frca-development.elfcosmetics.com Open in urlscan Pro
44.195.117.56  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&response_type=code&client_id=bc4b91c6-6960-4cb9-b44d-33cc7dfe679b&hint=guest&channel_id=elf-us&code_challenge=drc2C13XfOuccE8qnQs472Mb9msFhOB7zTHnGcoB968 HTTP 303
• https://frca-development.elfcosmetics.com/callback?usid=99bacc06-d93e-47e8-9826-52ece678c787&code=S0FKfQ1h8OnRPtr0D2iBgKGKergR_Xg1h9k7-ZgABnQ

Request Chain 29

• https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2

Request Chain 31

• https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2

Request Chain 33

• https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=2017378103.1713869151&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He44h0n81WL3STMXv896608294za200&auid=1452241516.1713869151 HTTP 302
• https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=2017378103.1713869151&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He44h0n81WL3STMXv896608294za200&auid=1452241516.1713869151

Request Chain 76

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=4803126543045;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLDU04-U2IUDFagPogMduVULzA;type=elf8j0;cat=glo_flhp;ord=4803126543045;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com

Request Chain 77

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=828907541515;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMnR04-U2IUDFR0LogMds_QMKQ;type=elf8j0;cat=glo_flap;ord=828907541515;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com

Request Chain 79

• https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=5869768218379;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CNXY04-U2IUDFfkbogMdO-YBMA;type=conte0;cat=homep0;ord=5869768218379;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com

