elfcosmetics.metricly.workers.dev Open in urlscan Pro
188.114.96.3  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

• https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080 HTTP 302
• https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4

Request Chain 29

• https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080 HTTP 302
• https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4

Request Chain 33

• https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2

Request Chain 35

• https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2

Request Chain 39

• https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1721591069.1719107131&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1532732919.1719107131 HTTP 302
• https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1721591069.1719107131&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1532732919.1719107131

Request Chain 90

• https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=6239403155967;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COy-6I_N8IYDFWEcogMdwTsbsg;type=conte0;cat=homep0;ord=6239403155967;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 91

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=1267421382397;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKfH6o_N8IYDFe8JogMdIzwHcw;type=elf8j0;cat=glo_flhp;ord=1267421382397;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 92

• https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=2629080420386;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJPN6o_N8IYDFW0JogMdXFYH0Q;type=elf8j0;cat=glo_flap;ord=2629080420386;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 96

• https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=7111538660735;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev HTTP 302
• https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COOl64_N8IYDFS4bogMdJr0N8A;type=retarget;cat=globa0;ord=7111538660735;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev

Request Chain 146

• https://idsync.rlcdn.com/458359.gif?partner_uid=1b4d5ba9-a830-40a5-8e94-36369b921857 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDFiNGQ1YmE5LWE4MzAtNDBhNS04ZTk0LTM2MzY5YjkyMTg1NxAAGg0IvvzdswYSBQjoBxAAQgBKAA HTTP 307
• https://tags.rd.linksynergy.com/cs?ns=lr&uid3=db9870b540cf55380e46299d01618d48464fe17879f45e80f60e9d4f2f80f6636ac34734d8e453ee

