRogA9CSAEJDAArVkJsEDleQgB3XBjWeFhcTww-Bz9OQkR4MoQvBwB2AGYeAA4HH04OwLaatp5AwjlG6Kq2hx4QkI624NCutp9etsIGAUbcQqqnVlxbUTNprw7nUngzWBxcVlhXR06evs4-Hnafa9uJSDAJAEMraZ5MK6TeDRDCUQiwAAW8HwlAA+gx8LApKiniB8KlcKjKE1IDFSLgvAAzSCkY7wgBeIAwPh4fB2hKxwHkCJAeHCIEpsFRVU4IAAilIANbAJgAGVwACEAFLwABi1DQkFVAFkxexJR1EABxXAKPgIyAo4VeUUS6VGgCinFIMQAGgARNisd0gJSUPwKekAeVs2tEQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:17:20 GMT
content-type
image/gif
id_sync
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2oQykpgLeBJiFCnaFMQVk3vGeU0&source=web&agent=cjs&deviceid=710553794453076817&visitid=1730816239741709&websiteid=4142&pageviewid=1&sequenceid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:17:20 GMT
content-type
image/gif
collect
sgtm.elfcosmetics.com/g/ 		921 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=163627005.1730816235&ecid=458897738&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=841646024.1730816235&sst.adr=1&sst.ude=0&sid=1730816234&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&_s=5&tfd=11249&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
cb315e653049246313fc620c68e70e271b4ae35f8bc4a7b7cd7726e1647ab143
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:22 GMT
content-type
text/plain
server
Google Frontend
/
www.google.com/pagead/1p-conversion/698270988/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/698270988/?random=148852873&fst=1730816242785&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=143165810&fst=1730816242785&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4...
  • https://www.google.com/pagead/1p-conversion/698270988/?random=143165810&fst=1730816242785&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z889660...
0
0
0860ab24f45bc22b8f13cc8d6647caaa.jpg
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		84 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/0860ab24f45bc22b8f13cc8d6647caaa.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cef923d56729944b2ae70b4e78b864efbb81a1db323d25882483aa8d935f9528

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=MTqQwQ==, md5=CGCrJPRbwiuPE8yNZkfKqg==
etag
"0860ab24f45bc22b8f13cc8d6647caaa"
age
41267
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
86329
date
Tue, 05 Nov 2024 02:49:32 GMT
last-modified
Fri, 01 Nov 2024 19:19:11 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY3VTAuqYycVuOVD89vTSdpiI3auDRaSSiFR7wzDgf92WdgP1H1j6Py6gHlnLtpRTDVcG1VHTX5vMA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730488751388465
content-length
86329
server
UploadServer
59a941c096f98029341d8c56b7b89113.png
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/59a941c096f98029341d8c56b7b89113.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f9c91dd6030ee0311497f63531e9e27cb31cb8468a74c0b8482075bdbaa80b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=8aFhaA==, md5=WalBwJb5gCk0HYxWt7iREw==
etag
"59a941c096f98029341d8c56b7b89113"
age
36454
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
18352
date
Tue, 05 Nov 2024 04:09:45 GMT
last-modified
Tue, 25 Aug 2020 15:57:40 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY3acy6102ygJg6YeIrr2SArb4zIL5c6bGBMNOnhYOXGYE95tSHciYoqTsL7_qxxKgzCfyy8AjFVAQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1598371060392963
content-length
18352
server
UploadServer
6aa18944a3ad2c224d37dafb46afa35f.jpg
assets.bounceexchange.com/assets/uploads/clients/4142/creatives/ 		92 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/4142/creatives/6aa18944a3ad2c224d37dafb46afa35f.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
41edca74f63e4546256206b316479052b81b5d8fe3b810424d302bd4bf70c9ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=H/B1bQ==, md5=aqGJRKOtLCJNN9r7Rq+jXw==
etag
"6aa18944a3ad2c224d37dafb46afa35f"
age
304845
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
93895
date
Sat, 02 Nov 2024 01:36:34 GMT
last-modified
Mon, 08 Apr 2024 16:27:35 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY2uKZOsrtLwOvIQl2o5nkyarDCdqL3qM_eHPNY_Vc7XmQf14JE-CA0Dc1FgNuo95qvjxBNkUC2VFA
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1712593655184176
content-length
93895
server
UploadServer
widget.js
js.jebbit.com/companion/v1/ 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:ec00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
M.fQKrXkVHcvymDK9D8bU4BvoS660wdj
etag
"9ee6264c1a592ca4976fb94c91ef8c87"
age
47998
via
1.1 ab5e6646c9366e9d37d7495e5d416b28.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
45384
x-amz-cf-id
ICXxrzLYfC-F66j2X9NLbJg6SfwspnTcRZhzJfXfShhcPmGo6izXWg==
date
Tue, 05 Nov 2024 00:57:20 GMT
content-type
text/javascript
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
i.js
tag.wknd.ai/4142/ 		18 KB
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/4142/i.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
de9c3c4ac891a0938c75ce0f455c92bfd86ca7adaf1aebcda0888f817b243cd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
gzip
etag
e8a95b77284131
age
19
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:06 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
cache-control
public,max-age=60
timing-allow-origin
*
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
access-control-allow-origin
*
content-length
5949
server
istio-envoy
x-region
us-central1
include.js
cdn8.eu.inside.chat/gtm/IN-1011171-EC/ 		24 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js
Requested by
Host: www.elfcosmeticsus.us
URL: https://www.elfcosmeticsus.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:911 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
public, max-age=3600
content-encoding
br
cf-bgj
minify
etag
W/"01e251ada13db1:0"
age
460
cf-cache-status
HIT
cf-ray
8ddd776dea5914f4-LAX
expires
Tue, 05 Nov 2024 15:17:17 GMT
cf-polished
origSize=38567
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:17:17 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 08:15:40 GMT
vary
Accept-Encoding
server
cloudflare
iframe_api
www.youtube.com/ 		993 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.142 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
br
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options
nosniff
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires
Tue, 05 Nov 2024 14:17:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
activityi;dc_pre=CMOP3_uwxYkDFUqKdwEdDAIiXw;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;u...
