urlscan.io logo urlscan.io
SecurityTrails logo

staging.elfcosmetics.com Open in urlscan Pro
204.141.89.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://staging.elfcosmetics.com/
Effective URL: https://staging.elfcosmetics.com/gated-login
Submission: On March 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 2 countries across 32 domains to perform 112 HTTP transactions. The main IP is 204.141.89.115, located in United States and belongs to YOTTAA-AS-1, US. The main domain is staging.elfcosmetics.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.
This is the only time staging.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 204.141.89.115 393259 (YOTTAA-AS-1)
12 151.101.130.133 54113 (FASTLY)
2 34.111.194.77 396982 (GOOGLE-CL...)
10 104.18.131.236 13335 (CLOUDFLAR...)
6 142.251.40.136 15169 (GOOGLE)
3 13.226.34.58 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
2 172.67.74.152 13335 (CLOUDFLAR...)
4 151.101.129.21 ()
1 23.40.179.40 20940 (AKAMAI-ASN1)
1 34.98.67.3 ()
1 108.138.128.71 ()
1 104.18.32.137 ()
6 142.250.65.174 ()
1 2 142.250.80.100 ()
1 142.250.65.226 ()
1 172.253.63.155 ()
1 108.138.106.88 ()
1 18.238.74.246 ()
2 199.232.36.84 ()
2 31.13.71.7 ()
3 151.101.65.140 ()
3 13.107.21.200 ()
4 23.48.224.108 ()
2 108.138.128.47 ()
1 54.230.163.108 ()
1 1 44.215.15.158 ()
1 2 54.161.153.5 ()
1 142.251.41.2 ()
1 23.20.179.111 ()
1 34.120.253.250 ()
1 35.170.135.46 ()
2 4 142.250.80.38 ()
112 33
10    204.141.89.115 (United States)

ASN393259 (YOTTAA-AS-1, US)
staging.elfcosmetics.com
12    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn-fsly.yottaa.net
sdk.iad-05.braze.com
2    34.111.194.77 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 77.194.111.34.bc.googleusercontent.com
staging.static.ordergroove.com
10    104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
6    142.251.40.136 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net
www.googletagmanager.com
3    13.226.34.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-58.ewr53.r.cloudfront.net
cdn.dynamicyield.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
2    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
4    151.101.129.21 (None, )

ASN- ()
www.paypal.com
www.sandbox.paypal.com
1    23.40.179.40 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-40.deploy.static.akamaitechnologies.com
websdk.appsflyer.com
1    34.98.67.3 (None, )

ASN- ()
ut.rd.linksynergy.com
1    108.138.128.71 (None, )

ASN- ()
st.dynamicyield.com
1    104.18.32.137 (None, )

ASN- ()
geolocation.onetrust.com
6    142.250.65.174 (None, )

ASN- ()
www.google-analytics.com
2    142.250.80.100 (None, )

ASN- ()
www.google.com
1    142.250.65.226 (None, )

ASN- ()
googleads.g.doubleclick.net
1    172.253.63.155 (None, )

ASN- ()
stats.g.doubleclick.net
1    108.138.106.88 (None, )

ASN- ()
cdn.usehero.com
1    18.238.74.246 (None, )

ASN- ()
sc-static.net
2    199.232.36.84 (None, )

ASN- ()
s.pinimg.com
2    31.13.71.7 (None, )

ASN- ()
connect.facebook.net
3    151.101.65.140 (None, )

ASN- ()
www.redditstatic.com
alb.reddit.com
3    13.107.21.200 (None, )

ASN- ()
bat.bing.com
4    23.48.224.108 (None, )

ASN- ()
analytics.tiktok.com
2    108.138.128.47 (None, )

ASN- ()
js.jebbit.com
1    54.230.163.108 (None, )

ASN- ()
js.cnnx.link
1    44.215.15.158 (None, )

ASN- ()
pixel.pointmediatracker.com
2    54.161.153.5 (None, )

ASN- ()
cnv.event.prod.bidr.io
1    142.251.41.2 (None, )

ASN- ()
www.googleadservices.com
1    23.20.179.111 (None, )

ASN- ()
api.usehero.com
1    34.120.253.250 (None, )

ASN- ()
tag.wknd.ai
1    35.170.135.46 (None, )

ASN- ()
external-api.jebbit.com
4    142.250.80.38 (None, )

ASN- ()
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
Apex Domain
Subdomains		 Transfer
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 334
319 KB
10 elfcosmetics.com
staging.elfcosmetics.com
757 KB
6 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
2 KB
6 google-analytics.com
www.google-analytics.com
21 KB
6 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 3272
866 B
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
479 KB
6 yottaa.net
cdn-fsly.yottaa.net — Cisco Umbrella Rank: 24616 Failed
4 MB
4 tiktok.com
analytics.tiktok.com
113 KB
4 paypal.com
www.paypal.com
www.sandbox.paypal.com
234 KB
4 dynamicyield.com
cdn.dynamicyield.com — Cisco Umbrella Rank: 9260
st.dynamicyield.com
238 KB
3 jebbit.com
js.jebbit.com
external-api.jebbit.com
61 KB
3 bing.com
bat.bing.com
14 KB
2 bidr.io
cnv.event.prod.bidr.io
1 KB
2 redditstatic.com
www.redditstatic.com
10 KB
2 facebook.net
connect.facebook.net
58 KB
2 pinimg.com
s.pinimg.com
20 KB
2 usehero.com
cdn.usehero.com
api.usehero.com
29 KB
2 google.com
www.google.com
677 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2821
231 B
2 ordergroove.com
staging.static.ordergroove.com
58 KB
1 wknd.ai
tag.wknd.ai
1 googleadservices.com
www.googleadservices.com
2 KB
1 reddit.com
alb.reddit.com
637 B
1 pointmediatracker.com
pixel.pointmediatracker.com
524 B
1 cnnx.link
js.cnnx.link
1 KB
1 sc-static.net
sc-static.net
19 KB
1 onetrust.com
geolocation.onetrust.com
307 B
1 linksynergy.com
ut.rd.linksynergy.com
405 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 4631
12 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8375
15 KB
0 snapchat.com Failed
tr.snapchat.com Failed
0 adnxs.com Failed
ib.adnxs.com Failed
secure.adnxs.com Failed
112 32
Domain Requested by
10 cdn.cookielaw.org cdn-fsly.yottaa.net
cdn.cookielaw.org
staging.elfcosmetics.com
10 staging.elfcosmetics.com 2 redirects staging.elfcosmetics.com
cdn-fsly.yottaa.net
6 www.google-analytics.com staging.elfcosmetics.com
www.google-analytics.com
6 sdk.iad-05.braze.com cdn-fsly.yottaa.net
6 www.googletagmanager.com staging.elfcosmetics.com
6 cdn-fsly.yottaa.net staging.elfcosmetics.com
4 analytics.tiktok.com staging.elfcosmetics.com
3 bat.bing.com staging.elfcosmetics.com
3 cdn.dynamicyield.com staging.elfcosmetics.com
2 9231397.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 10742279.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 cnv.event.prod.bidr.io 1 redirects
2 js.jebbit.com staging.elfcosmetics.com
2 www.redditstatic.com staging.elfcosmetics.com
www.redditstatic.com
2 connect.facebook.net staging.elfcosmetics.com
2 s.pinimg.com staging.elfcosmetics.com
2 www.sandbox.paypal.com www.paypal.com
www.sandbox.paypal.com
2 www.google.com 1 redirects
2 www.paypal.com staging.elfcosmetics.com
www.sandbox.paypal.com
2 api.ipify.org cdn-fsly.yottaa.net
2 staging.static.ordergroove.com staging.elfcosmetics.com
1 external-api.jebbit.com js.jebbit.com
1 tag.wknd.ai staging.elfcosmetics.com
1 api.usehero.com cdn.usehero.com
1 www.googleadservices.com staging.elfcosmetics.com
1 alb.reddit.com
1 pixel.pointmediatracker.com 1 redirects
1 js.cnnx.link www.googletagmanager.com
1 sc-static.net staging.elfcosmetics.com
1 cdn.usehero.com staging.elfcosmetics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net staging.elfcosmetics.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 st.dynamicyield.com staging.elfcosmetics.com
1 ut.rd.linksynergy.com staging.elfcosmetics.com
1 websdk.appsflyer.com staging.elfcosmetics.com
1 tag.rmp.rakuten.com staging.elfcosmetics.com
0 tr.snapchat.com Failed staging.elfcosmetics.com
0 secure.adnxs.com Failed
0 ib.adnxs.com Failed
112 40
Subject Issuer Validity Valid
*.elfcosmetics.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-25 -
2024-10-25		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh
staging.static.ordergroove.com
GTS CA 1D4		 2024-02-22 -
2024-05-22		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.dynamicyield.com
Amazon RSA 2048 M02		 2023-09-03 -
2024-10-01		 a year crt.sh
tag.rmp.rakuten.com
GTS CA 1D4		 2024-01-31 -
2024-04-30		 3 months crt.sh
ipify.org
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-27 -
2024-07-27		 a year crt.sh
*.iad-05.braze.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-27 -
2024-08-27		 a year crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2024-01-23 -
2025-01-22		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
www.sandbox.paypal.com
DigiCert EV RSA CA G2		 2024-02-05 -
2025-02-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.usehero.com
Amazon RSA 2048 M02		 2023-08-28 -
2024-09-24		 a year crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-18 -
2024-03-17		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.jebbit.com
Amazon RSA 2048 M01		 2023-05-24 -
2024-06-21		 a year crt.sh
js.cnnx.link
Amazon RSA 2048 M02		 2023-07-11 -
2024-08-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
api.usehero.com
Amazon RSA 2048 M03		 2024-01-06 -
2025-02-03		 a year crt.sh
tag.wknd.ai
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://staging.elfcosmetics.com/gated-login
Frame ID: 853A70FE8E30ADB817A7C9F6B2ACDBB1
Requests: 104 HTTP requests in this frame