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response elfcosmetics.metricly.workers.dev/	980 KB 216 KB	666ms 622ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89a1305bbd1d571223795bd184d82edcabb9bc4f598207985de768cd68df8e08 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true access-control-allow-origin * age 446, 446 alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status DYNAMIC cf-ray 8980cc7faf6d2c4d-FRA content-encoding br content-type text/html; charset=utf-8 date Sun, 23 Jun 2024 01:45:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpsBwWrMRUukqTfe5YcxW5JvUfR6ppkV7kLwvQkQpKEuznXY559IsMsVEm3le81645CVEwBRfS%2Fyz8YxCgS1RO4rLnWVAI6Dl6nfD9Aol9VHv9MiKLy%2BliNhM8uLLVyhwxIt3Htj9YE8zoveQVIt69IZC6k%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding via 1.1 1b5424f4e08ca48fc35e311bea9e9ff6.cloudfront.net (CloudFront) x-amz-apigw-id ZzBi9Eo0CYcEkHg= x-amz-cf-id D8j9EM_qTCPrp6onZTy6Rf4YOiRCp4ZY7UUHeNIGTNgPDyaWovyr4A== x-amz-cf-pop LHR62-C3 x-amzn-remapped-connection close x-amzn-remapped-content-length 884173 x-amzn-remapped-date Sun, 23 Jun 2024 01:38:02 GMT x-amzn-requestid e9e13189-7431-4e33-a29e-a9ac672dc112 x-amzn-trace-id Root=1-66777c79-7a90f6956f6421c368795749;Parent=7cb8a370a31268e6;Sampled=0;lineage=2b75b0e9:0 x-cache Hit from cloudfront x-yottaa-metrics 3421a5fe3838/[174,30,-] 34D1a5fe386c/[-,305.844] x-yottaa-optimizations ob/1000000100001000 si/34D1a5fe386c-1718982750-3317307020 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-yottaa-os 200
GET H3	200	init.js Show response elfcosmetics.metricly.workers.dev/XT4Gy2ig/	168 KB 70 KB	171ms 171ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46e98254acfe64686a59b4b0f4984949a9243aca870ca5a5f971b0bf5c7e1d9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT content-encoding gzip via 1.1 varnish cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-yottaa-optimizations ob/0 si/34D1a5fe386c-1718982750-3317307021 tts/1719107129148 ti/0 ai/5a0c9b7632f01c35d42101b2 alt-svc h3=":443"; ma=86400 server cloudflare etag "2a188-T7FGX5Hp5VxrxIzo87HyKHH3QAI" active-cdn fastly vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVvnszET7NCr%2Fc6O9sU3pnb%2BJddi0%2FP1GNcl%2BmPIvD%2Byt79%2FMOaJr%2FaI%2FqdNKq7CL7tRc85xhrcTOcVNRMxB1qgcYiuWq02%2BwrvM3qLgBn1vzZ87YZcnjDDX1D3z5xxwEbhGZGnQtIjNAQu8%2BCY7WnHfu4s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers active-cdn,x-served-by cache-control max-age=600 x-yottaa-metrics 34D1a5fe386c/[-,10.145] x-px-hash MjllYWVhZjJkYjUxNzk4ZmE2NDNmNGIxZWM4OGIwZWUyZTk4NzBjZTYzYjEzZDYwZDBmMmE3NjM5ZGY1NzAwMw== cf-ray 8980cc849ab02c4d-FRA
GET		/ cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/	0 0
GET H2	200	0624_HPTILE_SPOTLIGHT_SOFTGLAM_D cdn.media.amplience.net/v/elfcosmetics/	24 KB 24 KB	439ms 23ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 89cd26c6da97833d4de0cb2cc60dae6563858a413dffc037f3d4d8ef6e7ee066 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag 06neNgPEu,l4p5bDg2e,lTTxSknl0,WepA0szpz x-req-id 1QuElCs0Xm content-length 24370 x-xss-protection 1; mode=block x-amp-source-height 520 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 06 May 2024 23:46:56 GMT
GET DATA	200 OK	truncated /	37 B 37 B		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	ELF_Bronzer_HomepageTile_Comments_1440x1040 cdn.media.amplience.net/v/elfcosmetics/	37 KB 37 KB	460ms 49ms	Image image/jpeg	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash d237f9147434eb7ca13c686da4346e03a6210da929e3e7f251370d2d0a149823 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag 4ofQD7Wfr,l4p5bDg2e,X_K2lO9lh,k4NPUWi7z x-req-id L_igkOZ2z- content-length 37661 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/jpeg cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Wed, 05 Jun 2024 19:29:20 GMT
GET H2	200	elf-skin-logo_D-min cdn.media.amplience.net/i/elfcosmetics/	3 KB 3 KB	457ms 48ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/elf-skin-logo_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 2c8c239d4cc98fc4605856c796187c92e56a8692b0f90d12e376faafbbbeb817 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag mQ2w1VlWG,l4p5bDg2e,xPkOqKkZZ,WepA0szpz x-req-id pbkIQzv1Ga content-length 2807 x-xss-protection 1; mode=block x-amp-source-height 257 server Unknown x-frame-options DENY x-amp-source-width 289 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Tue, 02 Apr 2024 23:34:45 GMT
GET H2	200	go-wild-bronzies-2024-06-10-headline-1_D-min cdn.media.amplience.net/i/elfcosmetics/	31 KB 31 KB	488ms 78ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/go-wild-bronzies-2024-06-10-headline-1_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 4746970ad07f39350242803788c04f8a8b27fc02eec81596db2e436011ff8332 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag g6qR7ZM5r,l4p5bDg2e,QzFMFH4vh,WepA0szpz x-req-id ggTYqKFQwi content-length 31417 x-xss-protection 1; mode=block x-amp-source-height 245 server Unknown x-frame-options DENY x-amp-source-width 1136 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 03 Jun 2024 23:31:19 GMT