10742279.fls.doubleclick.net/ Frame B44A
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=178919556...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CMOP3_uwxYkDFUqKdwEdDAIiXw;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcos...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CMOP3_uwxYkDFUqKdwEdDAIiXw;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
380
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:25 GMT
expires
Tue, 05 Nov 2024 14:17:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CMOP3_uwxYkDFUqKdwEdDAIiXw;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
sgtm.elfcosmetics.com/g/ 		65 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je4au0v9125640115z8896608294za200zb896608294&gcs=G111&gcd=13v3v3v3u5l1&npa=1&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=163627005.1730816235&ecid=458897738&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=841646024.1730816235&sst.adr=1&sst.ude=0&_s=6&dt=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&dr=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&sid=1730816234&sct=1&seg=1&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.vendor_id=facebook&ep.event_id=1730816637457_173081707121738&ep.email=&ep.phone=&ep.facebook_pixel_id=1638306756445368&_et=7364&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=13686&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
132.124.49.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache
x-accel-buffering
no
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
text/plain
server
Google Frontend
activityi;dc_pre=CNjC4PuwxYkDFUGZ0QQdT9Igqg;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963...
9231397.fls.doubleclick.net/ Frame CFCA
Redirect Chain
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=10792079...
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CNjC4PuwxYkDFUGZ0QQdT9Igqg;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=und...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9231397.fls.doubleclick.net/activityi;dc_pre=CNjC4PuwxYkDFUGZ0QQdT9Igqg;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.elfcosmeticsus.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
444
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:25 GMT
expires
Tue, 05 Nov 2024 14:17:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:17:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9231397.fls.doubleclick.net/activityi;dc_pre=CNjC4PuwxYkDFUGZ0QQdT9Igqg;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
eligible
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=E4UwNg9ghgJgwlAtgBygSwOYDsDOA1AJgF4AGAMhgwC40cBlAVwCMcBjYNJkYIgMyjA4QFarQAKoAG5oIDHHDkAXCIm58BQkVVZRWACxAAVOkQCMAdgDMJABymAbAUsBOS6ctkGARzNkhGVSxFAH00GBwiMh0UdGwwogIAFgBWZJtLcz9ZYFYQIiZZLFyADzIoDBAgogArHDJECBg88gB3EBY0RRB4xNNEgjJpHE74i2s7RxdzXvMSZwoQaVz481MSVIznRJTrc3s7TNQK6RAW0b8QLwZK5ZgiRKiwNErFRTRVHEUkZDMrWwckoktjZHs8glBkGhJNxhhAsEQvhgPE0lnkYGRFHo0MAYMFUMBFABPYKfCDAcogYIwWhQJhgEB3fiCYSKABeECI9hI5COlKJyDyehUwhwEF4IXiBAgAEVCQBrZAYAAyIAAQgApNAAMTgWCgWoAstK8HLLJIAOIgACq5D0UBxoTuUtlCvNAFECGAmAANAAiuBwvogdBgiStrIA8l4DQwgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
image/gif
pixel.gif
cdn.blisspointmedia.com/assets/img/
Redirect Chain
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=ac590e6d-d6d7-4315-bc5c-68ffacde1e44&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=un...