Frame: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.57.0&integrationType=SDK
Frame ID: 1D8951915C7AA8D6869FDA666ACD2F81
Requests: 4 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;dc_pre=CIP-85rj5oQDFYjLwgQd-VUIrQ;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login
Frame ID: 6277018F75AFF6325CD8B6D968D0F40B
Requests: 1 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;dc_pre=CJj1-Zrj5oQDFRMQrQYdim0H2Q;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login
Frame ID: E292872DCBB15EC38D301B985331FEE2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=c2834a57-0f77-4796-8907-7125b0f7784e&u_sclid=fad2a177-c902-4899-ad51-690c368b1579
Frame ID: 333F0D7F31BDDBDD2A8A7795708BBC04
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://staging.elfcosmetics.com/ HTTP 302
    https://staging.elfcosmetics.com/gated-login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.dynamicyield\.\w+/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Page Statistics

112
Requests

75 %
HTTPS

0 %
IPv6

32
Domains

40
Subdomains

33
IPs

2
Countries

6601 kB
Transfer

12155 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://staging.elfcosmetics.com/ HTTP 302
    https://staging.elfcosmetics.com/gated-login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://staging.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_stg/oauth2/authorize?redirect_uri=https%3A%2F%2Fstaging.elfcosmetics.com%2Fcallback&response_type=code&client_id=304f46e5-7378-4284-bf8d-a10b94ca7af1&hint=guest&channel_id=elf-us&code_challenge=_MIqOMf9dPJ3q2VzQV9CYycnkfjQexkKhsMcmfD1VVA HTTP 303
  • https://staging.elfcosmetics.com/callback?usid=eb03db7e-b265-4312-bda0-77470ff7a856&code=4w9kX5iGxS-BeR5nNhBKIiwMA8aDlkq-mjnpzf0lvZo
Request Chain 33
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1321239148.1709973369&url=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dma=0&npa=0&gtm=45He4360n81WL3STMXv896608294za220&auid=961490788.1709973369 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1321239148.1709973369&url=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dma=0&npa=0&gtm=45He4360n81WL3STMXv896608294za220&auid=961490788.1709973369
Request Chain 59
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=dd1f684c-3795-4b6f-b27c-299050292b89&user_id=undefined&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1891487316 HTTP 302
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=1df98d73-30bd-4685-9d64-ed6c2d11237b.undefined&ord=8317323942511445364 HTTP 303
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=1df98d73-30bd-4685-9d64-ed6c2d11237b.undefined&ord=8317323942511445364&_bee_ppp=1
Request Chain 60
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWE4ZTRjYjAtNGJmYy00MTJmLWI4ODQtNGY5NTA1ZmNlMWY4&gdpr=0&gdpr_consent=&ttd_tdid=9a8e4cb0-4bfc-412f-b884-4f9505fce1f8 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9a8e4cb0-4bfc-412f-b884-4f9505fce1f8&google_gid=CAESEFhd4KgXcYBJaIwjrVA2eqA&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a8e4cb0-4bfc-412f-b884-4f9505fce1f8&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9a8e4cb0-4bfc-412f-b884-4f9505fce1f8 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D9a8e4cb0-4bfc-412f-b884-4f9505fce1f8
Request Chain 89
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login HTTP 302
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CIP-85rj5oQDFYjLwgQd-VUIrQ;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login
Request Chain 90
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login HTTP 302
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CJj1-Zrj5oQDFRMQrQYdim0H2Q;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gated-login
staging.elfcosmetics.com/
Redirect Chain
  • https://staging.elfcosmetics.com/
  • https://staging.elfcosmetics.com/gated-login
748 KB
750 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
8653a0c7f767af6a33dca8f79c269a6b17d4a51c51122cebaccc4a40e955470e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
0
content-length
766364
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 08:36:02 GMT
etag
W/"9f255-9veKYWi6XFRo8vtFnjxzr4DidQQ"
vary
Accept-Encoding
via
1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
x-amz-apigw-id
UWnYkHTEIAMES8Q=
x-amz-cf-id
e7Ui8Uz_CXhNcarfodAcURPqK_M_Dh7d2uax2CUCvmjHlw2Re67fuw==
x-amz-cf-pop
PHL50-C1
x-amzn-remapped-connection
close
x-amzn-remapped-content-length
651861
x-amzn-remapped-date
Sat, 09 Mar 2024 08:36:02 GMT
x-amzn-requestid
76518b06-10fd-4c1d-a409-9b2171243e2e
x-amzn-trace-id
Root=1-65ec1f69-088708ea31c226d661aa339d;Parent=44ae385ed593ee87;Sampled=0;lineage=9c7ef881:0
x-cache
Miss from cloudfront
x-yottaa-metrics
2321cc8d59e1/[9952,9771,-] 23D1cc8d5973/[-,9956.014]
x-yottaa-optimizations
ob/100000000 si/23D1cc8d5973-1709931561-6512583528 tts/1697227766589 ti/629795994f1bbfe5b0a5fe07 ai/629795984f1bbfe5b0a5fda1 tm/0
x-yottaa-os
200