GET H2	200	locale-link-rewriter-0.0.2-min Show response cdn.c1.amplience.net/c/elfcosmetics/	553 B 679 B	529ms 102ms	Script application/javascript	23.38.98.67 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.2-min Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-67.deploy.static.akamaitechnologies.com Software / Resource Hash 88668b9200e07ef8860abbf2884140a44986c34576bc7086d64085b87da4cfd7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 23 Jun 2024 01:45:29 GMT cache-control max-age=120, s-maxage=1800 accept-ranges bytes content-length 553 x-amp-srv A content-type application/javascript; charset=utf-8
GET H2	200	vendor.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/	2 MB 627 KB	206ms 42ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 12aef701f9abbb77ad769e835f981ab2c6b7dd1f7f19ffb59261b23084fbed98 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT via 1.1 c4ff0051ca0c026ecfda9d67a3f79e8a.cloudfront.net (CloudFront), 1.1 varnish content-encoding gzip x-amz-cf-pop LHR62-C3 age 474699 x-yottaa-optimizations ob/1100 si/3411a5fe3871-1718298463-898775957 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Hit from cloudfront, HIT x-amz-meta-deploy 780438 content-length 641173 x-amz-meta-bundle 11418 x-served-by cache-mad22023-MAD x-yottaa-forcecache true, true server AmazonS3 x-timer S1719107129.283324,VS0,VE1 vary Accept-Encoding content-type application/javascript; charset=utf8 cache-control public, max-age=31104000 x-yottaa-metrics 3421a5fe389c/[64,-,1718632420667] 3411a5fe3871/[-,416.146] accept-ranges bytes x-amz-cf-id Hawh0Re6tGQZ0oSOmel6Aq0yLxT5wTUzNvnwoguBTTRIexIuyyC5uw== x-cache-hits 0
GET H2	200	main.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/	2 MB 494 KB	305ms 140ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/main.js?yocs=1u_1y_ Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f498ff46829b1f4476db5ca3fd697a92852f92b9aef0d95e650608f1b7ca41dd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT via 1.1 20340eb7909bfa098c771e4c93be880a.cloudfront.net (CloudFront), 1.1 varnish content-encoding gzip x-amz-cf-pop LHR62-C3 age 474699 x-yottaa-optimizations ob/1100 si/3411a5fe3871-1718298463-898775958 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Hit from cloudfront, HIT x-amz-meta-deploy 780438 content-length 505275 x-amz-meta-bundle 11418 x-served-by cache-mad22023-MAD x-yottaa-forcecache true, true server AmazonS3 x-timer S1719107129.283632,VS0,VE1 vary Accept-Encoding content-type application/javascript; charset=utf8 cache-control public, max-age=31104000 x-yottaa-metrics 3421a5fe389b/[25,-,1718632420591] 3411a5fe3871/[-,314.786] accept-ranges bytes x-amz-cf-id qp0z5JsOkfRhbmkevPGsgTJ8nDypb5wyUj_BU8qn9OzJPl7rSyRtQw== x-cache-hits 0
GET H2	200	pages-home.js Show response cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/	5 KB 3 KB	205ms 41ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/pages-home.js?yocs=1u_1y_ Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 97996c9985c6b958fe1325fc72f641b0118c639d32f7b78f3d3245d83a588e43 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT via 1.1 7654e8d5fbf72d40d262281571df7bae.cloudfront.net (CloudFront), 1.1 varnish content-encoding gzip x-amz-cf-pop LHR62-C3 age 474700 x-yottaa-optimizations ob/1000 si/3411a5fe3874-1718296802-1425416167 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Hit from cloudfront, HIT x-amz-meta-deploy 780438 content-length 2337 x-amz-meta-bundle 11418 x-served-by cache-mad22023-MAD x-yottaa-forcecache true, true server AmazonS3 x-timer S1719107129.283591,VS0,VE0 vary Accept-Encoding content-type application/javascript; charset=utf8 cache-control public, max-age=31104000 x-yottaa-metrics 3421a5fe3895/[106,102,-] 3411a5fe3874/[-,109.439] accept-ranges bytes x-amz-cf-id U7mXTYzgZPIfKIgTnm2vJR74HtccxcQLadhLWb0hiR7bxs-1HsdsOg== x-cache-hits 5
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d Request headers Referer Origin https://elfcosmetics.metricly.workers.dev Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET DATA	200 OK	truncated /	10 KB 10 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac Request headers Referer Origin https://elfcosmetics.metricly.workers.dev Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET H2	200	soft-glam-satin-2024-5-spotlights_D-min cdn.media.amplience.net/i/elfcosmetics/	147 KB 147 KB	403ms 79ms	Image image/webp	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-spotlights_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 036372aec246811be980f3db17295ca6ebbcabef2d187cf4b50eca891a3cd8f0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag M6bNQ9eQN,l4p5bDg2e,KQtgulBJr,DtzGFM5oJ x-req-id f1bKX2K2RR content-length 150302 x-xss-protection 1; mode=block x-amp-source-height 1700 server Unknown x-frame-options DENY x-amp-source-width 2880 access-control-allow-origin * content-type image/webp cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 20 May 2024 23:26:06 GMT