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif
807 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blisspointmedia.com/assets/img/pixel.gif
Protocol
H2
Server
18.238.80.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-101.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
null
etag
"18b3e43abad26bdac6f4cea944777b62"
age
30172
via
1.1 282af6dbb4c478f6651ee2a13940179e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
807
x-amz-cf-id
L0C4f2_VthRuWbu5KmVCNPv5dV-BfNZc2XdF7AmKPLt91B93QD8zrg==
date
Tue, 05 Nov 2024 05:54:27 GMT
content-type
image/gif
last-modified
Mon, 08 Apr 2019 16:24:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5

Redirect headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
location
https://cdn.blisspointmedia.com/assets/img/pixel.gif
x-amz-apigw-id
AxtWXEWwIAMEpLQ=
x-amzn-trace-id
Root=1-672a28f5-53f1156c04a3b77f4b02dfe1;Parent=2453d51982646373;Sampled=0;Lineage=1:07bbc27a:0
x-amzn-requestid
29955ef1-9b5d-42f8-ba1a-75c4bd17d9e4
access-control-allow-origin
*
content-length
2
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
application/json
/
www.facebook.com/tr/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&rl=&if=false&ts=1730816244973&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1730816238240.155562868534688918&ic=gtm&ler=empty&cdl=API_unavailable&it=1730816237990&coo=false&eid=1730816637457_173081707121738&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=8167, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&rl=&if=false&ts=1730816244973&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1730816238240.155562868534688918&ic=gtm&ler=empty&cdl=API_unavailable&it=1730816237990&coo=false&eid=1730816637457_173081707121738&tm=1&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433799167671807056"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa230b3a6a6e8856b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1521466687872304"]},"debug_reporting":true,"debug_key":"2257070486576708505"}
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
/GbUoUgOtK5KNIGnZfXR4MGFbRU1XxQ/NVDK/LBOpQoxclRMUbDSMImLGxMyD+g+LCU5F3AEXNe7U2WXhA/Njw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433799167671807056", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=8332, tp=-1, tpl=-1, uplat=39, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
rp.gif
alb.reddit.com/ 		42 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1730816244980&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=6ce3e0781fd4c8b72b6581ddb2eb17895935c4bf96b3082acad1d1febdd2db2d&uuid=dfc3b60e-7992-41f9-a9c2-fdf8b257b22e&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
image/gif
server
Varnish
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.245; 162.245.206.245; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
a0fa2f0b-5b1f-419a-99f9-bc5a4a54d8b3
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 05 Nov 2024 14:17:25 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
/
insight.adsrvr.org/track/pxl/ 		70 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

content-length
70
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
image/gif
server
Kestrel
activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;uaa=;uab=;uafv...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10742279;type=elf8j0;cat=glo_flap;ord=554224028448;npa=1;auiddc=647214912.1730816235;u1=https%3A%2F%2Fwww.elfcosmeticsus.us%2F;ps=1;pcor=1789195563;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181663336z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:17:25 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"15241270758388194684"}],"aggregatable_trigger_data":[{"filters":[{"14":["12119809"]}],"key_piece":"0xc590256f79404a73","source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]},{"key_piece":"0x42ca465d2505809f","not_filters":{"14":["12119809"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20457392","20457393","20457394","20457395","22981708","22981709","22981710","22981711","24748276","24748277","24748278","24748279","628477676","628477677","628477678","628477679","628627208","628627209","628627210","628627211","642003348","642003349","642003350","642003351","642003440","642003441","642003442","642003443","642887056","642887057","642887058","642887059"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20457392":34,"20457393":34,"20457394":34,"20457395":3345,"21":6356,"22981708":131,"22981709":131,"22981710":131,"22981711":12713,"24748276":32,"24748277":32,"24748278":32,"24748279":3177,"628477676":32,"628477677":32,"628477678":32,"628477679":3177,"628627208":32,"628627209":32,"628627210":32,"628627211":3177,"642003348":32,"642003349":32,"642003350":32,"642003351":3177,"642003440":32,"642003441":32,"642003442":32,"642003443":3177,"642887056":65,"642887057":65,"642887058":65,"642887059":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"17689335302661778751","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15241270758388194684","filters":[{"14":["12119809"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15241270758388194684","filters":[{"14":["12119809"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15241270758388194684","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15241270758388194684","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10742279"]}}
content-type
image/png
x-xss-protection
0
server
cafe
activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963;uaa=;uab=;ua...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=9231397;type=retarget;cat=globa0;ord=3129251908454;npa=1;auiddc=647214912.1730816235;u6=%2F;u10=undefined;u12=undefined;u8=false;ps=1;pcor=1079207963;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181619921z8896608294za201zb896608294;gcs=G111;gcd=13v3v3v3u5l1;dma=0;tag_exp=101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.elfcosmeticsus.us%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 05 Nov 2024 14:17:25 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"16740131273716860545"}],"aggregatable_trigger_data":[{"filters":[{"14":["8259474"]}],"key_piece":"0xb9654a92cc244722","source_keys":["12","13","14","15","16","17","18","19","20","21","22938932","22938933","22938934","22938935","628473576","628473577","628473578","628473579","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","641998712","641998713","641998714","641998715","642025028","642025029","642025030","642025031","643969340","643969341","643969342","643969343"]},{"key_piece":"0x8e35906a51ae25c0","not_filters":{"14":["8259474"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22938932","22938933","22938934","22938935","628473576","628473577","628473578","628473579","628795380","628795381","628795382","628795383","628812176","628812177","628812178","628812179","641998712","641998713","641998714","641998715","642025028","642025029","642025030","642025031","643969340","643969341","643969342","643969343"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22938932":34,"22938933":34,"22938934":34,"22938935":3345,"628473576":32,"628473577":32,"628473578":32,"628473579":3177,"628795380":32,"628795381":32,"628795382":32,"628795383":3177,"628812176":32,"628812177":32,"628812178":32,"628812179":3177,"641998712":32,"641998713":32,"641998714":32,"641998715":3177,"642025028":34,"642025029":34,"642025030":34,"642025031":3345,"643969340":32,"643969341":32,"643969342":32,"643969343":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"12311826032620159258","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16740131273716860545","filters":[{"14":["8259474"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16740131273716860545","filters":[{"14":["8259474"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16740131273716860545","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16740131273716860545","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9231397"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
ct.pinterest.com/user/ 		35 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221730816637457_173081707121738%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%2C%22external_id%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPU5qQmlaR05pWXpJdE16UXpOeTAwWlRrNUxUa3pPVGt0TlRKaFpUSTFNakV5T1dOag%22%7D&cb=1730816245123&dep=4%2CTAGS_RECEIVED&stc=true
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
x-pinterest-rid-128bit
5ef05f7ce4229680a47e5ea604d6d8ce
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
date
Tue, 05 Nov 2024 14:17:25 GMT
content-type
image/gif
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU5qQmlaR05pWXpJdE16UXpOeTAwWlRrNUxUa3pPVGt0TlRKaFpUSTFNakV5T1dOag
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin
https://www.elfcosmeticsus.us
content-length
35
x-pinterest-rid
1185301533642449
/
ct.pinterest.com/v3/ 		35 B
688 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221730816637457_173081707121738%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%2C%22external_id%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPU5qQmlaR05pWXpJdE16UXpOeTAwWlRrNUxUa3pPVGt0TlRKaFpUSTFNakV5T1dOag%22%7D&cb=1730816245126&dep=4%2CTAGS_RECEIVED&stc=true&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmeticsus.us%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-pinterest-rid-128bit
712c20cfff9f72ad74ccc9c8b2bd001e
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version
e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin
https://www.elfcosmeticsus.us
alt-svc
h3=":443";ma=600
content-length
35
date
Tue, 05 Nov 2024 14:17:25 GMT
x-pinterest-rid
8416323667477987
content-type
image/gif
widget.css
js.jebbit.com/companion/v1/ 		15 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.css
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:ec00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.elfcosmeticsus.us/

Response headers

x-amz-version-id
fgLtE0C.phC7FjS26Fxc9wt33wvWl9V5
etag
"c2b625a2843069c776e8a618c90b952a"
age
70994
via
1.1 ab5e6646c9366e9d37d7495e5d416b28.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15522
x-amz-cf-id
W4YAQpJ6QVOQU7ALKntGYQFL1BJNQkYXqYYFoJZsHHi9i5XDPqGzew==
date
Mon, 04 Nov 2024 18:34:05 GMT
content-type
text/css
last-modified
Mon, 07 Oct 2024 17:19:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
unip
trc-events.taboola.com/1691051/log/3/ 		0
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=10599&scd=0&ssd=1&est=1730816234819&ver=36&isls=true&src=i&invt=6000&msa=3297&rv=1&tim=1730816245420&vi=1730816234807&ri=9ea7509ce501a09cacf13907f2ddc2f0&sd=v2_8df29a1f1d1bb9b1cb2b6cd4e2d73db3_fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b_1730816237_1730816237_CNawjgYQq5tnGLeqv-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA&ui=fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1691051/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://www.elfcosmeticsus.us/

Response headers

access-control-allow-origin
https://www.elfcosmeticsus.us
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 05 Nov 2024 14:17:25 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1691051/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1691051/log/3/unip?en=pre_d_eng_tb&tos=10599&scd=0&ssd=1&est=1730816234819&ver=36&isls=true&src=i&invt=6000&msa=3297&rv=1&tim=1730816245420&vi=1730816234807&ri=9ea7509ce501a09cacf13907f2ddc2f0&sd=v2_8df29a1f1d1bb9b1cb2b6cd4e2d73db3_fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b_1730816237_1730816237_CNawjgYQq5tnGLeqv-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA&ui=fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b&ref=null&cv=20241102-3-RELEASE&item-url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&cbp=OneTrust&cbpv=1&cbcd=%2C1%2C2%2C3%2COSSTA_BG%2C4%2C5%2C&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://www.elfcosmeticsus.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://www.elfcosmeticsus.us
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 05 Nov 2024 14:17:25 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
edge.curalate.com
URL
https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js
Domain
www.google.com
URL