Request Chain 96

• https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=1223757253880;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CNmh3I-U2IUDFcweogMdjiABzw;type=retarget;cat=globa0;ord=1223757253880;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response frca-development.elfcosmetics.com/	788 KB 213 KB	14298ms 14031ms	Document text/html	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash ba624d850422f593f9fa2d0c9f7df5d42e36cc9c29063989beef5bf8911c2a64 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 0 alt-svc h3=":443"; ma=86400 cache-control public, must-revalidate, s-maxage=900 content-encoding gzip content-language fr-CA content-type text/html; charset=utf-8 date Tue, 23 Apr 2024 10:45:47 GMT strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding Accept-Encoding via 1.1 4a131d14342c4d4b1feadf6574ec0876.cloudfront.net (CloudFront) x-amz-apigw-id WrOkXF60IAMEMwg= x-amz-cf-id 2o0fUS6zq4IgKcqP5nLstKHesE2kSLzDlNf8X1Xklf3vIX3sT8iHnQ== x-amz-cf-pop DFW56-P2 x-amzn-remapped-connection close x-amzn-remapped-content-length 689074 x-amzn-remapped-date Tue, 23 Apr 2024 10:45:47 GMT x-amzn-requestid a8308f5f-7261-438f-91d9-32e6a2faadea x-amzn-trace-id Root=1-6627914d-167c709e64efb615116f59e9;Parent=7b5df2ce018de06f;Sampled=0;lineage=0483b39b:0 x-cache Miss from cloudfront x-server Smartling x-sl-norewrite 1 x-sl-notranslate 1 x-yottaa-metrics 3221a5fec665/[13503,13433,-] 32D1a5fec6d3/[-,13596.799] x-yottaa-optimizations ob/1000000000001000 si/32D1a5fec6d3-1713544935-6851096548 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-yottaa-os 200
GET H2	200	sl-tran-a8aa72de7-fr-CA.js Show response pinchjs-cdn.gdn.smartling.com/	2 MB 2 MB	548ms 491ms	Script application/javascript	2600:9000:26da:d400:1b:8846:8500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pinchjs-cdn.gdn.smartling.com/sl-tran-a8aa72de7-fr-CA.js Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:d400:1b:8846:8500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4178714d8a131c5a45e05a5fc1d4c574774e84308e9b9115196dbb67975a6927 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:49 GMT x-amz-version-id null x-amz-meta-sl-checksum 2410199b-3729056159 last-modified Mon, 22 Apr 2024 22:59:09 GMT server AmazonS3 content-encoding gzip x-amz-cf-pop MUC50-P4 etag W/"67108dd27676c97af7aa10865f5a6cca" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) alt-svc h3=":443"; ma=86400 x-amz-cf-id LO-DFguSrRwc6BAcFV3sGGRvF92f3Cs9PcQkdAODzhyFVUUQuQmAOg==
GET H2	200	sl-init.js Show response pinchjs-cdn.gdn.smartling.com/	101 KB 26 KB	65ms 8ms	Script application/javascript	2600:9000:26da:d400:1b:8846:8500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pinchjs-cdn.gdn.smartling.com/sl-init.js Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:d400:1b:8846:8500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1ef15a65970dc22da3737453aedf3aa83a0d5c5613530480b61d093d7d94c0d0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id null content-encoding gzip via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) date Tue, 23 Apr 2024 08:17:51 GMT last-modified Mon, 22 Apr 2024 08:08:07 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 9440 x-amz-server-side-encryption AES256 etag W/"6d80bbc3a8a873f15d6db8076063162b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript alt-svc h3=":443"; ma=86400 x-amz-cf-id KyVBJESnlWoSiJK6r4gO5D4pHwdgIx-yWlO8r8JKtgJzuob9Vs_mhQ==
GET H2	200	HP_elfskin_D cdn.media.amplience.net/i/elfcosmetics/	55 KB 55 KB	169ms 35ms	Image image/jpeg	2a02:26f0:3100::1735:2b10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/HP_elfskin_D Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Unknown / Resource Hash c067a5b1a684b31b4746099eb1e77c3a0f73d34905d03e2bee237baa201acc1e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:48 GMT x-content-type-options nosniff x-amp-srv A cache-tag TdTf4OJYK,l4p5bDg2e,AkAROO-Ee,k4NPUWi7z x-req-id BADslLpzE- content-length 56343 x-xss-protection 1; mode=block x-amp-source-height 420 server Unknown x-frame-options DENY x-amp-source-width 1600 access-control-allow-origin * content-type image/jpeg cache-control max-age=1190, s-maxage=86400 accept-ranges bytes x-amp-published Sun, 30 Apr 2023 20:25:48 GMT
GET H2	200	vendor.js Show response frca-development.elfcosmetics.com/mobify/bundle/11135/	2 MB 621 KB	608ms 608ms	Script application/javascript	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 041a97d23f168177a47a3d4b61dc317af59431cd3564b6dbd6e8082b655786f0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:48 GMT via 1.1 affc2fdf5df0fb7bfb7e10bab49bc714.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop SFO20-C1 age 44424 x-yottaa-optimizations ob/1001 si/25D1cc0285ed-1713544934-5690979599 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Hit from cloudfront x-sl-norewrite 1 x-amz-meta-deploy 734673 alt-svc h3=":443"; ma=86400 x-amz-meta-bundle 11135 x-yottaa-forcecache true vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31104000 x-yottaa-os 200 x-server Smartling x-yottaa-metrics 2521cc028a8c/[163,126,-] 25D1cc0285ed/[hit] x-sl-notranslate 1 x-amz-cf-id VRVM20cdH1h4fMV-suCcW1qzPrKEO6gIYDAFdgYgtOrrrKSf2pWnGQ==
GET H2	200	main.js Show response frca-development.elfcosmetics.com/mobify/bundle/11135/	2 MB 489 KB	276ms 275ms	Script application/javascript	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/bundle/11135/main.js Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 74c0e3f637d29a5c0cbbb0c7eebce882ba25db94e083f9f1e3293ed12ff1c30b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:49 GMT via 1.1 bffe83de7594be28771c4164d4617e3a.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop ORD52-C2 age 41539 x-yottaa-optimizations ob/1101 si/26D1cc8d584a-1713544935-103311786 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Hit from cloudfront x-sl-norewrite 1 x-amz-meta-deploy 734673 alt-svc h3=":443"; ma=86400 x-amz-meta-bundle 11135 x-yottaa-forcecache true vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31104000 x-yottaa-metrics 2621cc02835d/[24,-,1713824724704] 26D1cc8d584a/[hit] x-server Smartling x-sl-notranslate 1 x-amz-cf-id gGfYQ7W6gjBnrmuKu8_LyCQuT42Z-J466t2SM1dDDRJOaX4bWxaNjw==
GET H2	200	pages-home.js Show response frca-development.elfcosmetics.com/mobify/bundle/11135/	5 KB 3 KB	112ms 112ms	Script application/javascript	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/bundle/11135/pages-home.js Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 4e0b0aedb4c68e930b4853f0cbb7fb70ea46b350f2711eefe7511e8a84142e94 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:49 GMT via 1.1 934f97734451ac135c3e6c1480f72d4e.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop PHL50-C1 age 8163 x-yottaa-optimizations ob/1001 si/23D1cc8d59c3-1713544936-2737444512 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Hit from cloudfront x-sl-norewrite 1 x-amz-meta-deploy 734673 alt-svc h3=":443"; ma=86400 x-amz-meta-bundle 11135 x-yottaa-forcecache true vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31104000 x-yottaa-os 200 x-server Smartling x-yottaa-metrics 23214047a16c/[99,43,-] 23D1cc8d59c3/[hit] x-sl-notranslate 1 x-amz-cf-id 5fnoskZjqyhxmzPy9F5W25nuFyofG-zHMGRinMC8vv800v9CcwQpRg==
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac Request headers Referer Origin https://frca-development.elfcosmetics.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d Request headers Referer Origin https://frca-development.elfcosmetics.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	40ms 23ms	Script application/javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 zgTRIDojRJmnmBTwUyI2Vw== age 69138 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Thu, 18 Apr 2024 19:47:50 GMT server cloudflare etag 0x8DC5FE06E4C260E vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 8befe9e8-701e-008c-2f73-92518d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d442ded8e368c-FRA
GET H2	200	gtm.js Show response www.googletagmanager.com/	486 KB 131 KB	94ms 72ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 123ef46d5132cd2ea1085e58e5a0700fd9731b853c9cd315eccaf352964429b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 133203 x-xss-protection 0 last-modified Tue, 23 Apr 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 23 Apr 2024 10:45:50 GMT
GET H2	200	api_dynamic.js Show response cdn.dynamicyield.com/api/8772046/	475 KB 52 KB	59ms 23ms	Script application/javascript	2600:9000:26da:7600:a:b89d:a6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_dynamic.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software DYCDN / Resource Hash bcb200189a4d9d85fdd5d2b7baed695287012a6727a98245613633d80d32b1b9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT content-encoding gzip via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 20:46:33 GMT server DYCDN age 2 x-amz-cf-pop MUC50-P4 x-amz-server-side-encryption AES256 etag W/"e5ee12564f7b49f0fa6fb54706ecb5b2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=30 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id EELP8UjxbWyZzpvaYInJA1KgJDh1ao8z15gNFv-wZvJ3Jqxebga6Xw==
GET H2	200	api_static.js Show response cdn.dynamicyield.com/api/8772046/	388 KB 114 KB	46ms 10ms	Script application/javascript	2600:9000:26da:7600:a:b89d:a6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_static.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software DYCDN / Resource Hash 498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 04:24:03 GMT content-encoding gzip via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 20:46:34 GMT server DYCDN age 22908 x-amz-cf-pop MUC50-P4 etag W/"64e0187feba0c97d38f8aabb6e6d66cd" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=86400 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id wmFBF8bXaB1Q9x90rlj55pky7jl-rnbXi_mw11aSSTYqvHlS6VFxRA==
GET H2	200	/ Show response api.ipify.org/	22 B 155 B	174ms 149ms	XHR application/json	104.26.13.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bfffde31056f11d4b751b97d676a1fe20dd62f83d9128baa0398293408ce384 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 878d442e09913a82-FRA content-length 22
GET H2	200	/ Show response api.ipify.org/	22 B 74 B	323ms 148ms	XHR application/json	104.26.13.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bfffde31056f11d4b751b97d676a1fe20dd62f83d9128baa0398293408ce384 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 878d442efab43a82-FRA content-length 22
GET H2	200	PWA-GetLoyaltyUserData Show response frca-development.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/fr_CA/	75 B 2 KB	825ms 825ms	XHR application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/fr_CA/PWA-GetLoyaltyUserData Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 619ba7abddf539ad772ad63c1150fb28f814c325afdf246c79169438169d3cb4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json c_x-pwa-request true Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 af5cdbeee0d74dc841ba3e8c1801409a.cloudfront.net (CloudFront) content-encoding gzip cf-cache-status DYNAMIC x-amz-cf-pop ORD52-C2 age 0 x-yottaa-optimizations ob/1000 si/26D1cc8d585f-1713544934-6485183569 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 pragma no-cache vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store, must-revalidate x-yottaa-os 200 x-server Smartling x-proxy-request-url https://cc-elf-us-dev.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/fr_CA/PWA-GetLoyaltyUserData x-sl-notranslate 1 cf-ray 878d4431483e8720-ORD x-dw-request-base-id G3G1Xl-RJ2YBAAB_ x-amz-cf-id VAQTxStQilX8kPczNF27VjnnTz9PX9nW8N5idSndhhvUY71afjaR5A== x-yottaa-metrics 2621cc02832e/[629,579,-] 26D1cc8d585f/[-,632.485] expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	2023-08_supers-collection cdn.media.amplience.net/i/elfcosmetics/	33 KB 34 KB	59ms 58ms	Image image/jpeg	2a02:26f0:3100::1735:2b10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2023-08_supers-collection?%24Feature-Tile%24=&fmt=auto%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2023-08_supers-collection?%24Feature-Tile%24=&fmt=auto%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2023-08_supers-collection?%24Feature-Tile%24=&fmt=auto%203x Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Unknown / Resource Hash 3d6f85a3ab3b68a7f3746a80fcebc75c15e089c66f62634c4b21cfb57735287b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT x-content-type-options nosniff x-amp-srv A cache-tag 7PA5QDApy,l4p5bDg2e,vJ_VzUmvx,cmhmcKYdQ,k4NPUWi7z x-req-id LVGR1B4NXg content-length 34066 x-xss-protection 1; mode=block x-amp-source-height 2000 server Unknown x-frame-options DENY x-amp-source-width 2000 access-control-allow-origin * content-type image/jpeg cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 22 Apr 2024 13:21:08 GMT
GET H2	200	2023-08_HH-collection cdn.media.amplience.net/i/elfcosmetics/	42 KB 42 KB	72ms 71ms	Image image/jpeg	2a02:26f0:3100::1735:2b10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2023-08_HH-collection?%24Feature-Tile%24=&fmt=auto%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2023-08_HH-collection?%24Feature-Tile%24=&fmt=auto%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2023-08_HH-collection?%24Feature-Tile%24=&fmt=auto%203x Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Unknown / Resource Hash dfaa3e78d39fc407fcf0418a8583fa1117a5828fffa96906e498289973aa6310 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT x-content-type-options nosniff x-amp-srv A cache-tag xC-QLbJwX,l4p5bDg2e,vJ_VzUmvx,5vtDXoyyE,k4NPUWi7z x-req-id yNH867cPyc content-length 43112 x-xss-protection 1; mode=block x-amp-source-height 2000 server Unknown x-frame-options DENY x-amp-source-width 2000 access-control-allow-origin * content-type image/jpeg cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 22 Apr 2024 13:21:08 GMT
GET H2	200	2023-08_pureskin-collection cdn.media.amplience.net/i/elfcosmetics/	30 KB 30 KB	59ms 58ms	Image image/jpeg	2a02:26f0:3100::1735:2b10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2023-08_pureskin-collection?%24Feature-Tile%24=&fmt=auto%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2023-08_pureskin-collection?%24Feature-Tile%24=&fmt=auto%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2023-08_pureskin-collection?%24Feature-Tile%24=&fmt=auto%203x Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Unknown / Resource Hash 6f6b3b1a22f8d1f71d97de3ad66cb74db5e608faa120fe70281263b083624ae2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT x-content-type-options nosniff x-amp-srv A cache-tag t7WEpJrXT,l4p5bDg2e,vJ_VzUmvx,wbNzaPupb,k4NPUWi7z x-req-id SknPJ25iwZ content-length 30698 x-xss-protection 1; mode=block x-amp-source-height 2000 server Unknown x-frame-options DENY x-amp-source-width 2000 access-control-allow-origin * content-type image/jpeg cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 22 Apr 2024 13:21:08 GMT
GET H2	200	2023-08_blemish-collection cdn.media.amplience.net/i/elfcosmetics/	13 KB 13 KB	68ms 68ms	Image image/avif	2a02:26f0:3100::1735:2b10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2023-08_blemish-collection?%24Feature-Tile%24=&fmt=auto Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2b10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Unknown / Resource Hash 06cbcc54a02a1618f0e8bcb6902ac561f2ce75b0984161f8088451979570b3bd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT x-content-type-options nosniff x-amp-srv A cache-tag xLmtsMOTD,l4p5bDg2e,vJ_VzUmvx,9DUcux-w2,WepA0szpz x-req-id BzVxKnkpFp content-length 13091 x-xss-protection 1; mode=block x-amp-source-height 2000 server Unknown x-frame-options DENY x-amp-source-width 2000 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 22 Apr 2024 13:21:08 GMT
POST H2	201	/ Show response sdk.iad-05.braze.com/api/v3/data/	413 B 606 B	503ms 502ms	XHR application/json	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffefd10fd731e81a92dcefbfa18c0aceef38b47efcabaf5d8dd62e2a18ba053d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-Braze-Api-Key 23316cb7-f57f-4f14-a7d3-8bed8ca921f5 X-Braze-TriggersRequest true X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/json Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id faa4eed2-b0b1-4b5b-a9a5-52a6a925ae33 x-runtime 0.303367 server cloudflare etag W/"ffefd10fd731e81a92dcefbfa18c0ace" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1713869154 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 878d442fec3319ab-FRA x-ratelimit-remaining 497.0