GET H2	200	soft-glam-satin-2024-5-background_D-min cdn.media.amplience.net/i/elfcosmetics/	3 KB 4 KB	391ms 68ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/soft-glam-satin-2024-5-background_D-min?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 3917055d135099cfcac6ff6745f7a1bb3525f6d49ab43e90319134708de821ae Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag _XxXG9zY7,l4p5bDg2e,4wgAmq7JA,WepA0szpz x-req-id xtRV0Zqvrc content-length 3523 x-xss-protection 1; mode=block x-amp-source-height 662 server Unknown x-frame-options DENY x-amp-source-width 2880 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 20 May 2024 23:26:15 GMT
POST H2	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	536 B 801 B	192ms 152ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash ac33c585035b405aca52078dfc828ca9ea62750ce911c828f74be8e64e0aa2ab Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 23 Jun 2024 01:45:29 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 536
GET H2	200	2024-06-hptile-newArrivals-hero-D-img1-min cdn.media.amplience.net/i/elfcosmetics/	53 KB 53 KB	24ms 24ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img1-min?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 7eb56da4ee08046d471003dd9f6c44d09e8d54451918ec84c0a7de293abc236a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag mcWomLMrU,l4p5bDg2e,sKbI0Xlxp,WepA0szpz x-req-id oecWyK0cEW content-length 54250 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	2024-06-hptile-newArrivals-D-behindText-min cdn.media.amplience.net/i/elfcosmetics/	8 KB 9 KB	23ms 23ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-D-behindText-min?fmt=auto&w=2460%203x Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 8f2e68f4e14df47f09509d13a68b579d84ccdc614384a968271fb5a3864a4af5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:29 GMT x-content-type-options nosniff x-amp-srv A cache-tag ChHe38sMe,l4p5bDg2e,yWgNg5NdX,WepA0szpz x-req-id BgOIjvNyGO content-length 8563 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
OPTIONS H2	200	/ sdk.iad-05.braze.com/api/v3/data/ Frame	0 0	593ms 199ms	Preflight	172.64.150.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.150.95 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with Access-Control-Request-Method POST Origin https://elfcosmetics.metricly.workers.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 8980cc8fffd29f16-FRA content-encoding gzip date Sun, 23 Jun 2024 01:45:31 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	384ms 34ms	Script application/javascript	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/main.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:30 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ceCldLDyZN6bSQL6yyKLMg== age 18314 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 19:47:41 GMT server cloudflare etag 0x8DC9161D9039DBC vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id dea3be78-801e-00f3-4ef5-c340e3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc8f0949bb65-FRA expires Sat, 22 Jun 2024 20:40:15 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	536 KB 141 KB	473ms 82ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f8.1e100.net Software Google Tag Manager / Resource Hash 72d43589c0a3970d88c1291be9f1ad6df19dabac1d1f45c96c0fda355ebaff50 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 144338 x-xss-protection 0 last-modified Sun, 23 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 23 Jun 2024 01:45:30 GMT
GET H2	200	api_dynamic.js Show response cdn.dynamicyield.com/api/8772046/	738 KB 71 KB	462ms 71ms	Script application/javascript	18.244.18.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_dynamic.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-45.fra56.r.cloudfront.net Software DYCDN / Resource Hash 0b0568a5e0f2b165b15882d9ed83ddd092749db8ffaa382df79c7b29702290c5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:30 GMT content-encoding gzip via 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront) last-modified Fri, 21 Jun 2024 17:35:04 GMT server DYCDN age 17 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 etag W/"581a3a13eb0d7dc64a9a9b99de285839" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=30 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id Mfbt4v9QVHAtpuicf2bvpng4qvKgQxaSnwhHYJw7Do-qDnEKq6kjGw==
GET H2	200	api_static.js Show response cdn.dynamicyield.com/api/8772046/	388 KB 114 KB	416ms 25ms	Script application/javascript	18.244.18.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/api/8772046/api_static.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-45.fra56.r.cloudfront.net Software DYCDN / Resource Hash 498ea43ee2b31ee61f58f43b798dfaec6eb59b63fefdfaa7c01bba897ba57a33 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 00:40:51 GMT content-encoding gzip via 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront) last-modified Fri, 21 Jun 2024 17:35:05 GMT server DYCDN age 3962 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 etag W/"64e0187feba0c97d38f8aabb6e6d66cd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=86400 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id YmQNLT1UOLLAtiosdV-JaGROAwhv9bR0B7l9Tda_884FGHY0spNxpQ==