https://www.google.com/pagead/1p-conversion/698270988/?random=143165810&fst=1730816242785&cv=10&fmt=3&label=87uyCIuRktcBEIyK-8wC&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e4au1v9125640115z8896608294z99175401888za200zb896608294&value=0&url=https%3A%2F%2Fwww.elfcosmeticsus.us%2F&tiba=e.l.fs.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=event%3Dpageview%3Bvendor_id%3Dgoogle_ads%3Bgoogle_ads_conversion_id%3D698270988%3Bgoogle_ads_conversion_label%3D87uyCIuRktcBEIyK-8wC%3Bgoogle_ads_tag_type%3Dconversion&dma=0&npa=1&gcs=G111&gcd=13v3v3v3u5l1&uip=162.245.206.0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&tag_exp=101823848~101878899~101878944~101925629&s3p=1&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKPFsQII08WxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIpZzi-rDFiQMVlwxoCB08EAMxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5lbGZjb3NtZXRpY3N1cy51cy8&is_vtc=1&cid=CAQSKQCa7L7diPytqkohyzly6wkUfdhEx-W15TmCLEqg2rCTOsT3Mpq-IXUW&eitems=ChEIgKGnuQYQsvLLmf-Zo56BARIdAIF2TynsFRTyv8AqXYNeYcBeh-FCYvIvYynPpm4&random=2899197093

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 string| yo_host string| _pxAppId string| CRL8_SITENAME object| crl8 object| __LOADABLE_LOADED_CHUNKS__ function| _ object| regeneratorRuntime function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive object| dataLayer function| getDataLayerEvent object| DataLayer object| DY boolean| BRAZE_SETUP_COMPLETE boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom string| AppsFlyerSdkObject function| AF function| ___rmuid object| ___RMCMPW object| __post_robot_11_0_0___uid_numhnacfzmymuvpacsidplhppphjzs object| paypal object| __zoid_10_3_3___uid_numhnacfzmymuvpacsidplhppphjzs object| OtTrustedType object| AF_cleanupMethods object| paypalDDL object| AF_SDK string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| DYO object| contextManager object| DYJSON object| DYExps object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data number| gtmPageLoadId object| __tfa_pixel_init object| _tfa object| _uxa object| og object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions boolean| OG_OFFERS_TEST_MODE_ENABLE object| OG object| Optanon object| OneTrust function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| _tecq function| cnxtag boolean| otLastAcceptAllValue function| onYouTubeIframeAPIReady object| gaGlobal object| DYWork function| $dy object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| CS_CONF object| CS_INTEGRATIONS_CONF function| csSetTimeout function| csQueueMicrotask function| csClearTimeout function| csSetInterval function| csClearInterval function| csSymbol object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csRegExp object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics object| CSCurrentScript object| cnxDataLayer function| runCartEvaluator object| DYCS object| cti110221 function| create_UUID function| createCookie function| pintrk function| fbq function| _fbq object| _fbq_gtm_ids function| rdt string| TiktokAnalyticsObject object| ttq object| JebbitObject function| jebbit number| j function| __trcWarn function| redditNormalizeEmail function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| _inside boolean| _insideLoaded function| _insideJQ function| _insideViewUpdate object| a object| m object| bouncex function| UET function| UET_init function| UET_push object| insideFrontInterface object| _insideGraph string| _insideProtocol string| _insideCluster string| _insideGraphUrl string| _insideSocialUrl string| _insideCDN string| _insideCDN2 string| _insideScriptVersion boolean| _insideLive boolean| _insideIsLive object| ueto_69779a9de7 object| uetq object| webpackChunksmart_tag object| bxgraph object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| jQuery object| tagConfig function| close_bouncex_ad

75 Cookies

Domain/Path Name / Value
.taboola.com/elfcosmetics-sccnx/ Name: taboola_session_id
Value: v2_8df29a1f1d1bb9b1cb2b6cd4e2d73db3_fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b_1730816237_1730816237_CNawjgYQq5tnGLeqv-WvMiABKAMw4QE4kaQOUABYAGAAaPGthJrF1OTQ-gFwAYABAA
.curalate.com/ Name: __cf_bm
Value: 4C7jDntjwOmoiJOQT6xUAeyU47r.jB06mQZSlvkG8ko-1730816232-1.0.1.1-ozlxXS2rCiLSwev574wPzYeYVvWI8MK2fmjp_od8tuQDAK2hdZD8IjuJeOMvws0blTUgDNvJMCOShdq6fE6arw
www.elfcosmeticsus.us/ Name: initAuthComplete
Value: true
.elfcosmeticsus.us/ Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3A05eb5f70-3632-b3da-ebbf-7bb0afc7e2e4%7Ce%3A1730818033231%7Cc%3A1730816233231%7Cl%3A1730816233231
.elfcosmeticsus.us/ Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57
Value: g%3Af19e5d6b-14b8-9e95-a668-1086b4586e0d%7Ce%3Aundefined%7Cc%3A1730816233233%7Cl%3A1730816233233
.elfcosmeticsus.us/ Name: crl8.fpcuid
Value: d308a77f-6b85-4e94-8253-a00cae857097
.elfcosmeticsus.us/ Name: rmStore
Value: dmid:9097
.linksynergy.com/ Name: rmuid
Value: cbf52927-0833-4d4e-9d36-27214fcb20c8
.elfcosmeticsus.us/ Name: _dyjsession
Value: pzesjz3i36cuxxnea2qh3l56jsxrhywi
.elfcosmeticsus.us/ Name: dy_fs_page
Value: www.elfcosmeticsus.us
.elfcosmeticsus.us/ Name: _dy_csc_ses
Value: pzesjz3i36cuxxnea2qh3l56jsxrhywi
.elfcosmeticsus.us/ Name: _gcl_au
Value: 1.1.647214912.1730816235
.adsrvr.org/ Name: TDID
Value: 34d3507a-d0f0-4e6b-aea6-13d011af27a0
.dynamicyield.com/ Name: DYID
Value: -4467570588102547222
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: Q1oQ6sbdir3zw8tNmEM24c7dQpiaa07kRF1w2ELvBNi6hjWPDjP4Z3jnJZhKWUkMb-oKnIXLJTeLP5yZBJZjdaiB0KoPYY0wenlfETzTztc.
.adnxs.com/ Name: uuid2
Value: 3378436710752356451
.elfcosmeticsus.us/ Name: _ga
Value: GA1.1.163627005.1730816235
.youtube.com/ Name: YSC
Value: 28MxkaWWhBQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: xdn1K1JERVs
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgUg%3D%3D
.taboola.com/ Name: t_gid
Value: fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b
.taboola.com/ Name: t_pt_gid
Value: fd7993df-77ec-4847-93b5-288e16e475a1-tucte23ae6b
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.elfcosmeticsus.us/ Name: _dycnst
Value: dg
.doubleclick.net/ Name: ar_debug
Value: 1
.elfcosmeticsus.us/ Name: _dyid
Value: -4467570588102547222
.elfcosmeticsus.us/ Name: _dycst
Value: dk.l.c.ws.fst.