Redirect headers

age
0
content-length
1161
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 08:35:52 GMT
location
https://staging.elfcosmetics.com/gated-login
vary
User-Agent
x-yottaa-fw
fb/100000 tid/629795974f1bbfe5b0a5fc2f rid/64a71e2dd93140023b03becb stid/5ad7b08e2bb0ac0c5ba3d38c
x-yottaa-metrics
23D1cc8d5973/[-,0.508]
x-yottaa-optimizations
ob/0 si/23D1cc8d5973-1709931561-6512583527 tts/1709973352826 ti/0 ai/629795974f1bbfe5b0a5fc2f
/
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/ 		0
0
/
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/ 		0
0
/
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/ 		0
0
/
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/ 		0
0
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin
https://staging.elfcosmetics.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin
https://staging.elfcosmetics.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
us.svg
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/static/img/flag-icons/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/static/img/flag-icons/us.svg?yocs=8_9_
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
RJSVMauzOC5_d9w18EKHJQ.hJveL3hJB
via
1.1 b47da3ec0e7532d35176d3affb527e34.cloudfront.net (CloudFront), 1.1 varnish
date
Sat, 09 Mar 2024 08:36:03 GMT
x-amz-cf-pop
DFW56-P5
age
113793
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/3211a5fec6eb-1706733478-1279356346 tts/1697227766589 ti/629795994f1bbfe5b0a5fe07 ai/629795984f1bbfe5b0a5fda1 tm/0
x-cache
Hit from cloudfront, MISS
x-amz-meta-deploy
654067
content-length
9228
x-amz-meta-bundle
10488
x-served-by
cache-chi-klot8100161-CHI
x-yottaa-forcecache
true
last-modified
Wed, 24 Jan 2024 21:26:48 GMT
server
AmazonS3
x-timer
S1709973364.648141,VS0,VE94
etag
W/"3d490a322296d6a7ac23cfcda250d916"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31104000
x-yottaa-metrics
3221a5fec6ee/[66,51,-] 3211a5fec6eb/[-,69.846]
accept-ranges
bytes
x-amz-cf-id
6lyazPam-BVvvBF6AiXk1xXk2P1LfOvwBrx02dzba3p4ugFpDKYJ_w==
x-cache-hits
0
download-on-the-app-store-badge.png
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/static/img/global/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/static/img/global/download-on-the-app-store-badge.png?yocs=8_9_
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ebf89e1d97e200a74d3d601875d13d715e3f13b33facf24fee5aa451012772f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
YhKPtqH_YYyCcqgPdnkWRdsAtf8XnEfL
via
1.1 2814ce14efad43b3b417e8d65a22cbb6.cloudfront.net (CloudFront), 1.1 varnish
date
Sat, 09 Mar 2024 08:36:04 GMT
x-amz-cf-pop
ATL56-P1
age
0
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/33118cae0c62-1706715553-677823515 tts/1697227766589 ti/629795994f1bbfe5b0a5fe07 ai/629795984f1bbfe5b0a5fda1 tm/0
x-cache
Hit from cloudfront, MISS
x-amz-meta-deploy
654067
content-length
7267
x-amz-meta-bundle
10488
x-served-by
cache-chi-klot8100161-CHI
server
AmazonS3
x-timer
S1709973364.648287,VS0,VE1238
content-type
image/png
cache-control
no-cache
x-yottaa-metrics
33218cae0c32/[1143,38,-] 33118cae0c62/[-,1145.161]
accept-ranges
bytes
x-amz-cf-id
TUY-U8meemKAfiScZ9moINgtg_UBVKOtZiUwrlm6vJSA_HTOxMTesQ==
x-cache-hits
0
google-play-badge.png
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/static/img/global/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/static/img/global/google-play-badge.png?yocs=8_9_
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecbe4874e1fffc1b68bdde370b903049a04348a826b580029690120cd771a4cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
2paIwK4F8klFqF7XOSu9jJHsJhUaKi.G
via
1.1 dfd828b2c103ff2899b6b2f2946f1e2e.cloudfront.net (CloudFront), 1.1 varnish
date
Sat, 09 Mar 2024 08:36:04 GMT
x-amz-cf-pop
ATL56-P1
age
0
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/33118cae0c65-1706715552-255218802 tts/1697227766589 ti/629795994f1bbfe5b0a5fe07 ai/629795984f1bbfe5b0a5fda1 tm/0
x-cache
Hit from cloudfront, MISS
x-amz-meta-deploy
654067
content-length
6569
x-amz-meta-bundle
10488
x-served-by
cache-chi-klot8100161-CHI
server
AmazonS3
x-timer
S1709973364.648748,VS0,VE1236
content-type
image/png
cache-control
no-cache
x-yottaa-metrics
33218cae0cf1/[1211,36,-] 33118cae0c65/[-,1212.332]
accept-ranges
bytes
x-amz-cf-id
JSXCr_WPrQVRa4itp15lpUW5L3RDQEH04Cu9P8iv6Xv8BkWdpZFo_Q==
x-cache-hits
0
vendor.js
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70bdc4ce00b2eb00c1a727f997e22289fe153af79db01d1fe41c9ddf93baea68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
gEHS2rfbE29bOE5xvlV4cjN17NzcFN8E
via
1.1 fb5ea1bd3c16ca58cbd34c1e50619c70.cloudfront.net (CloudFront), 1.1 varnish
date
Sat, 09 Mar 2024 08:36:05 GMT
x-amz-cf-pop
ATL56-P1
age
0
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/33118cae0c63-1706715551-340220597 tts/1697227766589 ti/629795994f1bbfe5b0a5fe07 ai/629795984f1bbfe5b0a5fda1 tm/0
x-cache
Miss from cloudfront, MISS
x-amz-meta-deploy
654067
content-length
2285592
x-amz-meta-bundle
10488
x-served-by
cache-chi-klot8100161-CHI
x-yottaa-forcecache
true
last-modified
Wed, 24 Jan 2024 21:26:28 GMT
server
AmazonS3
x-timer
S1709973364.648941,VS0,VE2317
etag
W/"5e28e81b421347256e20a2da7ec954ba"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31536000, s-maxage=31536000
x-yottaa-metrics
33218cae0c73/[1763,631,-] 33118cae0c63/[-,1765.811]
accept-ranges
bytes
x-amz-cf-id
SawvJ_3ejOjsT3hWMmnCrP7YboxZJ_cjJF_z1P12xEMQfbUHmlmjCg==
x-cache-hits
0
main.js
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/main.js?yocs=8_
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b45c29085ffe1b91b50e9ab25974acff9ba250d83a23ee86d13aecaf33eebb69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
Vpv8bzJhSKsp9d1QuWJP17mSKIMrSd78
via
1.1 2d1c46f78407b3ac919cadf865dd3246.cloudfront.net (CloudFront), 1.1 varnish
date
Sat, 09 Mar 2024 08:36:05 GMT
x-amz-cf-pop
ATL56-P1
age
56568
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/33118cae0c62-1706715553-677823514 tts/1697227766589 ti/629795994f1bbfe5b0a5fe07 ai/629795984f1bbfe5b0a5fda1 tm/0
x-cache
Hit from cloudfront, MISS
x-amz-meta-deploy
654067
content-length
1900016
x-amz-meta-bundle
10488
x-served-by
cache-chi-klot8100161-CHI
x-yottaa-forcecache
true
last-modified
Wed, 24 Jan 2024 21:26:24 GMT
server
AmazonS3
x-timer
S1709973364.649037,VS0,VE1755
etag
W/"af17b8cfece4b8d14cf3d97514b4f71f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31536000, s-maxage=31536000
x-yottaa-metrics
33218cae0c33/[1238,45,-] 33118cae0c62/[-,1240.239]
accept-ranges
bytes
x-amz-cf-id
LXlloT714Fx8SatGnxSHFbEWdjv8sOsLsxDT8JASmm-SOfNmgCvmyA==
x-cache-hits
0
pages-login-gated-login-page.js
cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/pages-login-gated-login-page.js?yocs=8_
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eeb769c2cc8ce7218095a7d42611a1b0332695769b809cddfea442851083d8cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
BTkiNj9hkAC6eLr2uGeEkvRkAR.rXs7t
via
1.1 f11cffdfa0c7886041aee925b0816e26.cloudfront.net (CloudFront), 1.1 varnish
date
Sat, 09 Mar 2024 08:36:05 GMT
x-amz-cf-pop
ATL56-P1
age
0
x-amz-server-side-encryption
AES256
x-yottaa-optimizations
ob/0 si/33118cae0c61-1706715551-1800746618 tts/1697227766589 ti/629795994f1bbfe5b0a5fe07 ai/629795984f1bbfe5b0a5fda1 tm/0
x-cache
Miss from cloudfront, MISS
x-amz-meta-deploy
654067
content-length
3358
x-amz-meta-bundle
10488
x-served-by
cache-chi-klot8100161-CHI
x-yottaa-forcecache
true
last-modified
Wed, 24 Jan 2024 21:26:26 GMT
server
AmazonS3
x-timer
S1709973364.764363,VS0,VE1545
etag
W/"b05cc11c20acdf904797c4fda90d7e7f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
public, max-age=31536000, s-maxage=31536000
x-yottaa-metrics
33218cae0c33/[1456,462,-] 33118cae0c61/[-,1459.514]
accept-ranges
bytes
x-amz-cf-id
Vy-Iuv5_aoQEITCGxb2s5nawtjRD2edKawa8Xc66NebqnBalJNSkqw==
x-cache-hits
0
main.js
staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 		260 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.194.111.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
c48476ffd21ed753a90b11db277894d1c3f1bf60a2cc735abfbe1db237cdafe0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:07 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 21:09:34 GMT
server
Apache
via
1.1 google
etag
"145ba75-41083-5f901caaa5f80-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54128
OtAutoBlock.js
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		1 MB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/main.js?yocs=8_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21195
content-md5
3CHjrTrl4YSKzn90GsMA3A==
content-length
154812
x-ms-lease-status
unlocked
last-modified
Mon, 30 Oct 2023 13:08:00 GMT
server
cloudflare
etag
0x8DBD9493E0E92B7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
faa9619b-101e-0023-4914-1ea340000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc4c29d12bfb-ORD
expires
Sun, 10 Mar 2024 08:36:07 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/main.js?yocs=8_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/RTAD1TAPuPWblD15GN1pg==
age
4022
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6842
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 20:52:31 GMT
server
cloudflare
etag
0x8DC3EE8820BCF86
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b581cd2d-601e-0006-2605-710a3c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc4c29ce2bfb-ORD
gtm.js
www.googletagmanager.com/ 		453 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c59c525cdc75efe0cb7772bcdcb55821372d9ab5287399fda37b1b15ff0123b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129636
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 08:36:07 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8772046/ 		442 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-58.ewr53.r.cloudfront.net
Software
DYCDN /
Resource Hash
0fa295c05c5e6929d1ec1c79bafad9472084569d81bdd2c5bf5798edf5060d9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:08 GMT
content-encoding
gzip
via
1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
last-modified
Wed, 28 Feb 2024 20:56:51 GMT
server
DYCDN
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
etag
W/"139a03dbd8b331a6c332a80d4b888537"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=30
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
AbgZ6Jqa7Mr_hB-biY9QTrIdCKS8oy0pV5D2VYbXrpmsnbOGbEYvSQ==
api_static.js
cdn.dynamicyield.com/api/8772046/ 		390 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-58.ewr53.r.cloudfront.net
Software
DYCDN /
Resource Hash
8b4baed685e61c19084227c70d48e2795b3df77fa784767ad956f35ac73fa358

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 07:56:38 GMT
content-encoding
gzip
via
1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
last-modified
Wed, 28 Feb 2024 20:56:51 GMT
server
DYCDN
age
2369
x-amz-cf-pop
EWR53-C2
etag
W/"b84779386dcc68d57f955d451d7dfc78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
6SYcWkLDajMEIM2nxmeLgU3L4AvCA8Rrc2ACI_aYE5nw7k1iYOrq-w==
110221.ct.js
tag.rmp.rakuten.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/110221.ct.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
fd749c4984673c0350696a15a5a04c06103de48b3595afe19eef114abd062e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:07 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Mar 2024 08:36:07 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
api.ipify.org/ 		23 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d8ff92f84da0eb475f02e16ce6fed60cce8ffbb7e4b0b04ad72dc373ce55dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8619bc4c7c032309-ORD
content-length
23
/
api.ipify.org/ 		23 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d8ff92f84da0eb475f02e16ce6fed60cce8ffbb7e4b0b04ad72dc373ce55dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8619bc4c7c012309-ORD
content-length
23
js
www.paypal.com/sdk/ 		417 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fdcc11a9fefee24fc02615b55e8f1d314b8aff24f4b3b94a4e70c2f81d0035c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sat, 09 Mar 2024 08:36:08 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
true
paypal-debug-id
f4908465965ca
server-timing
"traceparent;desc="00-0000000000000000000f4908465965ca-56d365722f4077ec-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
116579
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100036-CHI, cache-chi-klot8100036-CHI
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f4908465965ca-b667c6132f578d3e-01
x-timer
S1709973368.752848,VS0,VE604
etag
W/"1c763-wRQX9KdBdOfrR6qK5HvszGRmjco"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.179.40 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 08:36:08 GMT
X-DataStream-Origin-MEX-Latency
354
Content-Encoding
gzip
X-DataStream-MidMile-RTT
0
x-amz-request-id
2YB1WR984XCMXQHX
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
8vgNGQjoOBFtE+sIyWL0349JpXysnsagHloNN0WiJKH/8ZEbCDdhAwH+i01mzg+hjc6m9yw0i0g=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=714
Accept-Ranges
bytes
X-DataStream-Cache-Status
3
Expires
Sat, 09 Mar 2024 08:48:02 GMT
callback
staging.elfcosmetics.com/
Redirect Chain
  • https://staging.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_stg/oauth2/authorize?redirect_uri=https%3A%2F%2Fstaging.elfcosmetics.com%2Fcallback&response_type=code&cl...
  • https://staging.elfcosmetics.com/callback?usid=eb03db7e-b265-4312-bda0-77470ff7a856&code=4w9kX5iGxS-BeR5nNhBKIiwMA8aDlkq-mjnpzf0lvZo
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/callback?usid=eb03db7e-b265-4312-bda0-77470ff7a856&code=4w9kX5iGxS-BeR5nNhBKIiwMA8aDlkq-mjnpzf0lvZo
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/gated-login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:09 GMT
via
1.1 55d59f6fe20d812e375923d2e18ac7fc.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
0
x-amz-cf-pop
PHL50-C1
age
0
x-amzn-remapped-connection
close
x-amzn-requestid
2c7cc7f5-3f99-4735-9be1-c35b1213d865
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1709931561-6512583572 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
x-cache
Miss from cloudfront
x-amz-apigw-id
UWnbDHD7IAMEojQ=
content-length
0
x-yottaa-forcecache
true
x-amzn-trace-id
Root=1-65ec1f79-193d445018df763002e16591;Parent=443a52e8641a44dd;Sampled=0;lineage=9c7ef881:0
content-type
application/json
cache-control
public, max-age=604800
x-yottaa-os
200
x-yottaa-metrics
23214047a189/[562,548,-] 23D1cc8d5973/[-,564.994]
x-amzn-remapped-date
Sat, 09 Mar 2024 08:36:09 GMT
x-amz-cf-id
ngeo8CGSGQF-HEq8d5IGio9HMt8FjNUq9vGeCSGUepNZWmF9NMhS3Q==