GET H2	200	/ Show response api.ipify.org/	22 B 155 B	158ms 105ms	XHR application/json	104.26.13.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:30 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 8980cc8d5e388f3d-FRA content-length 22
GET H2	200	/ Show response api.ipify.org/	22 B 74 B	271ms 112ms	XHR application/json	104.26.13.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:30 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 8980cc8e0ea78f3d-FRA content-length 22
POST H2	201	/ Show response sdk.iad-05.braze.com/api/v3/data/	554 B 626 B	382ms 381ms	XHR application/json	172.64.150.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/data/ Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.150.95 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29f0950aada9b262ac96887287c5cdc01a26f346da9361176d16004084aa5b71 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" X-Braze-Api-Key 609afcb2-1dc3-41ef-a771-0a9aaf10bf57 X-Braze-TriggersRequest true X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/json X-Braze-Last-Req-Ms-Ago 7200000 Referer https://elfcosmetics.metricly.workers.dev/ X-Requested-With XMLHttpRequest Accept-Language nl-NL,nl;q=0.9;q=0.9 X-Braze-Req-Attempt 1 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:31 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id 5930eb44-5b44-4f1a-b6e6-b58dc09c0007 x-runtime 0.180887 server cloudflare etag W/"29f0950aada9b262ac96887287c5cdc0" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1719107133 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 8980cc9138a49f16-FRA x-ratelimit-remaining 491.0
GET H3	410	authorize Show response elfcosmetics.metricly.workers.dev/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/	217 KB 219 KB	1250ms 1226ms	Fetch text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=AiIn2Wo5yatNEHRAndxbWcCe0TkI2KpDE7koVvK8-Ug Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8372ad6a2fb793adb2d427a4473ce99071c6278f7dfb293c1c8a10c0a81fe2f7 Request headers c_x-pwa-request true sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:31 GMT via 1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront) cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 0 x-amz-cf-pop LHR62-C3 x-yottaa-optimizations ob/1000 si/34D1a5fe386c-1718982750-3317307022 tts/1716499759185 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0 x-cache Error from cloudfront x-mobify-proxy-response-error No x-mobify-proxypath header found in request alt-svc h3=":443"; ma=86400 pragma no-cache server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHwtCr%2B74JOHITdvwC2y7yW%2FJ7K1CCZJjCmS181XZxn9qHmia%2B%2FPiuLVdrUT7GnOH3iAz8hOGUKdazA5qClJ09aZ7OrUeN3aLQ9v39fOfPTxbJfocwOw1rLI5S986NSsXbwoIL%2Fzkek5ZAragfwg2zW4mkQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 access-control-allow-origin * cache-control no-store access-control-allow-credentials true x-yottaa-metrics 3421a5fe3839/[957,953,-] 34D1a5fe386c/[-,960.063] x-yottaa-os 410 cf-ray 8980cc8dbf0f9b86-FRA x-dw-request-base-id mf-CBjt-d2YBAAB_ x-amz-cf-id sTMyXvCRrt_lgDmjr_whdwcs9KtpwS8aur_cjzISpa7DO61ZtS5ILg== expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	ELF_Bronzer_HomepageTile_Comments_1440x1040 cdn.media.amplience.net/v/elfcosmetics/	13 KB 14 KB	21ms 20ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040?fmt=auto Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash e89c53d125513c76e61d13e99b7ab3f2fe9852d69b30d0832c7296390054a99c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:30 GMT x-content-type-options nosniff x-amp-srv A cache-tag 9eyOH-Cqf,l4p5bDg2e,X_K2lO9lh,WepA0szpz x-req-id xMGQOPJv1v content-length 13687 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Wed, 05 Jun 2024 19:29:20 GMT
GET H2	206	ee1a24f4-5709-4375-8fed-729b60d485e8.mp4 cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ Redirect Chain https://cdn.media.amplience.net/v/elfcosmetics/0624_HPTILE_SPOTLIGHT_SOFTGLAM_D/mp41080 https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4	2 MB 2 MB	703ms 110ms	Media video/mp4	2.16.1.162 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 2.16.1.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-162.deploy.static.akamaitechnologies.com Software / Resource Hash ada9d1def698653a5ef155d5439ab8dbaf3ec7e92731b5c2458104008d8714cd Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 23 Jun 2024 01:45:31 GMT last-modified Mon, 06 May 2024 23:46:56 GMT etag "f9cd69df864aaabae94e683234b307a4" x-amz-server-side-encryption AES256 access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-2539191/2539192 x-amp-srv A accept-ranges bytes x-amp-route ak-s1 Content-Length 2539192 Redirect headers date Sun, 23 Jun 2024 01:45:30 GMT x-content-type-options nosniff server Unknown x-frame-options DENY x-amp-srv A cache-tag AqiZhoyyM,l4p5bDg2e,lTTxSknl0 access-control-allow-origin * location https://cdn.static.amplience.net/elfcosmetics/_vid/0624_hptile_spotlight_softglam_d/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ee1a24f4-5709-4375-8fed-729b60d485e8.mp4 content-type text/html; charset=UTF-8 cache-control max-age=1800, s-maxage=86400 accept-ranges bytes content-length 0 x-xss-protection 1; mode=block