OPTIONS H2	200	/ sdk.iad-05.braze.com/api/v3/data/ Frame	0 0	250ms 198ms	Preflight	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with Access-Control-Request-Method POST Origin https://frca-development.elfcosmetics.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 878d442eaaac19ab-FRA content-encoding gzip date Tue, 23 Apr 2024 10:45:50 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	callback frca-development.elfcosmetics.com/ Redirect Chain https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&res... https://frca-development.elfcosmetics.com/callback?usid=99bacc06-d93e-47e8-9826-52ece678c787&code=S0FKfQ1h8OnRPtr0D2iBgKGKergR_Xg1h9k7-ZgABnQ	0 0	1017ms 1016ms	Fetch application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/callback?usid=99bacc06-d93e-47e8-9826-52ece678c787&code=S0FKfQ1h8OnRPtr0D2iBgKGKergR_Xg1h9k7-ZgABnQ Protocol H2 Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Tue, 23 Apr 2024 10:45:52 GMT strict-transport-security max-age=15552000; includeSubDomains via 1.1 f9d4b21c935c23e15cfc47b3d33e44e6.cloudfront.net (CloudFront) x-amzn-remapped-content-length 0 content-encoding gzip x-amz-cf-pop SFO20-C1 age 0 x-amzn-remapped-connection close x-amzn-requestid de78659b-95ae-4809-a64a-3967dec90ae7 x-yottaa-optimizations ob/1000 si/25D1cc0285ed-1713544934-5691118794 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Miss from cloudfront x-sl-norewrite 1 x-amz-apigw-id WrOnEFrVIAMEh1g= alt-svc h3=":443"; ma=86400 x-yottaa-forcecache true x-amzn-trace-id Root=1-6627915f-33f9d1d765b7167b7e68e495;Parent=20c403011099dc08;Sampled=0;lineage=0483b39b:0 vary Accept-Encoding content-type application/json; charset=utf-8 cache-control public, max-age=604800 x-yottaa-os 200 x-server Smartling x-yottaa-metrics 2521cc028596/[640,600,-] 25D1cc0285ed/[-,641.045] x-sl-notranslate 1 x-amzn-remapped-date Tue, 23 Apr 2024 10:45:52 GMT x-amz-cf-id 8rlcUKN-NFZ55_c_cEgOxnz-eP-z0jDAXptdmQbLl96U1I3nvmKMWQ== Redirect headers date Tue, 23 Apr 2024 10:45:51 GMT x-correlation-id 878d4432facd9c6a via 1.1 777bb716b31e5bbc92d320e733371d3a.cloudfront.net (CloudFront) cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop JFK52-P3 age 0 x-yottaa-optimizations ob/0 si/38D1cc02313f-1713544935-4525833200 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 pragma no-cache x-ratelimit-1m-remaining 479, 1964671 x-ratelimit-1m-reset 8787, 8786 x-ratelimit-1m-limit 500, 2000000 vary Accept-Encoding location https://frca-development.elfcosmetics.com/callback?usid=99bacc06-d93e-47e8-9826-52ece678c787&code=S0FKfQ1h8OnRPtr0D2iBgKGKergR_Xg1h9k7-ZgABnQ cache-control no-store x-yottaa-os 303 x-server Smartling x-proxy-request-url https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/authorize?redirect_uri=https%3A%2F%2Ffrca-development.elfcosmetics.com%2Fcallback&response_type=code&client_id=bc4b91c6-6960-4cb9-b44d-33cc7dfe679b&hint=guest&channel_id=elf-us&code_challenge=drc2C13XfOuccE8qnQs472Mb9msFhOB7zTHnGcoB968 x-yottaa-metrics 3821cc02317b/[490,445,-] 38D1cc02313f/[-,492.817] cf-ray 878d4432facd9c6a-IAD x-amz-cf-id eh4gcrshNUSf--M0e9PmOUMqlBBbaCms021DCQ64es6DlDxIXGSZVg== x-sl-notranslate 1
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	4 KB 3 KB	196ms 195ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash beaf1a4f71e751e3faa84e1dcf5f4594958322840457f38efd3fcaf96f993cab Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:50 GMT content-encoding gzip access-control-allow-headers * content-length 2529 apigw-requestid WrOm3iX8oAMEYtQ= content-type application/json
OPTIONS H2	200	/ pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Frame	0 0	302ms 108ms	Preflight application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-sl-pjs-locale,x-sl-pjs-uid,x-sl-pjs-version Access-Control-Request-Method POST Origin https://frca-development.elfcosmetics.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-origin * apigw-requestid WrOm2j_GoAMEMNg= content-length 2 content-type application/json date Tue, 23 Apr 2024 10:45:50 GMT
GET H2	200	018ea565-c262-7057-a505-a2012f1cf327.json Show response cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/	6 KB 2 KB	85ms 60ms	XHR application/x-javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/018ea565-c262-7057-a505-a2012f1cf327.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b366a6f21573c6e05b3891f356296c2b8821742959738c22c5fda9f83263b4c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 Byd8BrEcjlGHo1ZtHmonHQ== content-length 1798 x-ms-lease-status unlocked last-modified Fri, 05 Apr 2024 16:50:17 GMT server cloudflare etag 0x8DC559078EE43C1 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9df3998a-401e-00a8-1203-95a72d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d442eef724d32-FRA expires Wed, 24 Apr 2024 10:45:50 GMT
GET H2	200	st Show response st.dynamicyield.com/	118 KB 10 KB	172ms 134ms	Script text/javascript	2600:9000:237d:b800:15:ad21:c740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=wb3fte664cwfw5ub8njiaxjg4zirjcms&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22fr-CA%22%2C%22data%22%3A%5B%5D%7D Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:b800:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b40333699f7a12ee72781811fbf255ff7b51b21bad856ca5558df6d713bb0933 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT content-encoding gzip via 1.1 cdf03e675736c21829fede7b370fd99a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS" cache-control no-cache x-amz-cf-id vQ4sRMPBlio0Mdih7H63D-PwjwSrKqUA25VWC0yG9FnXiYgRMQYFKQ== expires Tue, 23 Apr 2024 10:45:49 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	68 B 315 B	60ms 40ms	XHR application/json	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" accept application/json Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 878d44305b558c49-FRA access-control-allow-headers Content-Type
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	118ms 7ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 23 Apr 2024 09:48:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3462 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 23 Apr 2024 11:48:08 GMT
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2	43 B 1 KB	18ms 17ms	Image image/gif	185.89.211.116 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Server 185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:50 GMT an-x-request-uuid e42e09a5-86b2-43c7-9964-9e12b76d5074 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.10.200; 80.255.10.200; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Apr 2024 10:45:50 GMT an-x-request-uuid bca20216-f6ca-4ced-99a3-91eb291525b9 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 cache-control no-store, no-cache, private x-proxy-origin 80.255.10.200; 80.255.10.200; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	148ms 36ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2	43 B 1 KB	17ms 17ms	Image image/gif	185.89.211.116 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Server 185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:50 GMT an-x-request-uuid 0b9ff90d-ca52-4fb9-95b0-00a38fa961b5 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.10.200; 80.255.10.200; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Apr 2024 10:45:50 GMT an-x-request-uuid 22238faa-3664-4026-8b9a-4e877a9b8b23 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 cache-control no-store, no-cache, private x-proxy-origin 80.255.10.200; 80.255.10.200; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 149 B	146ms 35ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:50 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	landing googleads.g.doubleclick.net/pagead/ Redirect Chain https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=2017378103.1713869151&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He44h0n81WL3STMXv8966... https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=2017378103.1713869151&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He44h0n8...	42 B 65 B	60ms 40ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=2017378103.1713869151&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He44h0n81WL3STMXv896608294za200&auid=1452241516.1713869151 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/ Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:50 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Apr 2024 10:45:50 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=2017378103.1713869151&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He44h0n81WL3STMXv896608294za200&auid=1452241516.1713869151 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202403.2.0/	447 KB 109 KB	21ms 21ms	Script application/javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e90effe2c4b60df553e50c5e65bcf113ad7a2ddf3d5e7a594f2b8a9ccfd4523 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 NaqcG2ILVJmSrG/q1ZpJ7w== age 4548 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 110887 x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 06:06:18 GMT server cloudflare etag 0x8DC62925356D668 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id c839b996-c01e-001f-188e-948a87000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d44309900368c-FRA
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	4 KB 3 KB	182ms 182ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash beaf1a4f71e751e3faa84e1dcf5f4594958322840457f38efd3fcaf96f993cab Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip access-control-allow-headers * content-length 2529 apigw-requestid WrOm4hl6oAMEYNw= content-type application/json
GET H2	200	en.json Show response cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/b3580e16-19d9-4554-ba1a-ac19abea14a3/	70 KB 18 KB	87ms 86ms	Fetch application/x-javascript	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/018ea565-c262-7057-a505-a2012f1cf327/b3580e16-19d9-4554-ba1a-ac19abea14a3/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38d66777a49d31907570473a21ca434807cd7b57f4be3f81a8d2570c04d8a2ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 +XXLk9hAKfT5IRFIHHIC9g== content-length 17963 x-ms-lease-status unlocked last-modified Fri, 05 Apr 2024 16:50:31 GMT server cloudflare etag 0x8DC559081AAF732 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id e9087bb3-e01e-006a-5e6b-95e1ab000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d44311a954d32-FRA expires Wed, 24 Apr 2024 10:45:50 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 220 B	15ms 15ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=945438412&t=pageview&_s=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=1613994264&gjid=324608662&cid=173183426.1713869151&tid=UA-432816-1&_gid=1409843910.1713869151&_r=1&_slc=1&gtm=45He44h0n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&z=904805564 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://frca-development.elfcosmetics.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dy-coll-min.js Show response cdn.dynamicyield.com/scripts/2.32.0/	196 KB 65 KB	10ms 8ms	Script text/javascript	2600:9000:26da:7600:a:b89d:a6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:7600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software DYCDN / Resource Hash 42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 14:37:52 GMT content-encoding gzip via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) last-modified Tue, 02 Apr 2024 09:13:12 GMT server DYCDN age 763679 x-amz-cf-pop MUC50-P4 etag W/"65b3e284856fb8d657d1f6a3423618c7" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=31536000 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id k_tMHKaF9KCDgYb6TlkLC3giqpgwDVCbM_daGqj5IDwetAN6xSVf8Q==
POST H2	200	uia Show response async-px.dynamicyield.com/	0 383 B	137ms 108ms	XHR text/plain	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/uia?cnst=1&_=1713869150984 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id cpytkAcWa52qQC9OPL05IPSsrV0SKDkwgRPdhS8pCUBANMD_h3jKlA== expires 0
GET H2	200	cnxtag-min.js Show response js.cnnx.link/roi/	2 KB 1 KB	78ms 30ms	Script text/javascript	2600:9000:237d:5200:11:85b0:d600:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.cnnx.link/roi/cnxtag-min.js?id=316282 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:5200:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:38:09 GMT via 1.1 google, 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop MUC50-P2 age 461 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 cache-control max-age=600 x-amz-cf-id zQQ5kA6hWMFZilowaIHIRlvKwXHLsUJjf1HRUC_syjt0OMGCgkOTIA==
GET		kpi pixel.pointmediatracker.com/	0 0
GET H2	200	px secure.adnxs.com/	43 B 1 KB	42ms 41ms	Image image/gif	185.89.211.116 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT an-x-request-uuid 60d6faab-e45c-442e-8ef6-0f0fad6726d4 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 80.255.10.200; 80.255.10.200; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	35ms 35ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/	13 KB 3 KB	50ms 49ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 wV78mAWw6KBtzfNUzHQTew== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3041 x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 06:06:11 GMT server cloudflare etag 0x8DC62924F52ADA5 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 6e6edd07-b01e-0083-0fb0-9427e1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d44322bf54d32-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/	62 KB 13 KB	57ms 56ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 AuGdfk9YQiHTOXC6nprZgA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12755 x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 06:06:13 GMT server cloudflare etag 0x8DC629250A45095 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 637fd1ef-d01e-004e-0cb0-94170b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d44322bf74d32-FRA
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/	5 KB 2 KB	60ms 60ms	Fetch application/json	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 itF4BEv6QGTJMVC/PCYKDA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1738 x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 06:06:13 GMT server cloudflare etag 0x8DC6292505EED4D vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id a6049c62-801e-00a7-03c4-94d141000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d44322bfa4d32-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/	24 KB 4 KB	93ms 92ms	Fetch text/css	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 4ErYmXXFNbMLrnc9DrDTsg== x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 06:06:21 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 8de54516-501e-0022-76b0-94fc9c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 878d44322bfb4d32-FRA
GET H3	200	collect www.google-analytics.com/	35 B 55 B	8ms 7ms	Image image/gif	216.239.32.178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=945438412&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEBAAEABAAAAACgAIkC~&cid=2129692622.1713869151&tid=UA-432816-1&_gid=1435696864.1713869151&gtm=45He44h0n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=homepage&cd19=&cd21=CA&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&npa=1&z=1527336740 Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.32.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 22 Apr 2024 13:33:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 76324 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	10ms 9ms	Image image/gif	216.239.32.178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=945438412&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=50%25&_u=aEBAAEABAAAAACgAIkC~&cid=560878495.1713869151&tid=UA-432816-1&_gid=2042362514.1713869151&gtm=45He44h0n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=homepage&cd19=&cd21=CA&gcs=G100&gcd=13u3u3u2u5&dma_cps=-&dma=1&npa=1&z=617621145 Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.32.178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 22 Apr 2024 13:33:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 76324 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon.ico frca-development.elfcosmetics.com/	34 KB 35 KB	896ms 896ms	Other image/x-icon	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront) x-amzn-remapped-content-length 34494 x-amz-cf-pop PHL50-C1 age 0 x-amzn-remapped-connection close x-amzn-requestid 0e8114d6-1d89-41ad-b957-edfc2a162b96 x-yottaa-optimizations ob/0 si/23D1cc8d59c3-1713544936-2737459335 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache RefreshHit from cloudfront x-sl-norewrite 1 x-amz-apigw-id Wq6vBHznoAMEItg= alt-svc h3=":443"; ma=86400 x-yottaa-forcecache true last-modified Mon, 22 Apr 2024 18:24:46 GMT x-amzn-trace-id Root=1-66277192-4ff7b72b4c6ab473651fbd16;Parent=4dd1b0bf6701e605;Sampled=0;lineage=0483b39b:0 etag W/"86be-18f070da5b0" vary Accept-Encoding content-type image/x-icon cache-control max-age=600, s-maxage=600 x-yottaa-os 200 x-server Smartling x-yottaa-metrics 23214047a14a/[768,702,-] 23D1cc8d59c3/[-,772.166] x-sl-notranslate 1 x-amzn-remapped-date Tue, 23 Apr 2024 08:30:13 GMT x-amz-cf-id WHVvHSWgFUl30pu9GW6CMFT6K-UzdZNyM-ODJaGdUGTtQ_18qU1VYg==