.elfcosmeticsus.us/ Name: _dy_geo
Value: US.NA.US_CA.US_CA_El%20Segundo
.elfcosmeticsus.us/ Name: _dy_df_geo
Value: United%20States.California.El%20Segundo
.elfcosmeticsus.us/ Name: _dy_toffset
Value: -1
.elfcosmeticsus.us/ Name: _dy_soct
Value: 1730816235!1652212.0'1654610.0'1750272.0'2078808.0'2078831.0!pzesjz3i36cuxxnea2qh3l56jsxrhywi~1248068.0
.rubiconproject.com/ Name: khaos
Value: M34JAQK0-24-HBIC
.rubiconproject.com/ Name: khaos_p
Value: M34JAQK0-24-HBIC
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmheS7takdznN_Iklu4l2nArR8-gPu-eZxocnCLFXmGCVK1H_3Pxxo-LJqLhpc
.rubiconproject.com/ Name: audit_p
Value: 1|CEGtc/0mtnwTAe/fZnMQHHx+sG1vlQSViqywqhlT28wJD8deNwibMJvA1PNCng1fphmpEXCWCHYwHTRO1/p4iHX0qfg68IpFQAPcN3ARK87X37emOL3Y0rGtLX6+umyxT/R8DanQoOfR+2hiZDhl5TpihPH28ijRk5D7Ocvbs7DREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rubiconproject.com/ Name: audit
Value: 1|CEGtc/0mtnwTAe/fZnMQHHx+sG1vlQSViqywqhlT28wJD8deNwibMJvA1PNCng1fphmpEXCWCHYwHTRO1/p4iHX0qfg68IpFQAPcN3ARK87X37emOL3Y0rGtLX6+umyxT/R8DanQoOfR+2hiZDhl5TpihPH28ijRk5D7Ocvbs7DREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rlcdn.com/ Name: rlas3
Value: +3ijacRpCWda5OVTE0brLtTW6n84vgKMXRLwDuuebvs=
.rlcdn.com/ Name: pxrc
Value: COzRqLkGEgUI6AcQABIGCOTrARAA
.linksynergy.com/ Name: icts
Value: 2024-11-05T14:17:16Z
.casalemedia.com/ Name: CMID
Value: Zyoo7NHM4GIAACYTAYfZQgAA
.casalemedia.com/ Name: CMPS
Value: 806
.casalemedia.com/ Name: CMPRO
Value: 806
.bidswitch.net/ Name: tuuid
Value: f095c2d1-3b55-49ee-98ee-78712b60e216
.bidswitch.net/ Name: c
Value: 1730816237
.bidswitch.net/ Name: tuuid_lu
Value: 1730816237
www.elfcosmeticsus.us/ Name: FPC
Value: ac590e6d-d6d7-4315-bc5c-68ffacde1e44
.elfcosmeticsus.us/ Name: _ga_5D80LRC85N
Value: GS1.1.1730816234.1.1.1730816237.0.0.458897738
.elfcosmeticsus.us/ Name: _rdt_uuid
Value: 1730816237779.dfc3b60e-7992-41f9-a9c2-fdf8b257b22e
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2E>>sas=i!fsuh*8RF/PlZ[C[-kX-ioT[i
.tiktok.com/ Name: _ttp
Value: 2oQykZ7x0tb8NvkZtjbXXKTesPL
.elfcosmeticsus.us/ Name: _uetsid
Value: a9f121e09b8011ef94955fb6c0ffa1f0
.elfcosmeticsus.us/ Name: _uetvid
Value: a9f151209b8011ef9b66c5872c8191b9
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-34d3507a-d0f0-4e6b-aea6-13d011af27a0&KRTB&22918-34d3507a-d0f0-4e6b-aea6-13d011af27a0&KRTB&22926-34d3507a-d0f0-4e6b-aea6-13d011af27a0&KRTB&23031-34d3507a-d0f0-4e6b-aea6-13d011af27a0
.pubmatic.com/ Name: PugT
Value: 1730816237
.bing.com/ Name: MUID
Value: 34137CBC17866348369769921614626C
.bat.bing.com/ Name: MR
Value: 0
.elfcosmeticsus.us/ Name: _fbp
Value: fb.1.1730816238240.155562868534688918
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIju363_K9vD0QBRIWCgdydWJpY29uEgsIgPK3z9Lrvj0QBRIXCghhcHBuZXh1cxILCIich9nS6749EAUSFQoGY2FzYWxlEgsI3v7D19Lrvj0QBRIYCgliaWRzd2l0Y2gSCwj-wofZ0uu-PRAFEhcKCHB1Ym1hdGljEgsItrSE49Lrvj0QBRgFOAFCBCICCAE.