GET H2	206	b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4 cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/ Redirect Chain https://cdn.media.amplience.net/v/elfcosmetics/ELF_Bronzer_HomepageTile_Comments_1440x1040/mp41080 https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4	2 MB 2 MB	616ms 23ms	Media video/mp4	2.16.1.162 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 2.16.1.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-162.deploy.static.akamaitechnologies.com Software / Resource Hash 6f98df0dfa77c50c8356e92ee9269bca4dd576126d890993cb22c88f29723e58 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 23 Jun 2024 01:45:31 GMT last-modified Wed, 05 Jun 2024 19:29:19 GMT etag "bb4f3cb26295704a9279f0ebaaaca661" x-amz-server-side-encryption AES256 access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-1946953/1946954 x-amp-srv A accept-ranges bytes x-amp-route ak-s1 Content-Length 1946954 Redirect headers date Sun, 23 Jun 2024 01:45:30 GMT x-content-type-options nosniff server Unknown x-frame-options DENY x-amp-srv A cache-tag Az92eY8A2,l4p5bDg2e,X_K2lO9lh access-control-allow-origin * location https://cdn.static.amplience.net/elfcosmetics/_vid/elf_bronzer_homepagetile_comments_1440x1040/05a9829b-9b95-48a2-9c42-2226ab4d1704/video/b52c0c22-6b8e-4aa7-90ae-a8688c614531.mp4 content-type text/html; charset=UTF-8 cache-control max-age=1800, s-maxage=86400 accept-ranges bytes content-length 0 x-xss-protection 1; mode=block
GET H2	200	6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/	6 KB 2 KB	452ms 105ms	XHR application/x-javascript	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55baa715ccc8c2512bceb1c949c1d0927944ca327e7edd2d5fc312d2a41986e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 j7e7fSdncC8T3SCV/IpUig== content-length 1740 x-ms-lease-status unlocked last-modified Mon, 08 Apr 2024 18:41:03 GMT server cloudflare etag 0x8DC57FB71838BE4 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id cac12016-d01e-00a4-4a0f-c5a96e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc918d4f3614-FRA expires Mon, 24 Jun 2024 01:45:31 GMT
GET H2	200	st Show response st.dynamicyield.com/	151 KB 13 KB	512ms 141ms	Script text/javascript	108.138.26.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=r47nr9qtbp5awlymc83nph4t1ldrx3zv&ref=&scriptVersion=2.32.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.26.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-26-90.fra56.r.cloudfront.net Software / Resource Hash d38f69fca2acede9ef837c6a0a42936bd0379742341624ff37dd5bd28e7be919 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:31 GMT content-encoding gzip via 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS" cache-control no-cache x-amz-cf-id fbSEl5hn4qZp58zWI486_aQerP_h-GrKyZYFfKZoXQ2B8GpOqM-B_w== expires Sun, 23 Jun 2024 01:45:30 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	382ms 22ms	Script text/javascript	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 23 Jun 2024 00:29:07 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4584 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 23 Jun 2024 02:29:07 GMT
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1608912%20&seg=6104893&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2	43 B 1 KB	22ms 20ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT an-x-request-uuid fe99acff-4179-420e-b5f0-0f4746fc725f server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 212.7.210.181; 212.7.210.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT an-x-request-uuid 4824d834-db7c-4d06-8b4e-0d54473e0c90 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608912%2520%26seg%3D6104893%26t%3D2 cache-control no-store, no-cache, private x-proxy-origin 212.7.210.181; 212.7.210.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	363ms 33ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:31 GMT server Kestrel content-length 70 content-type image/gif
GET H2	200	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1704533&seg=34326157&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2	43 B 1 KB	22ms 21ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT an-x-request-uuid db7020f9-eebb-43a6-bf7c-4cc2730021db server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 212.7.210.181; 212.7.210.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT an-x-request-uuid 3c405ebc-2749-44f9-9d97-7556315fc7cc server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1704533%26seg%3D34326157%26t%3D2 cache-control no-store, no-cache, private x-proxy-origin 212.7.210.181; 212.7.210.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 149 B	362ms 32ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:31 GMT server Kestrel content-length 70 content-type image/gif