GET H2	200	var async-px.dynamicyield.com/	0 0	108ms 108ms	Fetch	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=802188&uid=-5453858893628731042&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=1cb824c5934bf44f5e254b7cfd5405b8&expSes=62128&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=8654032360080644978&cgtgDecisionId=8654032360521897153&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1713869151073&rri=5329163 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id H3gLt82CJU3gM0mJicMsrW0drXnJZ9BcWDSh8UylOKQMNdICdtMYZQ== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	107ms 107ms	Fetch	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=592998&uid=-5453858893628731042&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=1cb824c5934bf44f5e254b7cfd5405b8&expSes=62128&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=8654032358623595193&cgtgDecisionId=8654032360778905602&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1713869151074&rri=7642901 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id RdOURmUXQDHiIAJTXwq71EvIEjYIqBLUKYswtwk8Au81YYL7V6qgcw== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	106ms 106ms	Fetch	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=483618&uid=-5453858893628731042&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=1cb824c5934bf44f5e254b7cfd5405b8&expSes=62128&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=8654032358833337815&cgtgDecisionId=8654032360949435722&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1713869151076&rri=4275052 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id JObbRHMlmLjHohIZ17xRiwHPSwo2dZ1MyJx7QSgtWGtjej_vx3O8ow== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	108ms 108ms	Fetch	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=789132&uid=-5453858893628731042&sec=8772046&t=ri&e=1708014&p=1&ve=13018622&va=%5B28672636%5D&ses=1cb824c5934bf44f5e254b7cfd5405b8&expSes=62128&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=8654032360728695306&cgtgDecisionId=8654032359990029040&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1713869151077&rri=5637379 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id _waYuDkKxo4Q_VrALbIt_Zp8Z_08-fyuvPBeDQQHaoAwKAkEBpHobg== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	106ms 106ms	Fetch	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=900162&uid=-5453858893628731042&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28207096%5D&ses=1cb824c5934bf44f5e254b7cfd5405b8&expSes=62128&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=8654032359123823140&cgtgDecisionId=8654032357778467879&mech=0&smech=2&eri=1&tsrc=Direct&reqts=1713869151077&rri=6283949 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id GZF5KnUgwryTrq2oK5VQ7CiRH3QgZfWe0JJks0796cNMR6w2E8L0ew== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	106ms 106ms	Fetch	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=852675&uid=-5453858893628731042&sec=8772046&t=ri&e=1750936&p=1&ve=13172288&va=%5B28818377%5D&ses=1cb824c5934bf44f5e254b7cfd5405b8&expSes=62128&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=8654032359904122538&cgtgDecisionId=8654032360545902474&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1713869151078&rri=4831944 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id nHVjqGQuKpE1p07QXf7ZWgoYhTwtvEIt1jj8b0QQQFBHKWpvY4M7yw== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	305ms 304ms	Fetch	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=617973&uid=-5453858893628731042&sec=8772046&t=ri&e=1750954&p=1&ve=13166004&va=%5B28818431%5D&ses=1cb824c5934bf44f5e254b7cfd5405b8&expSes=62128&aud=884367.884385.884387.1167402.1324059.1846919.2324421.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=8654032361767021993&cgtgDecisionId=8654032357745549995&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1713869151078&rri=9324312 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id fq5UoHxlIHSrASc12FWftRZy7rbmxaJoW452balX58cUd1x2rxPf6Q== expires 0
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	4 KB 3 KB	169ms 169ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash c4b2ccd98137932734619d317da057e6a9091f85b79248c95740ad50c708892b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip access-control-allow-headers * content-length 2560 apigw-requestid WrOm6ikPoAMEYRQ= content-type application/json
POST H2	200	batch async-px.dynamicyield.com/	0 383 B	124ms 110ms	Ping text/plain	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/batch?cnst=1&_=1713869151085_537061 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 64de0e8f28c987c1b81102130781b870.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id fpjctZAzvDmlSffmFTOwfhrycSLYqGoHKV5E5dOavNMws_BDH1PaCg== expires 0
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 618 B	29ms 29ms	Image image/svg+xml	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 pcXWFGpuVeSg/jVnYCseRg== age 69138 x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 02:31:48 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 778511d6-c01e-00a6-3564-948e9d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 878d4432dcda368c-FRA
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 488 B	43ms 42ms	Fetch image/svg+xml	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 06:06:20 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 442478ca-501e-0032-6bb0-9439f4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 878d4432ece54d32-FRA
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	21ms 21ms	Image image/png	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 E8+sk/ECzKgTUVtDLikiIA== age 69138 content-length 4036 x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 02:31:48 GMT server cloudflare etag 0x8DC62745C60FC03 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 9c8439ff-501e-006f-6964-943370000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 878d4432fcfd368c-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	20ms 20ms	Image image/svg+xml	2606:4700::6813:b134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 37698 x-ms-lease-status unlocked last-modified Mon, 22 Apr 2024 06:06:21 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 2cddd7bb-e01e-0018-53e8-94e6e4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 878d4432fcff368c-FRA
GET H2	200	110221.ct.js Show response tag.rmp.rakuten.com/	47 KB 15 KB	49ms 25ms	Script text/javascript	34.102.147.248 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.rmp.rakuten.com/110221.ct.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 248.147.102.34.bc.googleusercontent.com Software / Resource Hash 305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000 last-modified Tue, 23 Apr 2024 10:45:51 GMT x-cache hit x-samesite secure content-type text/javascript cache-control max-age=86400 x-dyn 0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	js Show response www.paypal.com/sdk/	419 KB 117 KB	792ms 769ms	Script application/javascript	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=CAD&vault=true&components=buttons,messages Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash eba5682e7d4426c087f36ae55461edcdd05b6b2f785612b9ab3f1af64a921a53 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-wx4TG8UqUtbV9yt6En02W7LL+4+NJFNWV3cQ7DkEBk3tgDc0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-wx4TG8UqUtbV9yt6En02W7LL+4+NJFNWV3cQ7DkEBk3tgDc0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-wx4TG8UqUtbV9yt6En02W7LL+4+NJFNWV3cQ7DkEBk3tgDc0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-wx4TG8UqUtbV9yt6En02W7LL+4+NJFNWV3cQ7DkEBk3tgDc0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff disable-set-cookie true via 1.1 varnish, 1.1 varnish date Tue, 23 Apr 2024 10:45:51 GMT age 0 strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, MISS p3p true paypal-debug-id f179074d7d7e5 server-timing "traceparent;desc="00-0000000000000000000f179074d7d7e5-7c9279427a53e82a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 117900 x-xss-protection 1; mode=block x-served-by cache-fra-etou8220064-FRA, cache-fra-etou8220064-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f179074d7d7e5-1ee4afd0eafa1af9-01 x-timer S1713869151.222630,VS0,VE762 etag W/"1cc8c-7skbRf8FcBaPYPVejMMukfehQPw" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 0, 0
GET H2	200	main.js Show response staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/	260 KB 53 KB	167ms 132ms	Script application/javascript	34.111.194.77 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 77.194.111.34.bc.googleusercontent.com Software Apache / Resource Hash c48476ffd21ed753a90b11db277894d1c3f1bf60a2cc735abfbe1db237cdafe0 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=15768000 content-encoding gzip last-modified Mon, 10 Apr 2023 21:09:34 GMT server Apache via 1.1 google etag "145ba75-41083-5f901caaa5f80-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54128
POST H2	200	batch async-px.dynamicyield.com/	0 381 B	108ms 108ms	Ping text/plain	54.230.228.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/batch?cnst=1&_=1713869151197_838846 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-78.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 64de0e8f28c987c1b81102130781b870.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id omLn9j7loopH2A7wY14-8M_vOia-FnCxG7eJx2CCqzSNQfHA72jMAw== expires 0
OPTIONS H2	200	sync sdk.iad-05.braze.com/api/v3/content_cards/ Frame	0 0	158ms 157ms	Preflight	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with Access-Control-Request-Method POST Origin https://frca-development.elfcosmetics.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 878d4433083c19ab-FRA content-encoding gzip date Tue, 23 Apr 2024 10:45:51 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
POST H2	201	sync Show response sdk.iad-05.braze.com/api/v3/content_cards/	85 B 228 B	259ms 259ms	XHR application/json	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f50319664d5ff5f7910a0cbe63756e5615d495857ef0b0d901c29b942d31a740 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-Braze-Api-Key 23316cb7-f57f-4f14-a7d3-8bed8ca921f5 X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/json BRAZE-SYNC-RETRY-COUNT 0 Referer https://frca-development.elfcosmetics.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9;q=0.9 X-Braze-ContentCardsRequest true sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id c79136f7-cf99-4c13-b760-ec4fa0221f73 x-runtime 0.101180 server cloudflare etag W/"f50319664d5ff5f7910a0cbe63756e56" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1713869154 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 878d4434096d19ab-FRA x-ratelimit-remaining 499.0
POST H2	201	sync Show response sdk.iad-05.braze.com/api/v3/feature_flags/	20 B 174 B	265ms 265ms	XHR application/json	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/feature_flags/sync Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-Braze-Api-Key 23316cb7-f57f-4f14-a7d3-8bed8ca921f5 X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/json Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ X-Braze-FeatureFlagsRequest true X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id f2499046-2a42-4351-9110-fbb4bc39ee84 x-runtime 0.099981 server cloudflare etag W/"e92f434a50c76d6e52d0d3cc91cdf185" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1713869154 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 878d4434097219ab-FRA x-ratelimit-remaining 499.0
GET H2	200	js Show response www.googletagmanager.com/gtag/	299 KB 99 KB	39ms 38ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8df8d91ee8947423c28e97d3d570fd454333b365613c81bd0f9efc37f9ef437d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 101385 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 23 Apr 2024 10:45:51 GMT
OPTIONS H2	200	sync sdk.iad-05.braze.com/api/v3/feature_flags/ Frame	0 0	152ms 150ms	Preflight	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/feature_flags/sync Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-requested-with Access-Control-Request-Method POST Origin https://frca-development.elfcosmetics.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 878d4433185019ab-FRA content-encoding gzip date Tue, 23 Apr 2024 10:45:51 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	destination Show response www.googletagmanager.com/gtag/	203 KB 73 KB	39ms 39ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9da3ee991285097951a3acff4c62175d0b10a904671977a9b01095f190969491 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75090 x-xss-protection 0 last-modified Tue, 23 Apr 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 23 Apr 2024 10:45:51 GMT
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	9 KB 5 KB	188ms 188ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash 4b31732c86c782bcef896ef7c2d296e213cf53766ce7bb56c1c57423f8f7e011 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip access-control-allow-headers * content-length 4861 apigw-requestid WrOm7g-EoAMEYFw= content-type application/json
GET H3	200	destination Show response www.googletagmanager.com/gtag/	203 KB 73 KB	22ms 22ms	Script application/javascript	216.58.206.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash a60c894e942e11a039a457bebe628611fee7cb77b9442296ecd3d09b2d4a64f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75164 x-xss-protection 0 last-modified Tue, 23 Apr 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 23 Apr 2024 10:45:51 GMT
GET H2	200	src=10742279;dc_pre=CLDU04-U2IUDFagPogMduVULzA;type=elf8j0;cat=glo_flhp;ord=4803126543045;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=4803126543045;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B12... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLDU04-U2IUDFagPogMduVULzA;type=elf8j0;cat=glo_flhp;ord=4803126543045;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;...	42 B 107 B	45ms 44ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLDU04-U2IUDFagPogMduVULzA;type=elf8j0;cat=glo_flhp;ord=4803126543045;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CLDU04-U2IUDFagPogMduVULzA;type=elf8j0;cat=glo_flhp;ord=4803126543045;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	src=10742279;dc_pre=CMnR04-U2IUDFR0LogMds_QMKQ;type=elf8j0;cat=glo_flap;ord=828907541515;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7C... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=828907541515;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMnR04-U2IUDFR0LogMds_QMKQ;type=elf8j0;cat=glo_flap;ord=828907541515;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;u...	42 B 118 B	43ms 42ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMnR04-U2IUDFR0LogMds_QMKQ;type=elf8j0;cat=glo_flap;ord=828907541515;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CMnR04-U2IUDFR0LogMds_QMKQ;type=elf8j0;cat=glo_flap;ord=828907541515;npa=1;u1=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181663336z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1a8bfa042c9c5.js Show response t.contentsquare.net/uxa/	292 KB 71 KB	73ms 24ms	Script application/javascript	18.66.192.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.contentsquare.net/uxa/1a8bfa042c9c5.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-76.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 329a5e6b08a931ac1df4877349d5fb131ee553dd231dad91850a0422d7d89dd8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 22:07:28 GMT content-encoding br via 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 0 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 71694 last-modified Thu, 04 Apr 2024 14:00:49 GMT server AmazonS3 etag "f5dfc1db5e16fbec46d877d4586c2484" vary Accept-Encoding, Origin content-type application/javascript;charset=utf-8 cache-control max-age=900 accept-ranges bytes timing-allow-origin * x-amz-cf-id AADZH8KCSrkf3Lrxr3rLnHqT3gNi4ESkufbeCCTF2ylvwjiCAzjVFg==