Redirect headers

date
Sat, 09 Mar 2024 08:36:08 GMT
x-correlation-id
8619bc4fafa71318
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PHL50-C1
age
0
x-yottaa-optimizations
ob/0 si/23D1cc8d5973-1709931561-6512583571 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
x-cache
Miss from cloudfront
content-length
0
pragma
no-cache
x-ratelimit-1m-remaining
499, 1993692
x-ratelimit-1m-reset
51711, 51710
x-ratelimit-1m-limit
500, 2000000
vary
Accept-Encoding
location
https://staging.elfcosmetics.com/callback?usid=eb03db7e-b265-4312-bda0-77470ff7a856&code=4w9kX5iGxS-BeR5nNhBKIiwMA8aDlkq-mjnpzf0lvZo
cache-control
no-store
x-yottaa-os
303
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_stg/oauth2/authorize?redirect_uri=https%3A%2F%2Fstaging.elfcosmetics.com%2Fcallback&response_type=code&client_id=304f46e5-7378-4284-bf8d-a10b94ca7af1&hint=guest&channel_id=elf-us&code_challenge=_MIqOMf9dPJ3q2VzQV9CYycnkfjQexkKhsMcmfD1VVA
x-yottaa-metrics
23214047a180/[179,159,-] 23D1cc8d5973/[-,182.083]
cf-ray
8619bc4fafa71318-IAD
x-amz-cf-id
M6hnSeMMDrI_LvvEWMw038i_2IkaATl2lxt_zx0Vbz3YRDvPw9H2_A==
/
sdk.iad-05.braze.com/api/v3/data/ 		355 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a26c205df8662e57e20b341d280ed736901184cb8eee0d889b35dce51778a73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/json
Referer
https://staging.elfcosmetics.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Sat, 09 Mar 2024 08:36:08 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
4c3f397b-299c-40c8-a207-c6bc1b83c123
x-served-by
cache-chi-kigq8000147-CHI
x-runtime
0.222192
etag
W/"a26c205df8662e57e20b341d280ed736"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://staging.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Sat, 09 Mar 2024 08:36:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-kigq8000147-CHI
en-us.js
staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/ 		53 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/en-us.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
77.194.111.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
8156e978b8f902bb27d56d9baeb9f76f37fc4dbbc718f8d95a2bf9936d07b361
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:08 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 21:09:34 GMT
server
Apache
via
1.1 google
etag
"1a114a5-d3e6-5f901caaa5f80-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5096
jsp
ut.rd.linksynergy.com/ 		148 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
05fe385c93f0b73b4ff204b408ffdc68bc8b59d013e1fe5f521ed7974b40f745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Sat, 09 Mar 2024 08:36:08 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
4swZDWVp4C0QChiGUbrcTg==
content-length
1746
x-ms-lease-status
unlocked
last-modified
Tue, 14 Nov 2023 15:26:04 GMT
server
cloudflare
etag
0x8DBE5260423F079
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ea573590-201e-005a-26e3-715f64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc524c101d00-ORD
expires
Sun, 10 Mar 2024 08:36:08 GMT
st
st.dynamicyield.com/ 		115 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=plcmbyvqdl4ot3md68iqw68gnojt9icj&ref=&scriptVersion=2.29.0&isSesNew=true&dyid_server=
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0bfe55d3fde1a966d62ed02c7a11b0e982559733316bf7b1766b0c8681437bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:09 GMT
content-encoding
gzip
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-cache
x-amz-cf-id
CjRrrIiGH7HkD4enfCMakYlBOEyCl-BwHctlRGEvrlCnF6k3yda_Mg==
expires
Sat, 09 Mar 2024 08:36:08 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.137 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
18d1b370b94460a4cc0b6b03ac81cda1aba4db285000f52bc8e0f4b16d77c813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://staging.elfcosmetics.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8619bc56ba02104a-ORD
access-control-allow-headers
Content-Type
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Mar 2024 07:51:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2667
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Mar 2024 09:51:42 GMT
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21504235ef30af440d140ee42762c030b940a8d63bfa0227ca9a1a79892f640a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://staging.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
X-Braze-ContentCardsRequest
true

Response headers

date
Sat, 09 Mar 2024 08:36:09 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
de821b64-1034-4f1d-a2eb-7af27d95a2a3
x-served-by
cache-chi-kigq8000147-CHI
x-runtime
0.093387
etag
W/"21504235ef30af440d140ee42762c030"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1321239148.1709973369&url=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dma=0&npa=0&gtm=45He4360n81WL3STMXv896608294za220&au...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1321239148.1709973369&url=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dma=0&npa=0&gtm=45He4360n81WL3STMXv8966...
42 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1321239148.1709973369&url=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dma=0&npa=0&gtm=45He4360n81WL3STMXv896608294za220&auid=961490788.1709973369
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Server
142.250.65.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 08:36:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Mar 2024 08:36:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1321239148.1709973369&url=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dma=0&npa=0&gtm=45He4360n81WL3STMXv896608294za220&auid=961490788.1709973369
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://staging.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Sat, 09 Mar 2024 08:36:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-kigq8000147-CHI
local
www.sandbox.paypal.com/credit-presentment/experiments/ Frame 1D89 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.57.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=USD&vault=true&components=buttons,messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
22cea1edff4a085be60b55222623a0dfecb5fe0deccfa9abae870d36de94533e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://staging.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
57536
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1525
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Sat, 09 Mar 2024 08:36:09 GMT
edge-cache-tag
up-treatments-zoid
etag
W/"1479-gzKsDouP2RIhSCgVadwGtdYYsVk"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f54094341fa58
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc=gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
480
x-served-by
cache-chi-kigq8000151-CHI
x-timer
S1709973370.587325,VS0,VE1
x-xss-protection
1; mode=block
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202306.1.0/ 		404 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XJk1ZZTljtwHFT3qcIJg+w==
age
5526
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99599
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:36 GMT
server
cloudflare
etag
0x8DB82A15D413626
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc57defd2bfb-ORD
dy-coll-min.js
cdn.dynamicyield.com/scripts/2.29.0/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.dynamicyield.com/scripts/2.29.0/dy-coll-min.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-58.ewr53.r.cloudfront.net
Software
DYCDN /
Resource Hash
041fae481014a4280437ee1e028f934eadd7590e31f4050c18a57dc4ea7360b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 05:56:22 GMT
content-encoding
gzip
via
1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
last-modified
Sun, 18 Feb 2024 18:45:55 GMT
server
DYCDN
age
9588
x-amz-cf-pop
EWR53-C2
etag
W/"58c235d2bc97e4a30737cb5de9a6eedb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
link
<//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id
2alTvQ0-BewVeVhTnSyt6tVhPVEScADMou0EkvHjCtIgEKPElRz1Xw==
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=538284903&t=pageview&_s=1&dl=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dp=%2Fgated-login&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=1491306691&gjid=1640373810&cid=181074198.1709973370&tid=UA-432816-1&_gid=430927600.1709973370&_r=1&_slc=1&gtm=45He4360n81WL3STMXv896608294za220&gcs=G111&gcd=13t3t3t3t5&dma=0&z=1074786241
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.elfcosmetics.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 08:36:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://staging.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.paypal.com/sdk/ Frame 1D89 		417 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=USD&vault=true&components=buttons,messages
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.57.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fdcc11a9fefee24fc02615b55e8f1d314b8aff24f4b3b94a4e70c2f81d0035c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-KQr6B0DniE16fXERY8NH6U1AF2OKtvY/EuI3TGnlG0UZxXLI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sat, 09 Mar 2024 08:36:09 GMT
age
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f4908465965ca
server-timing
"traceparent;desc="00-0000000000000000000f4908465965ca-56d365722f4077ec-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
116579
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100036-CHI, cache-chi-klot8100036-CHI
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f4908465965ca-b667c6132f578d3e-01
x-timer
S1709973370.832109,VS0,VE4
etag
W/"1c763-wRQX9KdBdOfrR6qK5HvszGRmjco"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
en.json
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/fce1bc7f-b7cb-4383-a7e9-8430e48a01d7/ 		202 KB
36 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/fce1bc7f-b7cb-4383-a7e9-8430e48a01d7/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1b4e2a57de561424fb99aa43ef462868d58d9c205a38ae3f564c10266a4dbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
A+auRPWlNU8wck+viG1D2g==
content-length
36970
x-ms-lease-status
unlocked
last-modified
Tue, 14 Nov 2023 15:26:15 GMT
server
cloudflare
etag
0x8DBE5260AC67F7E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
412bc36f-d01e-003c-0af3-701044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc5978181d00-ORD
expires
Sun, 10 Mar 2024 08:36:09 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-432816-1&cid=181074198.1709973370&jid=1491306691&gjid=1640373810&_gid=430927600.1709973370&_u=YEBAAEAAAAAAACgAI~&z=302979414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.elfcosmetics.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 09 Mar 2024 08:36:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://staging.elfcosmetics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
staging.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_stg/oauth2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_stg/oauth2/token
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
dd5005468c4745fa4735d2932dc2fcf1216aebfa0a1a7976c9407fe8660d796f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://staging.elfcosmetics.com/gated-login
accept-language
en-US,en;q=0.9
x-pwa-request
true
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
x-correlation-id
8619bc5a9dc30606
cf-cache-status
DYNAMIC
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PHL50-C1
age
0
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1709931561-6512583573 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
x-cache
Miss from cloudfront
pragma
no-cache
x-ratelimit-1m-remaining
498, 1992307
x-ratelimit-1m-reset
49969, 49968
vary
Accept-Encoding, User-Agent
x-ratelimit-1m-limit
500, 2000000
content-type
application/json
cache-control
no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_stg/oauth2/token
x-yottaa-metrics
23214047a116/[137,124,-] 23D1cc8d5973/[-,139.716]
cf-ray
8619bc5a9dc30606-IAD
x-amz-cf-id
FKesOayxJ9aS07ywsdLd-a9ra8CCzuQ8fOcVjSH9zTomG2B8kT745A==
hash
www.sandbox.paypal.com/credit-presentment/experiments/ Frame 1D89 		40 B
724 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/credit-presentment/experiments/hash?device_id=uid_d56bb0c89e_mdg6mzy6mdk&disableSetCookie=true&features=disable-set-cookie
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.57.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4e33199bd49fbcafd61e21c3236dd32dd1ded3f64826e3de366d34c972dba8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.57.0&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Mar 2024 08:36:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS
paypal-debug-id
f64317414666d
server-timing
content-encoding;desc=gzip
content-length
57
x-xss-protection
1; mode=block
x-served-by
cache-chi-kigq8000151-CHI
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1709973370.969378,VS0,VE73
etag
W/"28-33RdIM65Ke5ZeilDeFm+CoDjz90"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0
loader.js
cdn.usehero.com/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.usehero.com/loader.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.88 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:28:18 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 07:56:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
474
x-amz-server-side-encryption
AES256
etag
W/"fbf714a58cbac38c0deea519667d9044"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
QJCginrjB8dMy_klItEa82nOkXL41FIZK0kX7SfJKJ0j7lKjD5zOPA==
destination
www.googletagmanager.com/gtag/ 		159 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10812184462&l=dataLayer&cx=c
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7430529451c9adba389d8774b6bba658688f496fe9d17c2a1fd109f8f4ec5ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61867
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 08:36:10 GMT
destination
www.googletagmanager.com/gtag/ 		216 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-698270988&l=dataLayer&cx=c
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ff9caa191eb310b3860d2976a89397fdefbb2158bf8b7862dafa084b36ab2838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79293
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 08:36:10 GMT
destination
www.googletagmanager.com/gtag/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
af2f08378ef4e4e670d47e83e29ea3053d13fbb6efc6476b2115dfe590c9dd9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71052
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 08:36:10 GMT
destination
www.googletagmanager.com/gtag/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ee9395d062677ea20275412c2fe6d97a5e72c2984aa62654eeebbe680aca8036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70999
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 08:36:10 GMT
destination
www.googletagmanager.com/gtag/ 		204 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-865242110&l=dataLayer&cx=c
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0ff14a44dcd91b512d741ae3eb4242c513eb85e0f300eb4c0c12be0cb9d282f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76252
x-xss-protection
0
last-modified
Sat, 09 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Mar 2024 08:36:10 GMT
scevent.min.js
sc-static.net/ 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.74.246 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
via
1.1 44bf771f8484aeae8f408da7ade14f32.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P5
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
19117
x-amz-cf-id
KnSAtuFpNSGXaVyD0shgEgLVbDMBXzfXqT7uyHB2cjKkfvO5lBfYAA==
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.36.84 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
x-cdn
fastly
etag
"d9d39f44b74d00726ec92710f4e4c69c"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1856
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Mar 2024 08:36:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1380, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
09tKnNn5sIsey2tEUE9BGWVTB101axtA5kgpTskltmedwADmBa5BHKN/cAciYrVcjVvyhPbvJLaq2vbvN0p8ew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 -, , ASN (),
Reverse DNS
Software
snooserv /
Resource Hash
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Feb 2024 20:38:48 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8702
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 09 Mar 2024 08:36:09 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6B0710E0C1BE47E3A17BCC295B316F0E Ref B: CHGEDGE1909 Ref C: 2024-03-09T08:36:10Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13280
sdk.js
analytics.tiktok.com/i18n/pixel/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRR4GA0I9JJBU29G8GF0
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.108 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
691f82546ec0ead026de2dfda41d461c30ee8692eefee36d172dcddec8118bb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-akamai-request-id
d251b57.b09bbede
date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2403090836100012D64661B1A78638C3-7BA8FC5C9D77AF22-00
x-cache
TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
x-parent-response-time
14,23.195.36.76
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=6, inner; dur=1
content-length
2525
pragma
no-cache
server
nginx
x-tt-logid
202403090836100012D64661B1A78638C3
x-cache-remote
TCP_MISS from a104-78-78-6.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,104.78.78.6
x-tt-trace-host
01f5c364a16a57a4eba2679c58516f393942d78d5bcfe015e8c2674f9716a67642300e3d82ec4085a6b1226c584581f302be705b7b46079ffe745a806b280007497074d92bd335e5e321720a7256699cc700454776aa9c05d94f2c77255488ce86725d5f75a67847c86e327e77f41dfb82
expires
Sat, 09 Mar 2024 08:36:10 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.108 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c7c803a6ee6d5fd8ac809bfb9e846f54e0a098c238c7c51ef8a7812299944181