POST H2	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	600 B 664 B	176ms 161ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash eccf326b49a29ab2efb45a034a92217d9dac918a07b0fa4199b7e6ca2544eda6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 23 Jun 2024 01:45:31 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 600
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 304 B	418ms 49ms	XHR application/json	172.64.155.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" accept application/json Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 8980cc94fbcd18eb-FRA access-control-allow-headers Content-Type
GET H3	200	landing googleads.g.doubleclick.net/pagead/ Redirect Chain https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1721591069.1719107131&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL... https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1721591069.1719107131&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=...	42 B 65 B	76ms 30ms	Ping image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1721591069.1719107131&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1532732919.1719107131 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=0&rnd=1721591069.1719107131&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81WL3STMXv896608294za200&auid=1532732919.1719107131 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	201	sync Show response sdk.iad-05.braze.com/api/v3/content_cards/	85 B 228 B	217ms 217ms	XHR application/json	172.64.150.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Requested by Host: cdn-fsly.yottaa.net URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/mobify/bundle/11418/vendor.js?yocs=1u_1y_ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.150.95 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00774da0640847b7bfa4651d0e196f143473f5d9db793c44e1a4d0601c165e8c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" X-Braze-Req-Tokens-Remaining 29 X-Braze-Api-Key 609afcb2-1dc3-41ef-a771-0a9aaf10bf57 X-Braze-DataRequest true sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/json X-Braze-Last-Req-Ms-Ago 7200000 BRAZE-SYNC-RETRY-COUNT 0 X-Requested-With XMLHttpRequest Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ X-Braze-Req-Attempt 1 X-Braze-ContentCardsRequest true sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:31 GMT content-encoding gzip cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains x-request-id afbbfa5d-24f8-4717-ac4f-3b71a3873caf x-runtime 0.035037 server cloudflare etag W/"00774da0640847b7bfa4651d0e196f14" vary Origin,Accept-Encoding access-control-allow-methods POST, GET content-type application/json access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate x-ratelimit-reset 1719107133 access-control-max-age 7200 x-ratelimit-limit 500.0 cf-ray 8980cc94caf79f16-FRA x-ratelimit-remaining 486.0
OPTIONS H2	200	sync sdk.iad-05.braze.com/api/v3/content_cards/ Frame	0 0	179ms 171ms	Preflight	172.64.150.95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.iad-05.braze.com/api/v3/content_cards/sync Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.150.95 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with Access-Control-Request-Method POST Origin https://elfcosmetics.metricly.workers.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with access-control-allow-methods POST, GET access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 cf-cache-status DYNAMIC cf-ray 8980cc93ba4b9f16-FRA content-encoding gzip date Sun, 23 Jun 2024 01:45:31 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 220 B	31ms 29ms	XHR text/plain	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=559920280&t=pageview&_s=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=1612540995&gjid=1380922405&cid=244809028.1719107132&tid=UA-432816-1&_gid=1681864243.1719107132&_r=1&_slc=1&gtm=45He46j0n81WL3STMXv896608294za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&z=680849458 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dy-coll-min.js Show response cdn.dynamicyield.com/scripts/2.32.0/	196 KB 65 KB	22ms 22ms	Script text/javascript	18.244.18.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-45.fra56.r.cloudfront.net Software DYCDN / Resource Hash 42997132bd0142564014ac4a809356dc0ceb9b7a90eede2b5b48019f1700cc58 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:44:25 GMT content-encoding gzip via 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront) last-modified Tue, 02 Apr 2024 09:13:12 GMT server DYCDN age 2174467 x-amz-cf-pop FRA56-P11 etag W/"65b3e284856fb8d657d1f6a3423618c7" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=31536000 link <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect" x-amz-cf-id bzOuUlTIkUtf55Sz8vsu61ggRSi7LcWfi1PjT-hnynHOf0DFJhelLQ==
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202306.1.0/	404 KB 98 KB	46ms 15ms	Script application/javascript	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 XJk1ZZTljtwHFT3qcIJg+w== age 20931 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 99599 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:36 GMT server cloudflare etag 0x8DB82A15D413626 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 80bad15d-801e-006c-2fda-12d214000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc960e1dbb65-FRA