GET H2	200	src=10265292;dc_pre=CNXY04-U2IUDFfkbogMdO-YBMA;type=conte0;cat=homep0;ord=5869768218379;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=5869768218379;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.... https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CNXY04-U2IUDFfkbogMdO-YBMA;type=conte0;cat=homep0;ord=5869768218379;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2...	42 B 107 B	46ms 46ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CNXY04-U2IUDFfkbogMdO-YBMA;type=conte0;cat=homep0;ord=5869768218379;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=CNXY04-U2IUDFfkbogMdO-YBMA;type=conte0;cat=homep0;ord=5869768218379;npa=1;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181787185z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 314 B	193ms 167ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je44h0v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=2009352916.1713869151&ecid=1296562123&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BY&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=2017378103.1713869151&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1713869151&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=17649&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://frca-development.elfcosmetics.com cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	296ms 275ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je44h0v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=2009352916.1713869151&ecid=1296562123&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BY&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=2017378103.1713869151&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&sid=1713869151&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&en=pageview&ep.vendor_id=pinterest&ep.email=&_et=2&tfd=17655&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://frca-development.elfcosmetics.com cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	224ms 208ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je44h0v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=2009352916.1713869151&ecid=1296562123&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BY&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=MA&sst.rnd=2017378103.1713869151&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=3&sid=1713869151&sct=1&seg=0&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&en=view_promotion&ep.promotions=%5Bobject%20Object%5D&ep.promotion_name=elf%20Skin%20Shop%20by%20Collection%20Feature%20Tile%20List&ep.promotion_id=281b550e-a43b-422d-b932-b189cbac4584&ep.creative_name=Feature%20Cards&tfd=17659&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://frca-development.elfcosmetics.com cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	283ms 267ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je44h0v9125640115z8896608294za200&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&cid=2009352916.1713869151&ecid=1296562123&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BY&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&sst.rnd=2017378103.1713869151&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=4&sid=1713869151&sct=1&seg=1&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dt=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&en=page_view&ep.vendor_id=facebook&ep.event_id=1713869399310_17138693659806&ep.email=&ep.phone=&_et=1&tfd=17659&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://frca-development.elfcosmetics.com cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	loader.js Show response cdn.usehero.com/	98 KB 28 KB	42ms 7ms	Script application/javascript	2600:9000:26da:6c00:13:d6f4:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.usehero.com/loader.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:6c00:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:09:20 GMT content-encoding gzip via 1.1 de8b46af7190cc021fd8b12be6996a2e.cloudfront.net (CloudFront) last-modified Tue, 19 Sep 2023 07:56:38 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 2192 x-amz-server-side-encryption AES256 etag W/"fbf714a58cbac38c0deea519667d9044" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id B6nh6G3sFHwgaf66I4sfr98F57XTYn9t7ozh7rurBNbvHfj5UkyEuA==
GET H3	200	destination Show response www.googletagmanager.com/gtag/	203 KB 73 KB	24ms 24ms	Script application/javascript	216.58.206.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash e57713ddcc7888724e70fbbd8f0980a454502e53a7891a3877699da0e9cbbef9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75049 x-xss-protection 0 last-modified Tue, 23 Apr 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 23 Apr 2024 10:45:51 GMT
GET H2	200	core.js Show response s.pinimg.com/ct/	5 KB 2 KB	75ms 8ms	Script application/javascript	2a02:26f0:3500:893::1931 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/core.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 62e7cb03e8f65ceb4f43a5a56a3b9c3950158fae3fea85699e3f4c68672f4c2f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br x-cdn akamai etag "2a48a6694c41c203319b5f6018c2bbbc" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin access-control-max-age 86400 content-type application/javascript access-control-allow-origin * access-control-allow-methods GET access-control-expose-headers X-CDN cache-control max-age=7200 accept-ranges bytes alt-svc h3=":443"; ma=600 content-length 1899
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	30ms 8ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 23 Apr 2024 10:45:51 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57850 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug vaDxZbh/uZRhsQZFxHhi/4eW6jmieO0o88SUqmzmkL51KepQT0GR8P8mIHIIFn7ThNv1SvBfwob54adQsOxJHA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	pageview c.contentsquare.net/	0 320 B	109ms 29ms	Image text/plain	34.250.42.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.contentsquare.net/pageview?ex=&dt=83&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&la=de-DE&uc=0&url=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&dr=&dw=1600&dh=2103&ww=1600&wh=1200&sw=1600&sh=1200&uu=5c00c60a-e3b6-a86f-ddd8-de96efae6888&sn=1&hd=1713869151&v=14.5.1&pid=1926&pn=1&r=444431 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.42.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-42-3.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 content-disposition inline timing-allow-origin * access-control-allow-headers Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With expires Sun, 24 Oct 1982 23:00:00 GMT
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	28 KB 9 KB	53ms 8ms	Script application/javascript	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 15 Feb 2024 20:38:48 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "9a680c8c475d8bba600d4d87b4fa7ee5" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 8702
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	95ms 51ms	Script application/javascript	2a01:111:202c::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 23 Apr 2024 10:45:50 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 57E2EB49125048F0876B9DBAEF13631F Ref B: VIEEDGE1709 Ref C: 2024-04-23T10:45:51Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	sdk.js Show response analytics.tiktok.com/i18n/pixel/	8 KB 3 KB	154ms 105ms	Script application/javascript	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRR4GA0I9JJBU29G8GF0 Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f584abb65b3dc0dfa367ffe8a6ef049245ae17f8a39bce92ebc1bb38516c6797 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 5329329c.f3be91 date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240423104551B2CC0CBBDD61255FB13E-51E23589372C3CAB-00 x-cache TCP_MISS from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) x-parent-response-time 81,92.122.54.19 server-timing cdn-cache; desc=MISS, edge; dur=75, origin; dur=6, inner; dur=4 content-length 2529 pragma no-cache server nginx x-tt-logid 20240423104551B2CC0CBBDD61255FB13E x-cache-remote TCP_MISS from a23-220-106-5.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 6,23.220.106.5 x-tt-trace-host 01de021079ae58f625e62be24655db03d57ddd2957bc3b45ff0ed5f2bb94ae4a870eae63fba7329bb8686ef5afc1369a06529b8bb0901ae1302b783caec0b978563892c212dee24e0d2735ab19067290828ac7b352d1995e23a3400ccd5af9659b5f17bec90dd1a462563a3ad1c8b3ffb8 expires Tue, 23 Apr 2024 10:45:51 GMT
GET BLOB	200 OK	d438c3cf-625c-4847-8d32-317a2f1f5267 https://frca-development.elfcosmetics.com/	7 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://frca-development.elfcosmetics.com/d438c3cf-625c-4847-8d32-317a2f1f5267 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 1d959f985f144d73bf7e483dc5b5027417eb785966a53fb8b1378979c43d6f90 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 7329 Content-Type application/javascript
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	153ms 106ms	Script application/javascript	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash df564b781d433c32922f8da4ed37c04ff9bb0ddbe0cc775961bb46ee85227deb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id f3be90 date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240423104551C9B2CE6D35034272971D-3BFB01C7782742A3-00 x-cache TCP_MISS from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) server-timing inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=81 content-length 2076 pragma no-cache server nginx x-tt-logid 20240423104551C9B2CE6D35034272971D vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 82,92.122.54.19 x-tt-trace-host 01de021079ae58f625e62be24655db03d58e4d3d8a6c73cae9cf2c04422045fc80411bfeab28529023c8078e68ac3a6d8171f92d471e3263e09ed2aa2fb77162f46ea421d844e95a4ca47a403d05db8ba61fa536f09ee879c1df9646f09ef6a7b2 expires Tue, 23 Apr 2024 10:45:51 GMT
GET H2	200	en-us.js Show response staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/	53 KB 5 KB	121ms 121ms	Script application/javascript	34.111.194.77 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://staging.static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/en-us.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.194.77 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 77.194.111.34.bc.googleusercontent.com Software Apache / Resource Hash 8156e978b8f902bb27d56d9baeb9f76f37fc4dbbc718f8d95a2bf9936d07b361 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=15768000 content-encoding gzip last-modified Mon, 10 Apr 2023 21:09:34 GMT server Apache via 1.1 google etag "1a114a5-d3e6-5f901caaa5f80-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5096
GET H2	200	display Show response api.usehero.com/webplugin/	118 B 1 KB	262ms 193ms	XHR application/json	54.154.184.203 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&state=untouched&outboundFeature= Requested by Host: cdn.usehero.com URL: https://cdn.usehero.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.184.203 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-184-203.eu-west-1.compute.amazonaws.com Software / Resource Hash f75b851845dfbba693f427abe1eb2593d62042be4389e2ab72f1819879541b70 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload x-permitted-cross-domain-policies none cross-origin-embedder-policy require-corp surrogate-control no-store x-dns-prefetch-control off x-time-zone Europe/Berlin klarna-correlation-id 16c70bc5-7367-44ce-9848-59218095b594 x-envoy-upstream-service-time 11 cross-origin-resource-policy same-origin x-geo-longitude 9.49100 content-length 118 x-xss-protection 0 x-request-id 16c70bc5-7367-44ce-9848-59218095b594 pragma no-cache referrer-policy same-origin cross-origin-opener-policy same-origin etag W/"76-wEJ2LOISHTkjtGvxXBqZKNNeJEI" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-geo-latitude 51.29930 x-country DE x-accuracy 200 expires 0
GET H3	200	src=9231397;dc_pre=CNmh3I-U2IUDFcweogMdjiABzw;type=retarget;cat=globa0;ord=1223757253880;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%252... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=1223757253880;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60... https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CNmh3I-U2IUDFcweogMdjiABzw;type=retarget;cat=globa0;ord=1223757253880;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab...	42 B 63 B	44ms 44ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CNmh3I-U2IUDFcweogMdjiABzw;type=retarget;cat=globa0;ord=1223757253880;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CNmh3I-U2IUDFcweogMdjiABzw;type=retarget;cat=globa0;ord=1223757253880;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44h0v9181619921z8896608294za201;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;epver=2;~oref=https%3A%2F%2Ffrca-development.elfcosmetics.com? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget.js Show response js.jebbit.com/companion/v1/	44 KB 45 KB	63ms 8ms	Script text/javascript	2600:9000:26da:f000:a:7914:b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:f000:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a938eea663af09f75118101cf9061107fbef7c4770d7d123c71e33c52c565139 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id R3KY_K4A_1J6MbzxdLc7TwnPZXsf4837 date Tue, 23 Apr 2024 03:46:46 GMT via 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront) last-modified Wed, 21 Feb 2024 21:57:20 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 25146 x-amz-server-side-encryption AES256 etag "cc4e73d84c409b310a274ca12ee462bc" x-cache Hit from cloudfront content-type text/javascript accept-ranges bytes content-length 45249 x-amz-cf-id _9eb5TdnttsX0jTmELIPOLKctKLemiF9o6bBAMExuwxIiotnpHJ2PA==
GET H2	204	dvar c.contentsquare.net/	0 319 B	29ms 28ms	Image text/plain	34.250.42.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.contentsquare.net/dvar?v=14.5.1&pid=1926&pn=1&sn=1&uu=5c00c60a-e3b6-a86f-ddd8-de96efae6888&dv=H4sIAAAAAAAAA6tWcnSKd4mMd8%2FJT0rMUXDOzyspys9RCEktLlGyUnKpzEvMzUxWiMxMzUlRcK0oSC3KTM1LTi1W0oHqQ4gpGAI1hCUWZSaWZObnAXkwJT755QqeeSWpeSATA%2FILSnOAikoqlWoB8S1cunwAAAA%3D&ct=2&r=222185 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.42.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-42-3.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 23 Apr 2024 10:45:51 GMT access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 content-disposition inline timing-allow-origin * access-control-allow-headers Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With expires Sun, 24 Oct 1982 23:00:00 GMT
GET H2	200	1638306756445368 Show response connect.facebook.net/signals/config/	68 KB 14 KB	203ms 203ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1638306756445368?v=2.9.154&r=stable&domain=frca-development.elfcosmetics.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 03f75fe69f0db79ae7b1f31af46cf0eb412c23d8d0a19cb8b1cf16a35fcf7ca1 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 23 Apr 2024 10:45:51 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1294, tbw=63210, tp=-1, tpl=-1, uplat=196, ullat=1 pragma public x-fb-debug Jjnc5Qob/Wpce2ebiZGnG1/QyMIyJhGZkk7IzLzJmkKxk2gaUvFMDGz1XMQ0uSGkIEd3efuocb6a04i3HGaqoA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	i.js Show response tag.wknd.ai/4142/	18 KB 6 KB	40ms 8ms	Script text/plain	34.120.253.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.wknd.ai/4142/i.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.253.120.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ad382d81799ff3c4516956af75fb0565090d7176efab50a1a7bb244b270f341c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 09:53:54 GMT content-encoding gzip via 1.1 google age 3117 x-envoy-upstream-service-time 1 x-region us-central1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5786 server istio-envoy etag 4273ccc8e4f063 vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control public,max-age=60 timing-allow-origin * link <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
GET H2	200	main.6192ffb7.js Show response s.pinimg.com/ct/lib/	69 KB 20 KB	14ms 12ms	Script application/javascript	2a02:26f0:3500:893::1931 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/lib/main.6192ffb7.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 6982e83b9ea7682534a77808bc53b3e516bc5d26dc406de1a2ea81c2fdf63a33 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br x-cdn akamai etag "0c0f2aed16e51276069e2c6e45c878c1" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin access-control-max-age 86400 content-type application/javascript access-control-allow-origin * access-control-allow-methods GET access-control-expose-headers X-CDN cache-control max-age=1209600 accept-ranges bytes content-length 19940
GET H2	200	t2_16331p_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 700 B	36ms 16ms	XHR application/json	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 98