.pointmediatracker.com/ Name: c
Value: 3311e94a-64b1-4193-8a60-c7bf3fc1270d
.elfcosmeticsus.us/ Name: _tt_enable_cookie
Value: 1
.elfcosmeticsus.us/ Name: _ttp
Value: p9VNOy5i34aSBvllkpEYRncv5nI
.pinterest.com/ Name: ar_debug
Value: 1
.elfcosmeticsus.us/ Name: _pin_unauth
Value: dWlkPU5qQmlaR05pWXpJdE16UXpOeTAwWlRrNUxUa3pPVGt0TlRKaFpUSTFNakV5T1dOag
.undertone.com/ Name: UTID
Value: 236a1075cd164c5cbfb6664c78428fda
.undertone.com/ Name: UTID_ENC
Value: 23h7kvgnkbv1mr82ar7gskdzu
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZWUnNMMkVyY2hVbXk3MFEzOXNrSjRpMGRlQXVtbGQ3Snd4L29RbjlUM3ltK1FRSGRmZzBzNTRzaW1KQWpWcU9ockZOaHB4NEZRcTBrVEhmRlNad0Mzc3MvNFJJeEExOVgzUjlxZVZ4K0ZtRT0mazg4dzVxQTVMSGZZdHRsUm4rMExTb0F6Y2h3PQ=="
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"2oQykpGE2lbXDnssDoSd4UzOqMu","deviceID":"2oQykpgLeBJiFCnaFMQVk3vGeU0","iv":"","v":""}
.elfcosmeticsus.us/ Name: __idcontext
Value: eyJjb29raWVJRCI6IjJvUXlrcEdFMmxiWERuc3NEb1NkNFV6T3FNdSIsImRldmljZUlEIjoiMm9ReWtwZ0xlQkppRkNuYUZNUVZrM3ZHZVUwIiwiaXYiOiIiLCJ2IjoiIn0%3D
.bounceexchange.com/ Name: bounceClientVisit4142c
Value: %7B%22vid%22%3A1730816239741709%2C%22did%22%3A%22710553794453076817%22%7D
.pippio.com/ Name: did
Value: rZ4msib7xuUAxrwa
.pippio.com/ Name: didts
Value: 1730816240
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPDRqLkGEgUI9ywQAA==

5 Console Messages

Source Level URL
Text
network error URL: https://www.elfcosmeticsus.us/XT4Gy2ig/init.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=ME_IWtEVxt6VeEehjoWfVOTm4MqEebg3lerDem233qw
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.elfcosmeticsus.us/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmeticsus.us%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=s9buERbzRoPMelRhihhUsZcUDIpvUbkiahABT_DrpBU
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.elfcosmeticsus.us/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Fwww.elfcosmeticsus.us&sid=1&j=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10265292.fls.doubleclick.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
ad.doubleclick.net
alb.reddit.com
analytics.google.com
analytics.tiktok.com
api.bounceexchange.com
api.ipify.org
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
cdn.blisspointmedia.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.static.amplience.net
cdn.taboola.com
cdn8.eu.inside.chat
cds.taboola.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
data.cdnbasket.net
dsum-sec.casalemedia.com
edge.curalate.com
events.bouncex.net
external-api.jebbit.com
geolocation.onetrust.com
ib.adnxs.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.rlcdn.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
match.adsrvr.org
page.cdnbasket.net
pd.cdnwidget.com
pippio.com
pips.taboola.com
pix.cdnwidget.com
pixel-config.reddit.com
pixel.pointmediatracker.com
pixel.rubiconproject.com
psb.taboola.com
s.pinimg.com
sdk.iad-05.braze.com
secure.adnxs.com
sgtm.elfcosmetics.com
simage2.pubmatic.com
st.dynamicyield.com
static.ordergroove.com
stats.g.doubleclick.net
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tag.wknd.ai
tags.rd.linksynergy.com
trc-events.taboola.com
trc.taboola.com
ut.rd.linksynergy.com
view.cdnbasket.net
websdk.appsflyer.com
www.elfcosmeticsus.us
www.facebook.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.redditstatic.com
www.youtube.com
www8.eu.inside.chat
x.bidswitch.net
edge.curalate.com
www.google.com
104.18.11.236
104.18.38.107
104.26.13.205
107.178.254.65
108.139.47.3
13.226.94.108
141.226.224.32
141.226.224.48
142.250.80.68
142.251.40.166
142.251.40.194
142.251.40.198
142.251.40.200
142.251.41.6
151.101.0.84
151.101.1.140
151.101.1.44
151.101.129.21
151.101.193.140
151.101.195.1
151.101.64.84
151.101.65.44
172.217.165.142
172.64.151.101
18.238.80.101
18.238.80.13
184.51.148.162
2600:141b:1c00:2588::1931
2600:1901:0:56e0::
2600:9000:21dd:400:a:b89d:a6c0:93a1
2600:9000:23cb:1a00:11:85b0:d600:93a1
2600:9000:2807:5600:15:ad21:c740:93a1
2600:9000:2807:ec00:a:7914:b00:93a1
2606:4700:4400::6812:20dd
2606:4700:4400::6812:226c
2606:4700:4400::6812:252f
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2606:4700::6812:811
2606:4700::6812:911
2607:f8b0:4004:c1d::9c
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80f::200e
2607:f8b0:4006:822::200e
2620:1ec:33:1::10
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42::300
31.13.71.7
34.102.147.248
34.111.8.32
34.120.16.118
34.120.253.250
34.149.119.96
34.149.130.207
34.149.254.212
34.49.124.132
34.98.67.3
34.98.72.95
35.190.127.230
35.211.202.130
35.244.154.8
37.72.142.213
44.219.223.51
52.223.40.198
54.236.132.176
68.67.160.75
68.67.161.182
69.173.151.100
69.192.20.204
8.28.7.83
031891366cb372682dad9fd5caab813101f2e6cf0554376b28413cf277d29dd7
036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0
04334c34f7229a84060088639a8d17485457ebc64ab8561ee5b3c0d9eea1da0e
08e5f2fdc1f7a9d0de8db23174e037c1510a852b514811807b4e3f89307486d5
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925
0c22692fd69ca82d18566270bcbf1bd4c8b2f53fcc163cbd2dbffd6dfd0f8c5e