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-akamai-request-id
b09bbedf
date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240309083610244EE9694ABDB99CBF7A-63D766AD2F57A0DD-00
x-cache
TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=243
pragma
no-cache
server
nginx
x-tt-logid
20240309083610244EE9694ABDB99CBF7A
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
243,23.195.36.76
x-tt-trace-host
01f5c364a16a57a4eba2679c58516f393942d78d5bcfe015e8c2674f9716a6764272a0163803af5e98e321968e965178b421f88db141101f804e0da219c351fc1bb402bcdf590fcab3c3456f991b6955d82ade3ffa22d01b0c674949ca65fa06ee
expires
Sat, 09 Mar 2024 08:36:10 GMT
widget.js
js.jebbit.com/companion/v1/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.47 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a938eea663af09f75118101cf9061107fbef7c4770d7d123c71e33c52c565139

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
R3KY_K4A_1J6MbzxdLc7TwnPZXsf4837
date
Fri, 08 Mar 2024 14:40:30 GMT
via
1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 21:57:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
64541
x-amz-server-side-encryption
AES256
etag
"cc4e73d84c409b310a274ca12ee462bc"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
45249
x-amz-cf-id
T-09bpKT-It_QxC3jbg8uJZNvJ8EddJK9l8GnparBRSjAPYQEnbvHg==
cnxtag-min.js
js.cnnx.link/roi/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:35:17 GMT
via
1.1 google, 1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
age
53
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=600
x-amz-cf-id
CQ7A6ORJBCjGyKahoJB5BE1CP1L9kaeG5yQJYb2C3l30Inv72J1KwA==
cnv
cnv.event.prod.bidr.io/log/
Redirect Chain
  • https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=dd1f684c-3795-4b6f-b27c-299050292b89&user_id=undefined&utm_source=undefined&utm_medium=undefined&utm_campaign=undefin...
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=1df98d73-30bd-4685-9d64-ed6c2d11237b.undefined&ord=8317323942511445364
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=1df98d73-30bd-4685-9d64-ed6c2d11237b.undefined&ord=8317323942511445364&_bee_ppp=1
43 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=1df98d73-30bd-4685-9d64-ed6c2d11237b.undefined&ord=8317323942511445364&_bee_ppp=1
Protocol
HTTP/1.1
Server
54.161.153.5 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 09 Mar 2024 08:36:11 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cnv.event.prod.bidr.io/log/cnv?tag_id=244&buzz_key=blisspoint&value=elfcosmetics&segment_key=&order=1df98d73-30bd-4685-9d64-ed6c2d11237b.undefined&ord=8317323942511445364&_bee_ppp=1
Date
Sat, 09 Mar 2024 08:36:11 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWE4ZTRjYjAtNGJmYy00MTJmLWI4ODQtNGY5NTA1ZmNlMWY4&gdpr=0&gdpr_consent=&ttd_tdid=9a8e4cb0-4bfc-412f-b884-4f950...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9a8e4cb0-4bfc-412f-b884-4f9505fce1f8&google_gid=CAESEFhd4KgXcYBJaIwjrVA2eqA&google_cver=1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9a8e4cb0-4bfc-412f-b884-4f9505fce1f8&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9a8e4cb0-4bfc-412f-b884-4f9505fce1f8
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D9a8e4cb0-4bfc-412f-b884-4f9505fce1f8
0
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=538284903&t=event&ni=1&_s=1&dl=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dp=%2Fgated-login&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEDAAEABAAAAACgAIAC~&jid=&gjid=&cid=181074198.1709973370&tid=UA-432816-1&_gid=430927600.1709973370&gtm=45He4360n81WL3STMXv896608294za220&gcs=G111&gcd=13t3t3t3t5&dma=0&z=1807389087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 21:27:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40126
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=538284903&t=event&ni=1&_s=1&dl=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dp=%2Fgated-login&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=50%25&_u=aEDAAEABAAAAACgAIAC~&jid=&gjid=&cid=181074198.1709973370&tid=UA-432816-1&_gid=430927600.1709973370&gtm=45He4360n81WL3STMXv896608294za220&gcs=G111&gcd=13t3t3t3t5&dma=0&z=1940167760
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 21:27:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40126
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=538284903&t=event&ni=1&_s=1&dl=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dp=%2Fgated-login&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=75%25&_u=aEDAAEABAAAAACgAIAC~&jid=&gjid=&cid=181074198.1709973370&tid=UA-432816-1&_gid=430927600.1709973370&gtm=45He4360n81WL3STMXv896608294za220&gcs=G111&gcd=13t3t3t3t5&dma=0&z=422099756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 21:27:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40126
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=538284903&t=event&ni=1&_s=1&dl=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&dp=%2Fgated-login&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=95%25&_u=aEDAAEABAAAAACgAIAC~&jid=&gjid=&cid=181074198.1709973370&tid=UA-432816-1&_gid=430927600.1709973370&gtm=45He4360n81WL3STMXv896608294za220&gcs=G111&gcd=13t3t3t3t5&dma=0&z=1448185748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2024 21:27:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40126
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=181074198.1709973370&jid=1491306691&_u=YEBAAEAAAAAAACgAI~&z=1243084403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.100 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 08:36:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5mNZducabMgxSDzBo+ZI8w==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:30 GMT
server
cloudflare
etag
0x8DB82A159AF8EA6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4d0fd434-c01e-00a6-1cf3-708e9d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc5c399d1d00-ORD
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sXFDxCJwbPEMIT/8f5Prwg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:33 GMT
server
cloudflare
etag
0x8DB82A15AFF8646
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
fa8d9a57-301e-009d-7088-71cb39000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc5c399e1d00-ORD
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
x-ms-lease-status
unlocked
last-modified
Wed, 12 Jul 2023 06:29:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b963b4bd-701e-00a3-1df3-705c46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8619bc5c39a01d00-ORD
sessions
staging.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://staging.elfcosmetics.com/gated-login
accept-language
en-US,en;q=0.9
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19zdGciLCJraWQiOiI2ODRiMGRiNi00NzMxLTQ1ODQtYWE1NC1lNTJiMDdlM2I4ODciLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19zdGc6OnNjaWQ6MzA0ZjQ2ZTUtNzM3OC00Mjg0LWJmOGQtYTEwYjk0Y2E3YWYxOjp1c2lkOmViMDNkYjdlLWIyNjUtNDMxMi1iZGEwLTc3NDcwZmY3YTg1NiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19zdGciLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19zdGciLCJuYmYiOjE3MDk5NzMzNDAsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVnVWswcEdsMHNSd0hnMGxxWVlrWGNXOjpjaGlkOiAiLCJleHAiOjE3MDk5NzUxNzAsImlhdCI6MTcwOTk3MzM3MCwianRpIjoiQzJDMTk1MTY2NDEzNDAtNDI0NjM0OTU1MTMwMDYwNTIwMjM1NDE1MSJ9.v9zCU0tm47t1PYmRM0Lr45By7D8UxvGR3G5Q7wSxp10llHm7dag10I797JZZlMhvBmGlDucUrxhpvGtZpr5kAQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
0
x-yottaa-optimizations
ob/0 si/23D1cc8d5973-1709931561-6512583575 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
pragma
no-cache
allow
OPTIONS,POST
access-control-allow-origin
https://staging.elfcosmetics.com
access-control-expose-headers
etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics
23214047a14e/[278,266,-] 23D1cc8d5973/[-,280.154]
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-proxy-request-url
https://staging-na01-elfcosmetics.demandware.net/s/elf-us/dw/shop/v21_3/sessions
accept-ranges
bytes
x-dw-request-base-id
CI99inof7GWgAAAK
x-amz-cf-id
ux6Uxr9uLGG8fZ9wLANFRH4XrUPo7tqKy7qGEOnscmBhr18dlLpSEg==
x-yottaa-os
204
expires
Thu, 01 Dec 1994 16:00:00 GMT
shoppercontext
staging.elfcosmetics.com/api/v1/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://staging.elfcosmetics.com/gated-login
accept-language
en-US,en;q=0.9
authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19zdGciLCJraWQiOiI2ODRiMGRiNi00NzMxLTQ1ODQtYWE1NC1lNTJiMDdlM2I4ODciLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19zdGc6OnNjaWQ6MzA0ZjQ2ZTUtNzM3OC00Mjg0LWJmOGQtYTEwYjk0Y2E3YWYxOjp1c2lkOmViMDNkYjdlLWIyNjUtNDMxMi1iZGEwLTc3NDcwZmY3YTg1NiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19zdGciLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19zdGciLCJuYmYiOjE3MDk5NzMzNDAsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVnVWswcEdsMHNSd0hnMGxxWVlrWGNXOjpjaGlkOiAiLCJleHAiOjE3MDk5NzUxNzAsImlhdCI6MTcwOTk3MzM3MCwianRpIjoiQzJDMTk1MTY2NDEzNDAtNDI0NjM0OTU1MTMwMDYwNTIwMjM1NDE1MSJ9.v9zCU0tm47t1PYmRM0Lr45By7D8UxvGR3G5Q7wSxp10llHm7dag10I797JZZlMhvBmGlDucUrxhpvGtZpr5kAQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
application/json