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	32ms 7ms	Image image/gif	151.101.1.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1713869151560&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=886256ec-d7aa-46ac-9770-c35f5d12e73e&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_c9439d84&dpm=&dpcc=&dprc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	204	5013978.js Show response bat.bing.com/p/action/	0 116 B	49ms 49ms	Script text/plain	2a01:111:202c::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5013978.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 23 Apr 2024 10:45:51 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7AC8A422AD3344AFB334D325E87CA7D8 Ref B: VIEEDGE1709 Ref C: 2024-04-23T10:45:51Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	104ms 104ms	Image text/plain	2a01:111:202c::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=9953fee7-8121-460c-97a6-f9414b072f26&sid=a7363fd0015e11efaf19539c5f3767ed&vid=a7365c30015e11efb479471a6edafa3f&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=%5Bt%C3%A9st~%20fr%C3%A9%C3%B1~ch%20m%C3%A9~t%C3%A1%20t%C3%AD~tl%C3%A9%20%7C%20%C3%A9~.l.f.%20C%C3%B3~sm%C3%A9t~%C3%ADcs%5D&p=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&r=&lt=17327&evt=pageLoad&sv=1&rn=258049 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 23 Apr 2024 10:45:51 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F9D047AD08914670994C302938BFAC0F Ref B: VIEEDGE1709 Ref C: 2024-04-23T10:45:51Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget.css js.jebbit.com/companion/v1/	15 KB 16 KB	8ms 8ms	Stylesheet text/css	2600:9000:26da:f000:a:7914:b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.css Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:f000:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 875ca118023e8741e684a320e73b7f9af4e8eba6c88f1f7e8457f7c0cdda6efb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id rlLQSdBm9ZTNXvLaketZ1ik.75AdGtXG date Tue, 23 Apr 2024 01:28:06 GMT via 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront) last-modified Wed, 21 Feb 2024 21:57:20 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 33466 x-amz-server-side-encryption AES256 etag "de1b72e797664b9b2c2139e5ccb24844" x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 15521 x-amz-cf-id xQijPw3N3A3XlLeUpE4vL1qh9mQFKgF91yS-xhc5Os7n2Zlv7KwhUA==
GET H2	200	launcher_configs Show response external-api.jebbit.com/moments/v2/	2 B 457 B	55ms 19ms	XHR application/json	3.126.102.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZmcmNhLWRldmVsb3BtZW50LmVsZmNvc21ldGljcy5jb20lMkY=&completedLightboxCampaigns=W10=&jebbitCookies= Requested by Host: js.jebbit.com URL: https://js.jebbit.com/companion/v1/widget.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.102.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-102-193.eu-central-1.compute.amazonaws.com Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff surrogate-control no-store x-dns-prefetch-control off content-length 2 x-xss-protection 1; mode=block pragma no-cache etag W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w" x-download-options noopen vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://frca-development.elfcosmetics.com cache-control no-store, no-cache, must-revalidate, proxy-revalidate access-control-allow-credentials true expires 0
GET H2	200	main.MTIyYzc3NzllMA.js Show response analytics.tiktok.com/i18n/pixel/static/	411 KB 109 KB	29ms 28ms	Script application/javascript	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a54234f412b9bfdc07fcbd75a6e3e22c0f89f89f861ea0e6e6a96c7048834c41 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id f3bf58 date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240419041014A4BE78C0587D93B900E9 x-tt-trace-id 00-240419041014A4BE78C0587D93B900E9-1348D879136F4804-00 vary Accept-Encoding x-cache TCP_HIT from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01dfc4dd41b4764a2119c5fddb34e4ff6f7266e7ad6118ba5d9bf6ac152a1fac9d7a20cc49eeef9fd70a3e26898dfc7a85bc96c58c38b3f94e2dd3f013b411aed6dfed6aebe750a1448aa11b51519fe76f5ee80aeda9d8c8500f2dcc0efe822c5d server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 111320
GET H2	200	main.MTIyYzc3NzllMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	431 KB 114 KB	67ms 67ms	Script application/javascript	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id f3bf59 date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240419041051840D676FEAAC74A8FE53 x-tt-trace-id 00-240419041051840D676FEAAC74A8FE53-7B74A6BA42F1AEFC-00 vary Accept-Encoding x-cache TCP_HIT from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 010e9623b74f758cd0faf46607725c21e2afbd45fdda57fb795f8ef7187aeb0dea9c2a1800ea3e6a43932ea50b27f859a0aee69e57102d691d47579948466367069749bac578c07bd86b1b498ed524588465ee4443a80ee6dc58e3764a940bdfe9 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 116139
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 713 B	255ms 60ms	XHR application/json	2.19.60.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1713869151591&dep=2%2CPAGE_LOAD Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.6192ffb7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.60.189 Dublin, Ireland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-60-189.deploy.static.akamaitechnologies.com Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip strict-transport-security max-age=31536000 ; includeSubDomains ; preload x-cdn akamai akamai-grn 0.a5b01302.1713869151.26834a43 x-envoy-upstream-service-time 1 content-length 186 x-pinterest-rid 1471768418910723 pin-unauth dWlkPU9USTRPV00wWVRFdE9EaGxaaTAwTlRJMExUZ3lZVE10TXpoak9EQmpOalJsWW1VMg pragma no-cache referrer-policy origin vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://frca-development.elfcosmetics.com access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true pinterest-version 0fd3a7bfcf735a2bdf1240be9d2c00e05a32dcff expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 714 B	256ms 61ms	XHR application/json	2.19.60.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1713869151592&dep=5%2CEVENT_TAGS_ABSENT Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.6192ffb7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.60.189 Dublin, Ireland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-60-189.deploy.static.akamaitechnologies.com Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip strict-transport-security max-age=31536000 ; includeSubDomains ; preload x-cdn akamai akamai-grn 0.a5b01302.1713869151.26834a53 x-envoy-upstream-service-time 1 content-length 186 x-pinterest-rid 1383245621791985 pin-unauth dWlkPVpUa3haRGMwTjJNdFltVmtZeTAwTldWakxXSTBOakF0TkdaaFkyUTNPRGN4WVRnMQ pragma no-cache referrer-policy origin vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://frca-development.elfcosmetics.com access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true pinterest-version 0fd3a7bfcf735a2bdf1240be9d2c00e05a32dcff expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 0	255ms 62ms	Fetch image/gif	2.19.60.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffrca-development.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226192ffb7%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22124.0.6367.60%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1713869151594 Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.6192ffb7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.60.189 Dublin, Ireland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-60-189.deploy.static.akamaitechnologies.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000 ; includeSubDomains ; preload x-cdn akamai akamai-grn 0.a5b01302.1713869151.26834a42 x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=600 content-length 35 x-pinterest-rid 1825341995981059 pragma no-cache referrer-policy origin content-type image/gif access-control-allow-origin https://frca-development.elfcosmetics.com pinterest-version 0fd3a7bfcf735a2bdf1240be9d2c00e05a32dcff cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	jsp Show response ut.rd.linksynergy.com/	148 B 405 B	51ms 21ms	Script text/plain	34.98.67.3 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 3.67.98.34.bc.googleusercontent.com Software / Resource Hash a440f8c31cf5b40a13a795a66e5d96464869ffa00541f8b70cd78fe854474780 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/plain; charset=utf-8 date Tue, 23 Apr 2024 10:45:51 GMT via 1.1 google strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148 x-samesite secure
GET H2	200	identify_c26a2.js Show response analytics.tiktok.com/i18n/pixel/static/	139 KB 37 KB	23ms 23ms	Script application/javascript	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id f3c00f date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240419041013A4BE78C0587D93B900BC x-tt-trace-id 00-240419041013A4BE78C0587D93B900BC-2C8DA20A27EAC39D-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01533150360d076d9b8a4d7e7f527ffb1e913d9c640014946a2f6cb51dc9f251e9e729a8089c29b3e2895605bbbafaf154d4428c36f11ec3cf94af7bdc8d68a1d1100ff3cce254d7314e4e86dbbb81e2ec00975155d35d3fc30689dd18154278e3 server-timing cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2 content-length 37126
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 698 B	128ms 128ms	Ping text/plain	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f3c062 date Tue, 23 Apr 2024 10:45:51 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240423104551B052BF8729D14E7B3C94-0EF44DA369E4C6A8-00 x-cache TCP_MISS from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) server-timing inner; dur=20, cdn-cache; desc=MISS, edge; dur=8, origin; dur=97 content-length 0 pragma no-cache server nginx x-tt-logid 20240423104551B052BF8729D14E7B3C94 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 98,92.122.54.19 x-tt-trace-host 01de021079ae58f625e62be24655db03d58e4d3d8a6c73cae9cf2c04422045fc802c92da529e16009db46698fc9ac6bc77395dc72ad63ccc38ea60cf098600a24c79fdc93b715d2933ab8e6b284f9ed7526d9483e078d55b73b0a5fcf4c78f9ed3 access-control-allow-headers Authorization,* expires Tue, 23 Apr 2024 10:45:51 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 697 B	128ms 127ms	Ping text/plain	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f3c063 date Tue, 23 Apr 2024 10:45:51 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24042310455199710CF137E21676E693-0A6494D685A90788-00 x-cache TCP_MISS from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) server-timing inner; dur=16, cdn-cache; desc=MISS, edge; dur=11, origin; dur=95 content-length 0 pragma no-cache server nginx x-tt-logid 2024042310455199710CF137E21676E693 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 95,92.122.54.19 x-tt-trace-host 01de021079ae58f625e62be24655db03d58e4d3d8a6c73cae9cf2c04422045fc80f1918286fa60438ea8a51e1e2c659f55445be44101695a5961d9059224009c7ce035ce14c71b5087a539bc82c71133e61f957c362fc4b84da04d97fd56fa6c83 access-control-allow-headers Authorization,* expires Tue, 23 Apr 2024 10:45:51 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 698 B	141ms 141ms	Ping text/plain	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f3c069 date Tue, 23 Apr 2024 10:45:51 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24042310455158C21A9D11D7027CAA55-2F4E1686A8298496-00 x-cache TCP_MISS from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) server-timing inner; dur=20, cdn-cache; desc=MISS, edge; dur=8, origin; dur=99 content-length 0 pragma no-cache server nginx x-tt-logid 2024042310455158C21A9D11D7027CAA55 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 100,92.122.54.19 x-tt-trace-host 01de021079ae58f625e62be24655db03d58e4d3d8a6c73cae9cf2c04422045fc80a14b51d4868085414770c53919d5105b11fb27e0d6a0b901997382445f0858496b698057fc843e16b7639fa4c027e29412ef2fa34edb0fb084603809eff584fc access-control-allow-headers Authorization,* expires Tue, 23 Apr 2024 10:45:51 GMT
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	9 KB 5 KB	189ms 189ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash 0926f532f6ce5ab30df7d44148e0101f888e91a6743934bfa3f6272ac5d7c4a2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:51 GMT content-encoding gzip access-control-allow-headers * content-length 4861 apigw-requestid WrOnBjRkIAMEYLg= content-type application/json
GET H2	200	/ www.facebook.com/tr/	0 273 B	30ms 9ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Ffrca-development.elfcosmetics.com%2F&rl=&if=false&ts=1713869151794&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1713869151791.1039135431&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1713869151540&coo=false&eid=1713869399310_17138693659806&tm=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2757, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 23 Apr 2024 10:45:51 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	/ ct.pinterest.com/v3/	35 B 0	65ms 65ms	Fetch image/gif	2.19.60.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1713869151855&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU9USTRPV00wWVRFdE9EaGxaaTAwTlRJMExUZ3lZVE10TXpoak9EQmpOalJsWW1VMg%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffrca-development.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226192ffb7%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22124.0.6367.60%22%2C%22ecm_enabled%22%3Afalse%7D Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.6192ffb7.js Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.60.189 Dublin, Ireland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-60-189.deploy.static.akamaitechnologies.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers quic-version 0x00000001 date Tue, 23 Apr 2024 10:45:51 GMT strict-transport-security max-age=31536000 ; includeSubDomains ; preload x-cdn akamai akamai-grn 0.96b01302.1713869151.4f706dd1 x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=600 content-length 35 x-pinterest-rid 1344903675705628 pragma no-cache referrer-policy origin content-type image/gif access-control-allow-origin https://frca-development.elfcosmetics.com pinterest-version 0fd3a7bfcf735a2bdf1240be9d2c00e05a32dcff cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	exist Show response srm.ba.contentsquare.net/	2 B 94 B	103ms 33ms	Fetch application/json	54.246.182.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://srm.ba.contentsquare.net/exist?v=14.5.1&pid=1926&pn=1&sn=1&uu=5c00c60a-e3b6-a86f-ddd8-de96efae6888 Requested by Host: t.contentsquare.net URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.246.182.253 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-182-253.eu-west-1.compute.amazonaws.com Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:51 GMT content-length 2 content-type application/json
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 699 B	156ms 155ms	Ping text/plain	92.122.54.101 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.54.101 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-122-54-101.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f3c223 date Tue, 23 Apr 2024 10:45:52 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24042310455233C438FAA12E1C608A37-3D90E3F38684D6CB-00 x-cache TCP_MISS from a92-122-54-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) server-timing inner; dur=38, cdn-cache; desc=MISS, edge; dur=12, origin; dur=120 content-length 0 pragma no-cache server nginx x-tt-logid 2024042310455233C438FAA12E1C608A37 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 120,92.122.54.19 x-tt-trace-host 01de021079ae58f625e62be24655db03d58e4d3d8a6c73cae9cf2c04422045fc80c803193432a70b0e8b0652f611ab211a0e7d7d47e229a7885e873c0a63134228fccc7e75c04a15829dbccf88c7838682b3c615687348f32eeac133567690a695 access-control-allow-headers Authorization,* expires Tue, 23 Apr 2024 10:45:52 GMT
GET H2	200	local www.sandbox.paypal.com/credit-presentment/experiments/ Frame 77BD	0 0	26ms 7ms	Document text/html	151.101.67.1 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.sandbox.paypal.com/credit-presentment/experiments/local?uid=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRiU2pQenBpdWdMVWFtTGJ4anNMTnRuMVNWdllkMURaQUZsY3FlMHNfZGZjUURqZ09OME16eDlLMndWaEprQ0g4UUVNOVZMVGVBVF9vTXImaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1DQUQmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9ydXlueHN5YnZnc2llZGpreW1jdnZmemh0cHhyaHcifX0&env=sandbox&scriptUID=uid_ruynxsybvgsiedjkymcvvfzhtpxrhw&version=1.63.0&integrationType=SDK Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AdbSjPzpiugLUamLbxjsLNtn1SVvYd1DZAFlcqe0s_dfcQDjgON0Mzx9K2wVhJkCH8QEM9VLTeAT_oMr&intent=authorize&currency=CAD&vault=true&components=buttons,messages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.67.1 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-expose-headers Server-Timing age 51208 cache-control s-maxage=86400, max-age=0 content-encoding gzip content-length 1524 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com content-type text/html; charset=utf-8 date Tue, 23 Apr 2024 10:45:52 GMT edge-cache-tag up-treatments-zoid etag W/"1479-XAmp36Pofur6P3giEc4Nq1wjs3w" origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f938159ae5ded permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing content-encoding;desc=gzip strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 478 x-served-by cache-fra-etou8220135-FRA x-timer S1713869152.078689,VS0,VE1 x-xss-protection 1; mode=block