0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3
0cecaee1808a8e5b78d5be9bf78ab05711441d3cc30ff0cf72c007f39d07a86a
0dc33809c863fbdc63a5ba93cd0bbe8e10f205991697350cf44b14a5572a83ab
12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5
177c457d89f90ff5f9cac296e5eef6286991bf9e77656f2c67096d912bd80f31
183ae143a7f66c133f3948bdf61a0a9f97eb326be7de5947c1f19b93f3b9db24
1896b06be97eca5aad535cab0f7ed231162345d36268d0145bd2b05ee5651a36
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
226049a96ceaa190e0dd45980c8fba9367127b7c2b19b635ee30bb7f4fa17e52
23ea38484e3fa6133fac9d3fa9ca6aa24e8b9ef4defa6620649f13148baa6746
25e26594b519c847b3e55dc7aef2d56cadc5d473106b639e21c4c9b4db08db36
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
2ddf771e6fd5c0ff146456f571d974f1a9f5f0aa8ac76f271aeda939bcc075c0
2ec6c83ec1824898d15400462916551bf6761d2772bc3baec5b8fba523e03eb7
2f9c91dd6030ee0311497f63531e9e27cb31cb8468a74c0b8482075bdbaa80b5
333e62715e266d0c761ffa44237843334e5d536b379a13e80cf1438a6ee214af
341af97aff2123965563dcac83cd91c96d4069bf98a38f1a78a26006d45e37c6
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3afb9988267a380488bd5d0cc82ef645c2c96093316c97c10b636a8c09b0682b
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e0189b1cf26349d68eaaafba3ca5ebb38aaf7ede59f9e9beb75e76f16f35d6a
41edca74f63e4546256206b316479052b81b5d8fe3b810424d302bd4bf70c9ed
4526135c25caf69aa3b5ae9c0d208f0f71c4ad23a51a3dacc5875d784f39bf89
495808ac63ddcd70c9653d0a4dc69a597fe6d9ed1533c18b462ad94674de9358
49764ec01740feb1948116ed1f841b74efb21ff4c074d8e7d9927db585a5ea04
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51db2800976ae0311153917c1b90973847211e03c6cafddade13410f9ea3ece0
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6361afc85e34c0b40ecd5bdaac3b4c5baef74a94a4822dd8c22a1f9e28c48e1f
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6449ca02be1be4d67e5103959e6b80c38ec1d12909a2f0560b76f48d1d452b68
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69beb39687e8656561a843b13137c292498648b7f1ae665214eb292527cd436b
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58
7205a73b3eebc497352c834c61cea476f6a20f741769f0a5fc29e49fa1908073
72ff5a1f7f8d2a84d8976552d8a42bb69c9ff70656b0c902af9c57902de5b3c5
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75af44c111fb56615680a1ace75c374177bb7f7d1a6bc7132227df732be79443
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
82750f27be03d4b9e57a91dfa19180873ddbb22dd81aba6854dd7b7ea08c1e9a
8838b00c4d65fb353a4fc115fb3d5ec4ac665dddd47131dbcb41799e5ce6b25a
88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7
899aa9075402e93667bb2cd6caee1c6747037e5e88ba595853bcaf0581cf316a
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fa4a24e56a5f43d0a2382698cabcd2605b99d72bfc04510e148775bc91347eb
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
902be7e3440e4c3a980af18149fdaedc6bacb12e778d070683bf7ada4f8ff606
915046d9ebab575f9b2f8ba9a35e030b2be55b1439edce6e72f7a19b4a55bd45
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a32efc22e9616566ce70cfa47c38aa9b586243355514d660ed22634707b93abb
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a4082e2251f7f6b4f042842260bac0fb0a9ad35e03752c79f2aabbe18f458d85
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd
af30ad09ee7c61a2827e7df6838b13fb1c8a63b46d781c979c0906b5de54bb89
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bf055e03c860dd88d9d4017203050548dc930d6b78749b07320c9b08f3625071
bf500a4c158d24ba238d521a5fa775e693d03c507fa3f882bffbbeaf9fedeb64
c3ce398755176d7bb65a5a106fd0e3a165297640d7f21323c1509c5d5a0fe794
c8fcec3362c6e4f01b70b0c1b03c3892318f16ba44995683422daeb59552642c
c9956aa6e577180802d6ca07c1e0af6140024b2d491aba9a6205486ec82ba670
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb315e653049246313fc620c68e70e271b4ae35f8bc4a7b7cd7726e1647ab143
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
cef923d56729944b2ae70b4e78b864efbb81a1db323d25882483aa8d935f9528
d237f9147434eb7ca13c686da4346e03a6210da929e3e7f251370d2d0a149823
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d5267085b5489f178aae1444e1367dbca2debc7c061d5ddd803a16711a19c93b
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d9b60bb652094955b45736f763e9240f61f944c699831d13f14b34721d6560b1
de9c3c4ac891a0938c75ce0f455c92bfd86ca7adaf1aebcda0888f817b243cd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e8255ffa0cb6be7c00ad9ddfdb4a0b754ea7b5abd2be7be603e72ec33d2f6f85
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
edb13e9c26057efaf974aa6f40ee9616e4c7d92bf963e6ce80455561a55a11d2
ee66778dba8431b64c285bbfcc94d437a298b46e129512f2371e3c7d13a2bcd6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f035c7ccba1e210d803fd67ad4d13a420cd698f51109e15903d6a3febf7173ef
f309b4b6297e8c886d8d6b1ff31decc2d09f6eecf7804e3325bf5a2d3a5eac55
f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb6f0aea4908f409e88318c237c0056c3fec4e73e99f815d2f20e545bcfa6087
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fcf3595f4164b720243abe6a47a60d77178fd4d45bdfc47b5948873f482a61e9