Response headers

date
Sat, 09 Mar 2024 08:36:11 GMT
via
1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amzn-remapped-content-length
114
x-amz-cf-pop
PHL50-C1
age
0
x-amzn-remapped-connection
close
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1709931561-6512583576 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
x-amzn-requestid
bc65ab0b-63a2-4cf7-b532-bd54fcce86f1
x-cache
Miss from cloudfront
x-amz-apigw-id
UWnbMGrWoAMEAcA=
content-length
108
etag
W/"72-HgdmTgyCF/DQfqnMU3u+4UstAzI"
x-amzn-trace-id
Root=1-65ec1f7a-194a3a2463fb75a7316d2a2f;Parent=1d78e919e7dc8751;Sampled=0;lineage=9c7ef881:0
content-type
application/json; charset=utf-8
x-yottaa-os
200
x-yottaa-metrics
23214047a15e/[824,811,-] 23D1cc8d5973/[-,827.729]
x-amzn-remapped-date
Sat, 09 Mar 2024 08:36:10 GMT
x-amz-cf-id
Toqbnb0xldjbOQW70J2rHeZers7SEVnmG5wq-xc4GtVX4Gjb5gYDSA==
geo-ip
staging.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		83 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=181.215.172.72
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.elfcosmetics.com/gated-login
x-dw-client-id
304f46e5-7378-4284-bf8d-a10b94ca7af1
accept-language
en-US,en;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
application/json

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
age
0
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1709931561-6512583578 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
content-length
91
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://staging-na01-elfcosmetics.demandware.net/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=181.215.172.72
accept-ranges
bytes
x-dw-request-base-id
CI9-inof7GWgAAAK
x-amz-cf-id
hQyzYDeJnKAZgdSmKpwWK1keYY4deK3sSBd_l6I2f_UbebLn6-Z22w==
x-yottaa-metrics
23214047a162/[254,243,-] 23D1cc8d5973/[-,257.081]
geo-ip
staging.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 		83 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=181.215.172.72
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.elfcosmetics.com/gated-login
x-dw-client-id
304f46e5-7378-4284-bf8d-a10b94ca7af1
accept-language
en-US,en;q=0.9
x-pwa-request
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
application/json

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
age
0
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1709931561-6512583579 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
x-dw-version-status
obsolete
x-cache
Miss from cloudfront
content-length
91
allow
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os
200
x-proxy-request-url
https://staging-na01-elfcosmetics.demandware.net/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=181.215.172.72
accept-ranges
bytes
x-dw-request-base-id
CI9_inof7GWgAAAK
x-amz-cf-id
ZXETLQPa9k9-1ay4u1kTCunHewWIs8mqwDFOKiDGaTiCgVTM068evw==
x-yottaa-metrics
23214047a163/[150,138,-] 23D1cc8d5973/[-,153.561]
baskets
staging.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_stg/customers/abxugUk0pGl0sRwHg0lqYYkXcW/ 		11 B
822 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://staging.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_stg/customers/abxugUk0pGl0sRwHg0lqYYkXcW/baskets?siteId=elf-us
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.89.115 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.elfcosmetics.com/gated-login
accept-language
en-US,en;q=0.9
x-pwa-request
true
Authorization
Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19zdGciLCJraWQiOiI2ODRiMGRiNi00NzMxLTQ1ODQtYWE1NC1lNTJiMDdlM2I4ODciLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19zdGc6OnNjaWQ6MzA0ZjQ2ZTUtNzM3OC00Mjg0LWJmOGQtYTEwYjk0Y2E3YWYxOjp1c2lkOmViMDNkYjdlLWIyNjUtNDMxMi1iZGEwLTc3NDcwZmY3YTg1NiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19zdGciLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19zdGciLCJuYmYiOjE3MDk5NzMzNDAsInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFieHVnVWswcEdsMHNSd0hnMGxxWVlrWGNXOjpjaGlkOiAiLCJleHAiOjE3MDk5NzUxNzAsImlhdCI6MTcwOTk3MzM3MCwianRpIjoiQzJDMTk1MTY2NDEzNDAtNDI0NjM0OTU1MTMwMDYwNTIwMjM1NDE1MSJ9.v9zCU0tm47t1PYmRM0Lr45By7D8UxvGR3G5Q7wSxp10llHm7dag10I797JZZlMhvBmGlDucUrxhpvGtZpr5kAQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
x-correlation-id
8619bc5e79e3391a
dnt
0
cf-cache-status
DYNAMIC
via
1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
age
0
x-yottaa-optimizations
ob/1000 si/23D1cc8d5973-1709931561-6512583577 tts/1697227753139 ti/629795984f1bbfe5b0a5fd03 ai/629795974f1bbfe5b0a5fc9d tm/0
content-encoding
gzip
x-cache
Miss from cloudfront
content-length
37
allow
GET,HEAD,OPTIONS
x-ratelimit-remaining
999
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=0,no-cache,no-store
x-yottaa-os
200
x-proxy-request-url
https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_stg/customers/abxugUk0pGl0sRwHg0lqYYkXcW/baskets?siteId=elf-us
x-ratelimit-limit
99999
accept-ranges
bytes
cf-ray
8619bc5e79e3391a-IAD
x-amz-cf-id
HC8jljt-e8v1dQccYjoJ4V0Z5ZGRxk_BcHhq0YxluX8AnZmnjWnH-w==
x-yottaa-metrics
23214047a161/[289,273,-] 23D1cc8d5973/[-,292.361]
t2_16331p_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 -, , ASN (),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1709973370552&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=4741f75c-907b-41bc-a03c-e6e6419905bc&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_c9439d84&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
main.cb6ceab7.js
s.pinimg.com/ct/lib/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.36.84 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
x-cdn
fastly
etag
"df5cf5cb5de352dc30a944e95eca73e1"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
18542
/
www.googleadservices.com/pagead/conversion/698270988/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/698270988/?random=1709973370613&cv=11&fst=1709973370613&bg=ffffff&guid=ON&async=1&gtm=45be4360v9167704557z8896608294za201&gcs=G111&gcd=13v3v3v3u5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=961490788.1709973369&uamb=0&uaw=0&fdr=SA&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1697
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger
www.sandbox.paypal.com/xoplatform/logger/api/ Frame 1D89 		0
0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/mobify/bundle/10488/vendor.js?yocs=8_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75bb9551ebc1f7f85b2deba04274ad587c788cf483a7c5737ed71ffcd4c6f38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
23316cb7-f57f-4f14-a7d3-8bed8ca921f5
X-Braze-DataRequest
true
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://staging.elfcosmetics.com/
X-Requested-With
XMLHttpRequest
X-Braze-ContentCardsRequest
true