GET H2	200	runtime_6459738026535cda4232dc813c61447d.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 2 KB	36ms 8ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 05:57:56 GMT content-encoding br age 190076 x-guploader-uploadid ABPtcPrNn5qcXkaO2qKOExQ3SZlQJKZp5lgUIUDMCjga1lAYnaBLE2TGk8wIs8B0RsAn6AeFeEskAaU5wg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1316 last-modified Thu, 18 Apr 2024 19:25:37 GMT server UploadServer etag "09512239cb2a22728ca9f8608dfc2181" x-goog-generation 1705949047694544 x-goog-hash crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 1316 accept-ranges bytes content-type text/javascript
GET H2	200	main-v2_13c2f0d452a949ebd0aa1f642b47d8ed.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	486 KB 106 KB	8ms 7ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_13c2f0d452a949ebd0aa1f642b47d8ed.br.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash f294afcd0da324a493b0a0d97fdc749c7edccbcb17f0ec20317b704a351c8410 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 22 Apr 2024 20:45:43 GMT content-encoding br age 50409 x-guploader-uploadid ABPtcPrSdHv7_hDgEuxxdDMn2ShSZ5dx7V45QwVuhQtzEKOMABzXhHPmZ5M8cYNBeT1uC55iIGsYGEc7hA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 108259 last-modified Mon, 22 Apr 2024 20:45:37 GMT server UploadServer etag "2d44a07dee8792de69e35e56c6390bcd" x-goog-generation 1713818737030041 x-goog-hash crc32c=lAMSyg==, md5=LUSgfe6Hkt5p415WxjkLzQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 108259 accept-ranges bytes content-type text/javascript
GET H2	200	cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	49 KB 16 KB	23ms 23ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 22 Apr 2024 21:00:02 GMT content-encoding gzip age 49550 x-guploader-uploadid ABPtcPqhPzfanDplIb-fxky2NRLSItpbrtnzWGnu5lPE8Ul8783nu9TGBvDzWXhNptp7O4UkEeY-7gFqpA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15748 last-modified Mon, 22 Apr 2024 20:59:52 GMT server UploadServer etag "1eb885454ea6bef1c9747800702959de" x-goog-generation 1713819592631797 x-goog-hash crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000,no-transform x-goog-stored-content-length 15748 accept-ranges bytes content-type text/javascript; charset=utf-8
GET H3	200	inbox-v2_749c9ccd613f1a40075d1e7b59caea42.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	17 KB 5 KB	13ms 12ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_749c9ccd613f1a40075d1e7b59caea42.br.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 3a0cb24163d51976d5904bac47f896454a8bdbd333ebccc00ca9805645b165c4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 20:25:57 GMT content-encoding br age 2211595 x-guploader-uploadid ABPtcPoSRPMPn47RDgXwDgrbtAIhA_pErKwqxZVjLDsbnTC8sc2maZqn1JUqgif36QKVbrmTmP8 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5080 last-modified Thu, 28 Mar 2024 20:25:50 GMT server UploadServer etag "d501c542732291fff75a0156b4700c01" x-goog-generation 1711657550379643 x-goog-hash crc32c=k9Hglg==, md5=1QHFQnMikf/3WgFWtHAMAQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 5080 accept-ranges bytes content-type text/javascript
GET H3	200	sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 1 KB	13ms 13ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 10:05:14 GMT content-encoding br age 175238 x-guploader-uploadid ABPtcPr5_q4o_I1vTUQxJ2TgjmpbFeXxHByPUw3nfJyeBHpAYXGLOwtyYF8MgSaURLxzvjgdQgTys01SwQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1303 last-modified Thu, 18 Apr 2024 19:25:39 GMT server UploadServer etag "684b816ff7fa85526ab4b729fb5f0c91" x-goog-generation 1705949054010429 x-goog-hash crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 1303 accept-ranges bytes content-type text/javascript
GET H3	200	onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	16 KB 5 KB	11ms 11ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 17 Apr 2024 03:05:23 GMT content-encoding br age 546029 x-guploader-uploadid ABPtcPoOGL6DRQudHbU-trnMRSn4VZEC6syhONCM_LdAaePhZvZiyvKczzbAKZXtvUovoLn3cQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5003 last-modified Thu, 28 Mar 2024 20:25:58 GMT server UploadServer etag "7ff99b6f1cea743cef749de91009e764" x-goog-generation 1711657558214674 x-goog-hash crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 5003 accept-ranges bytes content-type text/javascript
GET H/1.1	200 OK	/ Show response data.cdnbasket.net/	14 B 338 B	581ms 121ms	XHR application/json	35.201.71.128 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://data.cdnbasket.net/ Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 35.201.71.128 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 128.71.201.35.bc.googleusercontent.com Software / Resource Hash 20b5beed55194fa4533847035bd319a85a2661d63d7f399df83f609780cb5ae4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Tue, 23 Apr 2024 10:45:52 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H/1.1	200 OK	/ Show response page.cdnbasket.net/	14 B 338 B	578ms 118ms	XHR application/json	34.120.206.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://page.cdnbasket.net/ Requested by Host: assets.bounceexchange.com URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.120.206.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.206.120.34.bc.googleusercontent.com Software / Resource Hash 8e3855213b9f60776e7039c2b789c570847cca790cd4ae78327e7b09da3d2eb3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Tue, 23 Apr 2024 10:45:52 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET		/ view.cdnbasket.net/	0 0
GET H3	200	jquery-3.5.1.min.js Show response assets.bounceexchange.com/assets/bounce/	87 KB 31 KB	9ms 9ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 03:30:41 GMT content-encoding br age 2358911 x-guploader-uploadid ABPtcPqU_e6EX2BDA9ipHFyWXt1KYr3RzPlbYv07FMoholZJYKWfdOLUPfx6a5cidT8STqgzYtI x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31571 last-modified Thu, 22 Feb 2024 18:02:41 GMT server UploadServer etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" vary Accept-Encoding x-goog-generation 1708624961067655 x-goog-hash crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 89476 accept-ranges none content-type text/javascript; charset=UTF-8
GET H2	200	local_storage_frame17.min.html assets.bounceexchange.com/assets/bounce/ Frame 8950	0 0	21ms 8ms	Document text/html	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges none access-control-allow-origin * access-control-expose-headers etag Content-Type age 652240 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=31536000 content-encoding br content-length 938 content-type text/html; charset=UTF-8 date Mon, 15 Apr 2024 21:35:12 GMT etag W/"fc893948c3efc689b5b19d8a77958e23" last-modified Thu, 15 Feb 2024 20:28:42 GMT server UploadServer vary Accept-Encoding x-goog-generation 1708028922119665 x-goog-hash crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 2408 x-guploader-uploadid ABPtcPpeCFS0wPYGlDzc0xj58Y8muG3rVUVZ24wJmgwqubxLYYwv7xcSG2--BKQS_dtxRCNEWMjNeAApPw
GET H3	200	token_create.js Show response ct.pinterest.com/static/ct/	4 KB 2 KB	60ms 59ms	Script application/javascript	2.19.60.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/static/ct/token_create.js Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H3 Security QUIC, , AES_256_GCM Server 2.19.60.189 Dublin, Ireland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-60-189.deploy.static.akamaitechnologies.com Software / Resource Hash ca727c9d9c5d3ffa9fc01a2c57d612263a5ef4138da8d9b8e76e354835882466 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:52 GMT content-encoding gzip strict-transport-security max-age=31536000 ; includeSubDomains ; preload x-cdn akamai akamai-grn 0.96b01302.1713869152.4f707346 etag "2a8d051abafd7b1d3f62592455b15f0c" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript cache-control max-age=7200 alt-svc h3=":443"; ma=600 content-length 2108 quic-version 0x00000001
GET H2	200	ct.html ct.pinterest.com/ Frame EC4B	0 0	391ms 120ms	Document text/html	2.19.60.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/ct.html Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.60.189 Dublin, Ireland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-60-189.deploy.static.akamaitechnologies.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://frca-development.elfcosmetics.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers akamai-grn 0.a5b01302.1713869152.2683652b alt-svc h3=":443"; ma=600 cache-control max-age=86400 content-encoding gzip content-length 323 content-type text/html; charset=utf-8 date Tue, 23 Apr 2024 10:45:52 GMT pinterest-version 0fd3a7bfcf735a2bdf1240be9d2c00e05a32dcff referrer-policy origin strict-transport-security max-age=31536000 ; includeSubDomains ; preload vary Accept-Encoding x-cdn akamai x-envoy-upstream-service-time 1 x-pinterest-rid 1408722421419728
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	9 KB 5 KB	186ms 182ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash 0926f532f6ce5ab30df7d44148e0101f888e91a6743934bfa3f6272ac5d7c4a2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:52 GMT content-encoding gzip access-control-allow-headers * content-length 4861 apigw-requestid WrOnGgrgIAMEMRQ= content-type application/json
POST H2	200	token Show response frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/	2 KB 2 KB	261ms 261ms	Fetch application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/token Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 88aaaa9b6d9ee277b209b3a9b49d5f4239b5d8fff10d2d6c52733874da0ea19d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded c_x-pwa-request true Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:52 GMT strict-transport-security max-age=31536000; includeSubDomains x-correlation-id 878d443b2e1b0a87 cf-cache-status DYNAMIC via 1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront) x-amz-cf-pop PHL50-C1 age 0 x-yottaa-optimizations ob/1000 si/23D1cc8d5972-1713544935-1961699966 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 content-encoding gzip x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 pragma no-cache x-ratelimit-1m-remaining 476, 1963745 x-ratelimit-1m-reset 7475, 7474 vary Accept-Encoding, Accept-Encoding, User-Agent x-ratelimit-1m-limit 500, 2000000 content-type application/json; charset=utf-8 cache-control no-store x-yottaa-os 200 x-server Smartling x-proxy-request-url https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_dev/oauth2/token x-yottaa-metrics 23214047a16a/[145,134,-] 23D1cc8d5972/[-,147.475] cf-ray 878d443b2e1b0a87-IAD x-amz-cf-id uJvxzO-KR1RjqwyJtzU0EQuFYo_wdYNouhRpzObh1WGbdq0jFoW1QQ== x-sl-notranslate 1
OPTIONS H2	200	viewPage api.cquotient.com/v3/activities/bbxc-elf-us/ Frame	0 0	107ms 31ms	Preflight	54.74.149.197
General Check archive.org Show headers Download Go to Full URL https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.74.149.197 -, , ASN (), Reverse DNS Software envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubdomains Request headers Accept */* Access-Control-Request-Headers content-type,x-cq-client-id Access-Control-Request-Method POST Origin https://frca-development.elfcosmetics.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization, content-type, x-cq-tenant, x-cq-client-id access-control-allow-methods POST access-control-allow-origin https://frca-development.elfcosmetics.com content-length 0 date Tue, 23 Apr 2024 10:45:52 GMT server envoy strict-transport-security max-age=15552000; includeSubdomains x-envoy-upstream-service-time 1
POST H2	204	sessions Show response frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/	0 1 KB	1200ms 1199ms	XHR text/plain	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 authorization Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiI0YjMyOWU3Zi01MWEwLTQ4MjEtYmZiMC04YzExNjU5YzgyMTIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDo5OWJhY2MwNi1kOTNlLTQ3ZTgtOTgyNi01MmVjZTY3OGM3ODciLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzEzODY5MTIyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYm1ySkd3dWxIa2J3UnhiSVh4cVlZbDBzMjo6Y2hpZDogIiwiZXhwIjoxNzEzODcwOTUyLCJpYXQiOjE3MTM4NjkxNTIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDEwOTcyODM4NzQxNzMzNTcifQ.Uz7Euy2DYoVQ0BtTs3KKLtPBab5Jj4YDr5R-eGA4NvRwhu5WcoPVwVbqlrPLvLBlDUKIqKuC2nSNdeV7Q83V3A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:53 GMT via 1.1 236197b1350688f238411607ca197958.cloudfront.net (CloudFront) cf-cache-status DYNAMIC x-yottaa-metrics 2521cc028594/[824,819,-] 25D1cc0285ed/[-,825.134] x-amz-cf-pop SFO20-C1 age 0 x-yottaa-optimizations ob/0 si/25D1cc0285ed-1713544934-5691118799 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-dw-version-status obsolete x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 pragma no-cache allow OPTIONS,POST access-control-allow-origin https://frca-development.elfcosmetics.com access-control-expose-headers etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-server Smartling x-proxy-request-url https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions x-sl-notranslate 1 cf-ray 878d44407bf015d6-SJC x-dw-request-base-id G3HAXmGRJ2YBAAB_ x-amz-cf-id RrcCE4nchAeU62L8UdTB1wVjMBAS48M5wDmkaGyxdbmrQoKEI1BRmA== x-yottaa-os 204 expires Thu, 01 Dec 1994 16:00:00 GMT
POST H2	200	shoppercontext Show response frca-development.elfcosmetics.com/api/v1/	135 B 950 B	1497ms 1496ms	XHR application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash d7003226e2fea50e6765c46fe1bdacfe3a16adedd6c7a2530fef876c2356cf9f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 authorization Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiI0YjMyOWU3Zi01MWEwLTQ4MjEtYmZiMC04YzExNjU5YzgyMTIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDo5OWJhY2MwNi1kOTNlLTQ3ZTgtOTgyNi01MmVjZTY3OGM3ODciLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzEzODY5MTIyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYm1ySkd3dWxIa2J3UnhiSVh4cVlZbDBzMjo6Y2hpZDogIiwiZXhwIjoxNzEzODcwOTUyLCJpYXQiOjE3MTM4NjkxNTIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDEwOTcyODM4NzQxNzMzNTcifQ.Uz7Euy2DYoVQ0BtTs3KKLtPBab5Jj4YDr5R-eGA4NvRwhu5WcoPVwVbqlrPLvLBlDUKIqKuC2nSNdeV7Q83V3A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:54 GMT strict-transport-security max-age=15552000; includeSubDomains via 1.1 0f44a07f05d21dc75e935a703360349c.cloudfront.net (CloudFront) x-amzn-remapped-content-length 135 content-encoding gzip x-amz-cf-pop DFW56-P2 age 0 x-amzn-remapped-connection close x-amzn-requestid 64c6b916-6202-40a6-9a5a-ce5fbd709157 x-yottaa-optimizations ob/1000 si/32D1a5fec6d3-1713544935-6851096571 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Miss from cloudfront x-sl-norewrite 1 x-amz-apigw-id WrOnNHTYoAMEV9Q= alt-svc h3=":443"; ma=86400 etag W/"87-WFt3zDSdrvttkMP6rAK367Qj/Rw" x-amzn-trace-id Root=1-66279160-2742d7780a03f3a82c452e71;Parent=76c287174ab24d41;Sampled=0;lineage=0483b39b:0 vary Accept-Encoding content-type application/json; charset=utf-8 x-yottaa-os 200 x-yottaa-metrics 3221cc02d1b1/[1268,1261,-] 32D1a5fec6d3/[-,1270.938] x-server Smartling x-sl-notranslate 1 x-amzn-remapped-date Tue, 23 Apr 2024 10:45:53 GMT x-amz-cf-id ICt2YuRZaqElryORLRpVdJHMqic8rEnHghihOo8l1MDCQaOFZUXWNw==
POST H2	201	sync Show response sdk.iad-05.braze.com/api/v3/content_cards/	85 B 251 B	236ms 236ms	XHR application/json	2606:4700:4400::ac40:965f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 994e7a1f9ece911917490ac02f0737547cf7992cc16e232082eb5fd246cb12ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-Braze-Api-Key 23316cb7-f57f-4f14-a7d3-8bed8ca921f5 X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/json BRAZE-SYNC-RETRY-COUNT 0 Referer https://frca-development.elfcosmetics.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9;q=0.9 X-Braze-ContentCardsRequest true sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:52 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id 9c843a9b-00fe-4f9d-8a5a-c31644f5c591 x-runtime 0.080691 server cloudflare etag W/"994e7a1f9ece911917490ac02f073754" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1713869154 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 878d443bfbc919ab-FRA x-ratelimit-remaining 498.0
GET H2	200	geo-ip Show response frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/	179 B 959 B	547ms 547ms	XHR application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.10.200 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json c_x-pwa-request true Referer https://frca-development.elfcosmetics.com/ x-dw-client-id bc4b91c6-6960-4cb9-b44d-33cc7dfe679b sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:53 GMT sfdc_customization HOOK x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 af5cdbeee0d74dc841ba3e8c1801409a.cloudfront.net (CloudFront) x-amz-cf-pop ORD52-C2 age 0 x-yottaa-optimizations ob/1000 si/26D1cc8d584a-1713544935-103454629 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 content-encoding gzip x-dw-version-status obsolete x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 vary Accept-Encoding allow GET,HEAD,OPTIONS content-type application/json; charset=utf-8 cache-control max-age=0,no-cache,no-store,must-revalidate x-yottaa-os 200 x-server Smartling x-proxy-request-url https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.10.200 x-yottaa-metrics 2621cc023036/[351,345,-] 26D1cc8d584a/[-,354.084] cf-ray 878d443e1b4c1044-ORD x-dw-request-base-id G3G8XmGRJ2YBAAB_ x-amz-cf-id SbK9CdwsG4zdFBxKWDcgVYNXmjKu6SdxjaUVPAhAQYoZLO_fMo4hMQ== x-sl-notranslate 1
GET H2	200	geo-ip Show response frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/	179 B 959 B	1274ms 725ms	XHR application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.10.200 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json c_x-pwa-request true Referer https://frca-development.elfcosmetics.com/ x-dw-client-id bc4b91c6-6960-4cb9-b44d-33cc7dfe679b sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:53 GMT sfdc_customization HOOK x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 7581b66819bfc73b585e8930fb9ac792.cloudfront.net (CloudFront) x-amz-cf-pop SFO20-C1 age 0 x-yottaa-optimizations ob/1000 si/25D1cc0285ed-1713544934-5691118801 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 content-encoding gzip x-dw-version-status obsolete x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 vary Accept-Encoding allow GET,HEAD,OPTIONS content-type application/json; charset=utf-8 cache-control max-age=0,no-cache,no-store,must-revalidate x-yottaa-os 200 x-server Smartling x-proxy-request-url https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.10.200 x-yottaa-metrics 2521cc028592/[351,345,-] 25D1cc0285ed/[-,352.076] cf-ray 878d44426e15fa2a-SJC x-dw-request-base-id G3HEXmGRJ2YBAAB_ x-amz-cf-id n_Ucn2D7i0-E9SctNSxIdf3ZcIkCZ_VvLZ9L9ZogLx4TFYQyEhrC5Q== x-sl-notranslate 1
GET H2	200	baskets Show response frca-development.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/abmrJGwulHkbwRxbIXxqYYl0s2/	11 B 2 KB	339ms 339ms	Fetch application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/abmrJGwulHkbwRxbIXxqYYl0s2/baskets?siteId=elf-us Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiI0YjMyOWU3Zi01MWEwLTQ4MjEtYmZiMC04YzExNjU5YzgyMTIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDo5OWJhY2MwNi1kOTNlLTQ3ZTgtOTgyNi01MmVjZTY3OGM3ODciLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzEzODY5MTIyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYm1ySkd3dWxIa2J3UnhiSVh4cVlZbDBzMjo6Y2hpZDogIiwiZXhwIjoxNzEzODcwOTUyLCJpYXQiOjE3MTM4NjkxNTIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDEwOTcyODM4NzQxNzMzNTcifQ.Uz7Euy2DYoVQ0BtTs3KKLtPBab5Jj4YDr5R-eGA4NvRwhu5WcoPVwVbqlrPLvLBlDUKIqKuC2nSNdeV7Q83V3A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 c_x-pwa-request true Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:53 GMT sfdc_customization HOOK dnt 0 cf-cache-status DYNAMIC x-correlation-id 878d443d9f9c05e9 x-content-type-options nosniff via 1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P3 x-yottaa-optimizations ob/1000 si/38D1cc02313f-1713544935-4525833202 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 content-security-policy-report-only script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=MLWMp_kw1yR1x3hPU210JJxk7G_qBfzUcoph6pgp9VY-1713869152-1.0.1.1-quXFb4S_0WmyNRHa4Sgnc31fWBqan857ovxUeMOEsj7P9Otws66vy4oFvKcMCK8_WNsqEhdq1jacqDCL5NjGQf32pi19VGgzXIcaKA00xAbctOv4sWaoSo3mSjgHfPGJYihGMBsumXRvwriy08REd1pd6eX_XqbzBM4wdqRDi1QNkwCtbUv9Hh.WuDjXNTJa; report-to cf-csp-endpoint x-cache Miss from cloudfront age 0 x-sl-norewrite 1 content-encoding gzip alt-svc h3=":443"; ma=86400 vary Accept-Encoding, Accept-Encoding allow GET,HEAD,OPTIONS content-type application/json; charset=utf-8 x-ratelimit-remaining 999 report-to {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=MLWMp_kw1yR1x3hPU210JJxk7G_qBfzUcoph6pgp9VY-1713869152-1.0.1.1-quXFb4S_0WmyNRHa4Sgnc31fWBqan857ovxUeMOEsj7P9Otws66vy4oFvKcMCK8_WNsqEhdq1jacqDCL5NjGQf32pi19VGgzXIcaKA00xAbctOv4sWaoSo3mSjgHfPGJYihGMBsumXRvwriy08REd1pd6eX_XqbzBM4wdqRDi1QNkwCtbUv9Hh.WuDjXNTJa"}],"group":"cf-csp-endpoint","max_age":86400} cache-control max-age=0,no-cache,no-store x-yottaa-os 200 x-server Smartling x-proxy-request-url https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_dev/customers/abmrJGwulHkbwRxbIXxqYYl0s2/baskets?siteId=elf-us x-ratelimit-limit 99999 x-yottaa-metrics 3821cc02317d/[210,198,-] 38D1cc02313f/[-,213.207] cf-ray 878d443d9f9c05e9-IAD x-amz-cf-id hE-KTIYwH9E95XQd9_b0ri_M8rCxoTvCMEEKtElBIHDg1DjlUEi32Q== x-sl-notranslate 1
POST H2	200	viewPage Show response api.cquotient.com/v3/activities/bbxc-elf-us/	98 B 526 B	37ms 37ms	Fetch application/json	54.74.149.197
General Check archive.org Show headers Download Go to Full URL https://api.cquotient.com/v3/activities/bbxc-elf-us/viewPage Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.74.149.197 -, , ASN (), Reverse DNS Software envoy / Resource Hash 82cef4a4648c5dc9e9daec2b8fa1b5e6201874065e607e0168e02ed4ff7a9d0d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" x-cq-client-id bc4b91c6-6960-4cb9-b44d-33cc7dfe679b Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:52 GMT strict-transport-security max-age=15552000; includeSubdomains server envoy etag W/"62-Lq/z1ctiO+pSKCyvnO1b5YX9Ank" access-control-allow-methods GET, POST content-type application/json; charset=utf-8 access-control-allow-origin https://frca-development.elfcosmetics.com access-control-allow-credentials true x-envoy-upstream-service-time 3 content-length 98
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	9 KB 5 KB	195ms 195ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash 1afcac29910c8bf526ff078e3e63a5d08f7142871510e4de28b4c3bb50ca9b24 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:52 GMT content-encoding gzip access-control-allow-headers * content-length 4861 apigw-requestid WrOnLi0UoAMEMuQ= content-type application/json
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	9 KB 5 KB	181ms 180ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash 1afcac29910c8bf526ff078e3e63a5d08f7142871510e4de28b4c3bb50ca9b24 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:53 GMT content-encoding gzip access-control-allow-headers * content-length 4861 apigw-requestid WrOnNiwyoAMEMXQ= content-type application/json
GET H2	451	458359.gif idsync.rlcdn.com/	0 98 B	135ms 17ms	Image text/plain	35.244.174.68
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/458359.gif?partner_uid=583ae495-ea44-4602-9d12-25453c7785f7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:53 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	200	baskets Show response frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/	3 KB 2 KB	462ms 461ms	XHR application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash f8dd214017976ac21eb2dea25ae41d36d9d1491f2693f148b3397b2d9ae72b1e Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 authorization Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiI0YjMyOWU3Zi01MWEwLTQ4MjEtYmZiMC04YzExNjU5YzgyMTIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDo5OWJhY2MwNi1kOTNlLTQ3ZTgtOTgyNi01MmVjZTY3OGM3ODciLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzEzODY5MTIyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYm1ySkd3dWxIa2J3UnhiSVh4cVlZbDBzMjo6Y2hpZDogIiwiZXhwIjoxNzEzODcwOTUyLCJpYXQiOjE3MTM4NjkxNTIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDEwOTcyODM4NzQxNzMzNTcifQ.Uz7Euy2DYoVQ0BtTs3KKLtPBab5Jj4YDr5R-eGA4NvRwhu5WcoPVwVbqlrPLvLBlDUKIqKuC2nSNdeV7Q83V3A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json c_x-pwa-request true Referer https://frca-development.elfcosmetics.com/ x-dw-client-id bc4b91c6-6960-4cb9-b44d-33cc7dfe679b sec-ch-ua-platform "Win32" Response headers content-encoding gzip age 0 x-dw-version-status obsolete pragma no-cache etag 7ce1310c06d72b9098db68732a8a5d023a154474978ffbb211b71093237c41a8-timestamp-1713869153-last_modified-0-uid-12951553 vary Accept-Encoding content-type application/json; charset=utf-8 x-dw-resource-state 7ce1310c06d72b9098db68732a8a5d023a154474978ffbb211b71093237c41a8 access-control-allow-origin https://frca-development.elfcosmetics.com access-control-expose-headers etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id cache-control no-cache, no-store, must-revalidate x-yottaa-os 200 x-proxy-request-url https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets x-sl-notranslate 1 x-yottaa-metrics 2621cc023037/[280,271,-] 26D1cc8d584a/[-,282.828] expires Thu, 01 Dec 1994 16:00:00 GMT date Tue, 23 Apr 2024 10:45:53 GMT sfdc_customization HOOK x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 8aaf7991e324696a1356521b2694d9b4.cloudfront.net (CloudFront) x-amz-cf-pop ORD52-C2 x-yottaa-optimizations ob/1000 si/26D1cc8d584a-1713544935-103454630 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 allow OPTIONS,POST access-control-allow-credentials true x-server Smartling cf-ray 878d44403a0260b2-ORD x-dw-request-base-id G3G_XmGRJ2YBAAB_ x-amz-cf-id 5pkv6Qitwc54G_n0T6daulUE4py94V076YajA9odVBr9XbuNTW0vUg==
GET H2	200	ca.svg frca-development.elfcosmetics.com/mobify/bundle/11135/static/img/flag-icons/	1 KB 1 KB	280ms 280ms	Image image/svg+xml	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://frca-development.elfcosmetics.com/mobify/bundle/11135/static/img/flag-icons/ca.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 1ecca6335ccb02d4c40f0790869ae2ba8778357a116bbbcf20b1a140423f992d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:53 GMT via 1.1 9fdab4dc7c7967e18bed8859821a92b6.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop DFW56-P2 age 0 x-yottaa-optimizations ob/1000 si/32D1a5fec6d3-1713544935-6851096573 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Hit from cloudfront x-sl-norewrite 1 x-amz-meta-deploy 734673 alt-svc h3=":443"; ma=86400 x-amz-meta-bundle 11135 x-yottaa-forcecache true, true content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31104000 x-yottaa-os 200 x-server Smartling x-yottaa-metrics 3221a5fec63e/[56,46,-] 32D1a5fec6d3/[-,58.976] x-sl-notranslate 1 x-amz-cf-id BlPPA8utkJ_4gRP8eee-be9yjjOOdkflQCnduEnv8euH_Juf-sjLTw==
POST H2	200	/ Show response pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	10 KB 5 KB	193ms 193ms	XHR application/json	50.17.112.103 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/ Requested by Host: pinchjs-cdn.gdn.smartling.com URL: https://pinchjs-cdn.gdn.smartling.com/sl-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.17.112.103 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-112-103.compute-1.amazonaws.com Software / Resource Hash 1386e5a97fe731ce68a4f353730e69562aeddd81bfc7a04470572cad5ece2a04 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-SL-PJS-Version 0.269 X-SL-PJS-Uid a8aa72de7 Accept-Language de-DE,de;q=0.9;q=0.9 X-SL-PJS-Locale fr-CA sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Referer https://frca-development.elfcosmetics.com/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 23 Apr 2024 10:45:53 GMT content-encoding gzip access-control-allow-headers * content-length 4970 apigw-requestid WrOnShtIoAMEYzQ= content-type application/json
PATCH H2	200	1370620c9d22d579adb19f0965 Show response frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets/	3 KB 2 KB	431ms 431ms	XHR application/json	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frca-development.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets/1370620c9d22d579adb19f0965 Requested by Host: frca-development.elfcosmetics.com URL: https://frca-development.elfcosmetics.com/mobify/bundle/11135/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash ae36ded4ddb2e6c4fe1463b5004137c283250989a44a2b6ef4f42eef62058f8e Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 authorization Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19kZXYiLCJraWQiOiI0YjMyOWU3Zi01MWEwLTQ4MjEtYmZiMC04YzExNjU5YzgyMTIiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnRhX2V4dF9vbl9iZWhhbGZfb2Ygc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5ydyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnBheW1lbnRpbnN0cnVtZW50cyBzZmNjLnNob3BwZXItY3VzdG9tZXJzLmxvZ2luIHNmY2Muc2hvcHBlci1jb250ZXh0LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQub3JkZXJzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMucmVnaXN0ZXIgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucHJvZHVjdGxpc3RzLnJ3IHNmY2Muc2hvcHBlci1wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLXByb21vdGlvbnMgc2ZjYy5zaG9wcGVyLWJhc2tldHMtb3JkZXJzLnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzLnJ3IHNmY2Muc2hvcHBlci1naWZ0LWNlcnRpZmljYXRlcyBzZmNjLnNob3BwZXItcHJvZHVjdC1zZWFyY2ggc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMgc2ZjYy5zaG9wcGVyLWNhdGVnb3JpZXMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudCIsInN1YiI6ImNjLXNsYXM6OmJieGNfZGV2OjpzY2lkOmJjNGI5MWM2LTY5NjAtNGNiOS1iNDRkLTMzY2M3ZGZlNjc5Yjo6dXNpZDo5OWJhY2MwNi1kOTNlLTQ3ZTgtOTgyNi01MmVjZTY3OGM3ODciLCJjdHgiOiJzbGFzIiwiaXNzIjoic2xhcy9wcm9kL2JieGNfZGV2IiwiaXN0IjoxLCJkbnQiOiIwIiwiYXVkIjoiY29tbWVyY2VjbG91ZC9wcm9kL2JieGNfZGV2IiwibmJmIjoxNzEzODY5MTIyLCJzdHkiOiJVc2VyIiwiaXNiIjoidWlkbzpzbGFzOjp1cG46R3Vlc3Q6OnVpZG46R3Vlc3QgVXNlcjo6Z2NpZDphYm1ySkd3dWxIa2J3UnhiSVh4cVlZbDBzMjo6Y2hpZDogIiwiZXhwIjoxNzEzODcwOTUyLCJpYXQiOjE3MTM4NjkxNTIsImp0aSI6IkMyQzE5NTE2NDkyNjkwLTQyNDY0OTgyMDEwOTcyODM4NzQxNzMzNTcifQ.Uz7Euy2DYoVQ0BtTs3KKLtPBab5Jj4YDr5R-eGA4NvRwhu5WcoPVwVbqlrPLvLBlDUKIqKuC2nSNdeV7Q83V3A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json c_x-pwa-request true Referer https://frca-development.elfcosmetics.com/ x-dw-client-id bc4b91c6-6960-4cb9-b44d-33cc7dfe679b sec-ch-ua-platform "Win32" Response headers x-yottaa-profileid 65b93e604f1bbfdea815a531 date Tue, 23 Apr 2024 10:45:53 GMT sfdc_customization HOOK x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 0dfd4a767fdb169a154f978de9887036.cloudfront.net (CloudFront) x-amz-cf-pop ORD52-C2 age 0 x-yottaa-optimizations ob/1000 si/26D1cc8d584a-1713544935-103454631 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 content-encoding gzip x-dw-version-status obsolete x-cache Miss from cloudfront x-sl-norewrite 1 alt-svc h3=":443"; ma=86400 etag d3d5cfb3411327d154a919f06ce1a1f1a25f406cc1bee9e30c2c114adb866fcc-timestamp-1713869153-last_modified-0-uid-13097217 vary Accept-Encoding allow DELETE,GET,HEAD,OPTIONS,PATCH content-type application/json; charset=utf-8 x-dw-resource-state d3d5cfb3411327d154a919f06ce1a1f1a25f406cc1bee9e30c2c114adb866fcc access-control-allow-origin https://frca-development.elfcosmetics.com access-control-expose-headers etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id x-yottaa-os 200 access-control-allow-credentials true x-server Smartling x-proxy-request-url https://cc-elf-us-dev.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets/1370620c9d22d579adb19f0965 x-yottaa-metrics 2621cc023038/[229,224,-] 26D1cc8d584a/[-,230.473] cf-ray 878d44432ee62a36-ORD x-dw-request-base-id G3HCXmGRJ2YBAAB_ x-amz-cf-id Z2eUT-LnjoErqh6U-lxknhIgcx5K0fVBpFMuzerQMnkVi1sW79vakQ== x-sl-notranslate 1
GET H2	200	ca.svg frca-development.elfcosmetics.com/mobify/bundle/11135/static/img/flag-icons/	1 KB 0	0ms 0ms	Image image/svg+xml	44.195.117.56 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://frca-development.elfcosmetics.com/mobify/bundle/11135/static/img/flag-icons/ca.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.195.117.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-117-56.compute-1.amazonaws.com Software / Resource Hash 1ecca6335ccb02d4c40f0790869ae2ba8778357a116bbbcf20b1a140423f992d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://frca-development.elfcosmetics.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 10:45:53 GMT via 1.1 9fdab4dc7c7967e18bed8859821a92b6.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop DFW56-P2 age 0 x-yottaa-optimizations ob/1000 si/32D1a5fec6d3-1713544935-6851096573 tts/1710345297434 ti/65b93e604f1bbfdea815a597 ai/65b93e604f1bbfdea815a531 tm/0 x-cache Hit from cloudfront x-sl-norewrite 1 x-amz-meta-deploy 734673 alt-svc h3=":443"; ma=86400 x-amz-meta-bundle 11135 x-yottaa-forcecache true, true content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31104000 x-yottaa-os 200 x-server Smartling x-yottaa-metrics 3221a5fec63e/[56,46,-] 32D1a5fec6d3/[-,58.976] x-sl-notranslate 1 x-amz-cf-id BlPPA8utkJ_4gRP8eee-be9yjjOOdkflQCnduEnv8euH_Juf-sjLTw==
POST		/ pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	0 0
POST		/ pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pixel.pointmediatracker.com

URL

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=c27a7b3f-27b1-4879-b9b5-f4345fadf537&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1772907037

Domain

view.cdnbasket.net

URL

https://view.cdnbasket.net/

Domain

pinchjs.gdn.smartling.com

URL

https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/

Domain

pinchjs.gdn.smartling.com

URL

https://pinchjs.gdn.smartling.com/sl-api/frca-development.elfcosmetics.com/