Response headers

date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
b6132187-18d1-40f2-a6bc-a6e8602e480f
x-served-by
cache-chi-kigq8000147-CHI
x-runtime
0.105610
etag
W/"75bb9551ebc1f7f85b2deba04274ad58"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://staging.elfcosmetics.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Sat, 09 Mar 2024 08:36:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-kigq8000147-CHI
main.MTE2NjEzZWI4MA.js
analytics.tiktok.com/i18n/pixel/static/ 		402 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE2NjEzZWI4MA.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.108 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-akamai-request-id
b09bc6bb
date
Sat, 09 Mar 2024 08:36:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240308132518EC39FBD77925BA3E1FDA
x-tt-trace-id
00-240308132518EC39FBD77925BA3E1FDA-424AEE4B120A6DA2-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b47782f5b6fc8b47bb1f590bb1a2a5029f444ce0652ca183e66d851d09be5eec212a6c8a5f46a381cb023f8ad5e72982b0772ffe2e2bb83964bfb31414175920be628938facd1d84b869ba92c1f8aad8d781de25bf7624b557fa0b9d7cb6cd91
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
108988
5013978.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5013978.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sat, 09 Mar 2024 08:36:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BFB2E99523E2445591A3CBF7CB823F35 Ref B: CHGEDGE1909 Ref C: 2024-03-09T08:36:10Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=afe088ff-6efe-41fe-80ae-4e0695e8a75c&sid=14e12ec0ddf011eeab5af5907920ead5&vid=14e187c0ddf011eebeed2b2b334cf3aa&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&r=&lt=17638&evt=pageLoad&sv=1&rn=252657
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Mar 2024 08:36:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7B3E89D09DB74597BB935A8DAECDFC25 Ref B: CHGEDGE1909 Ref C: 2024-03-09T08:36:10Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
display
api.usehero.com/webplugin/ 		189 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&state=untouched&outboundFeature=
Requested by
Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.179.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
klarna-correlation-id
8ee7a7d0-6878-4e03-a80e-726bf6e4bc0b
cross-origin-resource-policy
same-origin
x-geo-longitude
-87.75960
pragma
no-cache
referrer-policy
same-origin
etag
W/"bd-nJMKMRvOmGMinT1a7rVKKzNRYec"
x-frame-options
SAMEORIGIN
x-geo-zip
60630
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude
41.97200
x-accuracy
500
expires
0
date
Sat, 09 Mar 2024 08:36:11 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
x-time-zone
America/Chicago
x-envoy-upstream-service-time
12
content-length
189
x-xss-protection
0
x-request-id
8ee7a7d0-6878-4e03-a80e-726bf6e4bc0b
cross-origin-opener-policy
same-origin
x-download-options
noopen
x-country
US
x-geo-city
Chicago
1638306756445368
connect.facebook.net/signals/config/ 		64 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1638306756445368?v=2.9.148&r=stable&domain=staging.elfcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 09 Mar 2024 08:36:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=61, mss=1380, tbw=62448, tp=-1, tpl=-1, uplat=42, ullat=0
pragma
public
x-fb-debug
VxDu2oSC5I0PQxe/geUoi2wpoTAfJm3QpG7vALFyWwS/07aZm/fB9WLhh2gyYNbsyI40CB3YvCWGRFHn5YvhhQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
i.js
tag.wknd.ai/4142/ 		18 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/4142/i.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:33:18 GMT
content-encoding
gzip
via
1.1 google
age
173
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5763
server
istio-envoy
etag
754c46055c34a2
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
widget.css
js.jebbit.com/companion/v1/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.jebbit.com/companion/v1/widget.css
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.47 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
rlLQSdBm9ZTNXvLaketZ1ik.75AdGtXG
date
Fri, 08 Mar 2024 23:57:34 GMT
via
1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 21:57:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
31117
x-amz-server-side-encryption
AES256
etag
"de1b72e797664b9b2c2139e5ccb24844"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
15521
x-amz-cf-id
WI2_-P5rFTQaDzNn9c4Zy_1bxfXJ2j1ETKE-H6_6UQ5ytV7U8BHdag==
launcher_configs
external-api.jebbit.com/moments/v2/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZzdGFnaW5nLmVsZmNvc21ldGljcy5jb20lMkZnYXRlZC1sb2dpbg==&completedLightboxCampaigns=W10=&jebbitCookies=
Requested by
Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.135.46 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 08:36:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options
noopen
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://staging.elfcosmetics.com
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
0
activityi;dc_pre=CIP-85rj5oQDFYjLwgQd-VUIrQ;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login;pscdl=n...
10742279.fls.doubleclick.net/ Frame 6277
Redirect Chain
  • https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login;pscd...
  • https://10742279.fls.doubleclick.net/activityi;dc_pre=CIP-85rj5oQDFYjLwgQd-VUIrQ;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.e...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10742279.fls.doubleclick.net/activityi;dc_pre=CIP-85rj5oQDFYjLwgQd-VUIrQ;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.38 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
323
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Mar 2024 08:36:11 GMT
expires
Sat, 09 Mar 2024 08:36:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Mar 2024 08:36:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10742279.fls.doubleclick.net/activityi;dc_pre=CIP-85rj5oQDFYjLwgQd-VUIrQ;src=10742279;type=elf8j0;cat=glo_flap;ord=4159175346306;npa=1;auiddc=961490788.1709973369;u1=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CJj1-Zrj5oQDFRMQrQYdim0H2Q;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefined;u12=undefined;u8=undefined;pscdl=...
9231397.fls.doubleclick.net/ Frame E292
Redirect Chain
  • https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefined;u12=undefined;u8=undefined;pscd...
  • https://9231397.fls.doubleclick.net/activityi;dc_pre=CJj1-Zrj5oQDFRMQrQYdim0H2Q;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefin...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9231397.fls.doubleclick.net/activityi;dc_pre=CJj1-Zrj5oQDFRMQrQYdim0H2Q;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.38 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.elfcosmetics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
390
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Mar 2024 08:36:11 GMT
expires
Sat, 09 Mar 2024 08:36:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Mar 2024 08:36:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9231397.fls.doubleclick.net/activityi;dc_pre=CJj1-Zrj5oQDFRMQrQYdim0H2Q;src=9231397;type=retarget;cat=globa0;ord=795859702883;npa=1;auiddc=961490788.1709973369;u6=%2Fgated-login;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45fe4360z8896608294za201;gcs=G111;gcd=13v3v3v3u5;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
main.MTE2NjEzZWI4MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		421 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE2NjEzZWI4MQ.js
Requested by
Host: staging.elfcosmetics.com
URL: https://staging.elfcosmetics.com/gated-login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.108 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-akamai-request-id
b09bcefd
date
Sat, 09 Mar 2024 08:36:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240308132517B15BDCF1AAC49B443D3B
x-tt-trace-id
00-240308132517B15BDCF1AAC49B443D3B-608F28D5716D9E09-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010b2bb5bbc6f1b90d95b7990ba05c3cfe1f784be1a9e9882213af6cef0f4e8ff1d0ddc6c41bbd60601cfa07bdc72ae7f278fb397be6990be9e463bf08e0b28a1170d2b9c1f27fa2c9dbb4cce773bdc096ca0d7403da897fcfcd60253f1f04fdc3
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=20
content-length
113696
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
sdk.js
analytics.tiktok.com/i18n/pixel/ 		0
0
bat.js
bat.bing.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		0
0
scevent.min.js
sc-static.net/ 		0
0
destination
www.googletagmanager.com/gtag/ 		0
0
destination
www.googletagmanager.com/gtag/ 		0
0
destination
www.googletagmanager.com/gtag/ 		0
0
destination
www.googletagmanager.com/gtag/ 		0
0
destination
www.googletagmanager.com/gtag/ 		0
0
loader.js
cdn.usehero.com/ 		0
0
analytics.js
www.google-analytics.com/ 		0
0
st
st.dynamicyield.com/ 		0
0
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
85914
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 20:52:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ffdfea60-401e-0097-3515-716f8e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8619bc63bc3d2bfb-ORD
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		0
0
px
secure.adnxs.com/ 		0
0
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.elfcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Mar 2024 08:36:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
33782
content-length
4036
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 20:52:33 GMT
server
cloudflare
etag
0x8DC3EE883601794
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d3e6e35b-e01e-00a1-2330-71e2fe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8619bc63fc522bfb-ORD
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		0
0
c69c204f-fba0-4685-aea8-ad32f799fa5d.js
tr.snapchat.com/config/com/ 		0
0
i
tr.snapchat.com/cm/ Frame 333F 		0
0
p
tr.snapchat.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/
Domain
cdn-fsly.yottaa.net
URL
https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D9a8e4cb0-4bfc-412f-b884-4f9505fce1f8
Domain
www.sandbox.paypal.com
URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRR4GA0I9JJBU29G8GF0
Domain
bat.bing.com
URL
https://bat.bing.com/bat.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
sc-static.net
URL
https://sc-static.net/scevent.min.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/destination?id=AW-865242110&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/destination?id=AW-698270988&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/destination?id=AW-10812184462&l=dataLayer&cx=c
Domain
cdn.usehero.com
URL
https://cdn.usehero.com/loader.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
st.dynamicyield.com
URL
https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=plcmbyvqdl4ot3md68iqw68gnojt9icj&ref=&scriptVersion=2.29.0&isSesNew=true&dyid_server=
Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2
Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Domain
tr.snapchat.com
URL
https://tr.snapchat.com/config/com/c69c204f-fba0-4685-aea8-ad32f799fa5d.js?v=3.12.0-2402271815
Domain
tr.snapchat.com
URL
https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=c2834a57-0f77-4796-8907-7125b0f7784e&u_sclid=fad2a177-c902-4899-ad51-690c368b1579
Domain
tr.snapchat.com
URL
https://tr.snapchat.com/p?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&ev=PAGE_VIEW&intg=gtm&pids=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_c1=5c6ebe15-09a0-4e9c-bcf6-ce94f8d12692&u_sclid=fad2a177-c902-4899-ad51-690c368b1579&u_scsid=c2834a57-0f77-4796-8907-7125b0f7784e&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=10812&m_fcps=10844&m_pi=10812&m_pl=17638&m_pv=2&m_rd=19177&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fstaging.elfcosmetics.com%2Fgated-login&trackId=8cdf5436-df62-4c96-8046-2202c50fee2e&ts=1709973371513&v=3.12.0-2402271815

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| $jscomp function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike boolean| domCompleteTriggered function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime function| _ function| applyFocusVisiblePolyfill object| __CONFIG__ string| __DEVICE_TYPE__ object| __PRELOADED_STATE__ object| Progressive boolean| __HYDRATING__ object| dataLayer boolean| rakutenDataLayer object| DataLayer boolean| BRAZE_SETUP_COMPLETE boolean| otSPAPathChange boolean| otIsInitialized boolean| otBlockOptOutInitReload function| OptanonWrapper object| DYcustom string| AppsFlyerSdkObject function| AF object| ogJsonpFunction object| OG function| ___rmuid object| ___RMCMPW object| DYExps object| DY object| OneTrustStub object| DYO function| DYID object| contextManager object| DYJSON object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| AF_cleanupMethods object| AF_SDK object| __post_robot_11_0_0___uid_ruynxsybvgsiedjkymcvvfzhtpxrhw object| paypal object| __zoid_10_3_3___uid_ruynxsybvgsiedjkymcvvfzhtpxrhw

11 Cookies

Domain/Path Name / Value
staging.elfcosmetics.com/ Name: initAuthComplete
Value: true
.elfcosmetics.com/ Name: ab.storage.sessionId.23316cb7-f57f-4f14-a7d3-8bed8ca921f5
Value: %7B%22g%22%3A%22f683c890-66a7-58d7-476d-83ae89dac750%22%2C%22e%22%3A1709975167683%2C%22c%22%3A1709973367683%2C%22l%22%3A1709973367683%7D
.elfcosmetics.com/ Name: ab.storage.deviceId.23316cb7-f57f-4f14-a7d3-8bed8ca921f5
Value: %7B%22g%22%3A%220d180d87-c755-c687-5efd-f32922454f77%22%2C%22c%22%3A1709973367690%2C%22l%22%3A1709973367690%7D
.elfcosmetics.com/ Name: og_session_id
Value: 1e72a9589c4f11e9a62ebc764e10b970.8926.1709973368
.elfcosmetics.com/ Name: rmStore
Value: dmid:9097
.linksynergy.com/ Name: rmuid
Value: 66376b30-7910-4f12-8961-122fcba4d5cd
.elfcosmetics.com/ Name: _dyjsession
Value: plcmbyvqdl4ot3md68iqw68gnojt9icj
.elfcosmetics.com/ Name: dy_fs_page
Value: staging.elfcosmetics.com%2Fgated-login
.elfcosmetics.com/ Name: _dy_csc_ses
Value: plcmbyvqdl4ot3md68iqw68gnojt9icj
.elfcosmetics.com/ Name: _dy_c_exps
Value:
.elfcosmetics.com/ Name: _gcl_au
Value: 1.1.961490788.1709973369

34 Console Messages

Source Level URL
Text
security error URL: https://staging.elfcosmetics.com/gated-login(Line 290)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/ from frame with URL https://staging.elfcosmetics.com/gated-login. Domains, protocols and ports must match.
security error URL: https://staging.elfcosmetics.com/gated-login(Line 290)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/ from frame with URL https://staging.elfcosmetics.com/gated-login. Domains, protocols and ports must match.
security error URL: https://staging.elfcosmetics.com/gated-login(Line 290)
Message:
Unsafe attempt to load URL https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/ from frame with URL https://staging.elfcosmetics.com/gated-login. Domains, protocols and ports must match.
javascript error URL: https://staging.elfcosmetics.com/gated-login
Message:
Access to image at 'https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=8_' from origin 'https://staging.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-fsly.yottaa.net/629795984f1bbfe5b0a5fda1/staging.elfcosmetics.com/v~4b.6/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=8_
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://staging.elfcosmetics.com/gated-login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
alb.reddit.com
analytics.tiktok.com
api.ipify.org
api.usehero.com
bat.bing.com
cdn-fsly.yottaa.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.usehero.com
cnv.event.prod.bidr.io
connect.facebook.net
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
js.cnnx.link
js.jebbit.com
pixel.pointmediatracker.com
s.pinimg.com
sc-static.net
sdk.iad-05.braze.com
secure.adnxs.com
st.dynamicyield.com
staging.elfcosmetics.com
staging.static.ordergroove.com
stats.g.doubleclick.net
tag.rmp.rakuten.com
tag.wknd.ai
tr.snapchat.com
ut.rd.linksynergy.com
websdk.appsflyer.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.redditstatic.com
www.sandbox.paypal.com
analytics.tiktok.com
bat.bing.com
cdn-fsly.yottaa.net
cdn.cookielaw.org
cdn.usehero.com
connect.facebook.net
ib.adnxs.com
sc-static.net
secure.adnxs.com
st.dynamicyield.com
tr.snapchat.com
www.google-analytics.com
www.googletagmanager.com
www.sandbox.paypal.com
104.18.131.236
104.18.32.137
108.138.106.88
108.138.128.47
108.138.128.71
13.107.21.200
13.226.34.58
142.250.65.174
142.250.65.226
142.250.80.100
142.250.80.38
142.251.40.136
142.251.41.2
151.101.129.21
151.101.130.133
151.101.65.140
172.253.63.155
172.67.74.152
18.238.74.246
199.232.36.84
204.141.89.115
23.20.179.111
23.40.179.40
23.48.224.108
31.13.71.7
34.102.147.248
34.111.194.77
34.120.253.250
34.98.67.3
35.170.135.46
44.215.15.158
54.161.153.5
54.230.163.108
041fae481014a4280437ee1e028f934eadd7590e31f4050c18a57dc4ea7360b3
05fe385c93f0b73b4ff204b408ffdc68bc8b59d013e1fe5f521ed7974b40f745
08d8ff92f84da0eb475f02e16ce6fed60cce8ffbb7e4b0b04ad72dc373ce55dc
0fa295c05c5e6929d1ec1c79bafad9472084569d81bdd2c5bf5798edf5060d9f
0ff14a44dcd91b512d741ae3eb4242c513eb85e0f300eb4c0c12be0cb9d282f0
18d1b370b94460a4cc0b6b03ac81cda1aba4db285000f52bc8e0f4b16d77c813
1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43
21504235ef30af440d140ee42762c030b940a8d63bfa0227ca9a1a79892f640a
22cea1edff4a085be60b55222623a0dfecb5fe0deccfa9abae870d36de94533e
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
3ebf89e1d97e200a74d3d601875d13d715e3f13b33facf24fee5aa451012772f
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
691f82546ec0ead026de2dfda41d461c30ee8692eefee36d172dcddec8118bb8
70bdc4ce00b2eb00c1a727f997e22289fe153af79db01d1fe41c9ddf93baea68
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
7430529451c9adba389d8774b6bba658688f496fe9d17c2a1fd109f8f4ec5ade
75bb9551ebc1f7f85b2deba04274ad587c788cf483a7c5737ed71ffcd4c6f38c
7fdcc11a9fefee24fc02615b55e8f1d314b8aff24f4b3b94a4e70c2f81d0035c
8156e978b8f902bb27d56d9baeb9f76f37fc4dbbc718f8d95a2bf9936d07b361
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8653a0c7f767af6a33dca8f79c269a6b17d4a51c51122cebaccc4a40e955470e
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
8b4baed685e61c19084227c70d48e2795b3df77fa784767ad956f35ac73fa358
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
a26c205df8662e57e20b341d280ed736901184cb8eee0d889b35dce51778a73e
a938eea663af09f75118101cf9061107fbef7c4770d7d123c71e33c52c565139
ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2f08378ef4e4e670d47e83e29ea3053d13fbb6efc6476b2115dfe590c9dd9b
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b45c29085ffe1b91b50e9ab25974acff9ba250d83a23ee86d13aecaf33eebb69
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c48476ffd21ed753a90b11db277894d1c3f1bf60a2cc735abfbe1db237cdafe0
c59c525cdc75efe0cb7772bcdcb55821372d9ab5287399fda37b1b15ff0123b6
c7c803a6ee6d5fd8ac809bfb9e846f54e0a098c238c7c51ef8a7812299944181
cf1b4e2a57de561424fb99aa43ef462868d58d9c205a38ae3f564c10266a4dbc
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5005468c4745fa4735d2932dc2fcf1216aebfa0a1a7976c9407fe8660d796f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ecbe4874e1fffc1b68bdde370b903049a04348a826b580029690120cd771a4cd
ee9395d062677ea20275412c2fe6d97a5e72c2984aa62654eeebbe680aca8036
eeb769c2cc8ce7218095a7d42611a1b0332695769b809cddfea442851083d8cc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bfe55d3fde1a966d62ed02c7a11b0e982559733316bf7b1766b0c8681437bb
fc4e33199bd49fbcafd61e21c3236dd32dd1ded3f64826e3de366d34c972dba8
fd749c4984673c0350696a15a5a04c06103de48b3595afe19eef114abd062e09
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616
ff9caa191eb310b3860d2976a89397fdefbb2158bf8b7862dafa084b36ab2838