POST H2	200	uia Show response async-px.dynamicyield.com/	0 382 B	207ms 117ms	XHR text/plain	13.35.58.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/uia?cnst=1&_=1719107131824 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-125.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:31 GMT via 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id JDpNr9l1o0Sv08nDRwDleqNLLa0MkJuCQLiXt2eYewYSc603wakXIg== expires 0
POST H2	200	batch async-px.dynamicyield.com/	0 384 B	161ms 116ms	Ping text/plain	13.35.58.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/batch?cnst=1&_=1719107131959_110233 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-125.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 d51f8b07f1cd9f6dbf62bb0b0c961f1c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id -uN5XlxDoZ-dZySNc047M_0A3XgGsh-M1IDXAxxLox9cahK7AwYz2w== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	120ms 104ms	Fetch	13.35.58.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=146597&uid=1499698931036552763&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=a53eb4b3573679d2477e42f775710a8d&expSes=84467&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=918681207295952608&cgtgDecisionId=918681207846706379&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719107131964&rri=6622747 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-125.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id vezPc1gXUmpzPkPqFEUQsvbemtPfqdz4zpDzqR1PaMXN2gLHCegLFQ== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	117ms 104ms	Fetch	13.35.58.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=506627&uid=1499698931036552763&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=a53eb4b3573679d2477e42f775710a8d&expSes=84467&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=918681205007552407&cgtgDecisionId=918681208066853072&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719107131964&rri=7572255 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-125.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id mK1c_lP__gKOWbtm85s5dKiQZJsaZpQSPMCcjw7IIKByrOG_AGPKuw== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	126ms 112ms	Fetch	13.35.58.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=225676&uid=1499698931036552763&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=a53eb4b3573679d2477e42f775710a8d&expSes=84467&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=918681204334960027&cgtgDecisionId=918681206584589628&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719107131965&rri=846179 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-125.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id KQZPtGXL6eHjAl226TwzK2EV058KHOEr29PsWQxtIEXRwdBaII2Zcw== expires 0
GET H2	200	var async-px.dynamicyield.com/	0 0	125ms 111ms	Fetch	13.35.58.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://async-px.dynamicyield.com/var?cnst=1&_=667158&uid=1499698931036552763&sec=8772046&t=ri&e=1575901&p=1&ve=12991774&va=%5B28207095%5D&ses=a53eb4b3573679d2477e42f775710a8d&expSes=84467&aud=884367.884385.884387.1167402.1324059.1846919.2356145.1092373.1242486.1426804.1443347.1182144.799438.799440&expVisitId=918681207770045909&cgtgDecisionId=918681206114480372&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1719107131966&rri=7659660 Requested by Host: cdn.dynamicyield.com URL: https://cdn.dynamicyield.com/scripts/2.32.0/dy-coll-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-125.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 ea1aadbeedf1001a86f79fc729fb39e0.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 access-control-allow-methods POST, GET, OPTIONS x-cache Miss from cloudfront access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Authorization, Content-Length, X-Requested-With content-length 0 x-amz-cf-id V1KCdPfb1ZSKvp8USdJd5qmwGQbiA0p3KfAEo_SsXi_Uvcv9JdxxKg== expires 0
GET H2	200	en.json Show response cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/	158 KB 34 KB	105ms 105ms	Fetch application/x-javascript	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/018ebeca-e8af-7f81-b182-0c90ba9664dd/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5a9baac0b53c708a5279b1ddfe54ec7f0a40699210e0caf05419d0aa1b330d9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 9wsMlq8mrfV+OngAz8tXzg== content-length 34664 x-ms-lease-status unlocked last-modified Mon, 08 Apr 2024 18:41:16 GMT server cloudflare etag 0x8DC57FB7975EDF7 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 5941c645-b01e-00b4-47a1-c19f88000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc98088e3614-FRA expires Mon, 24 Jun 2024 01:45:32 GMT
GET H2	200	2024-06-hptile-newArrivals-hero-D-img2-min cdn.media.amplience.net/i/elfcosmetics/	93 KB 93 KB	23ms 22ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img2-min?fmt=auto&w=2460%203x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash c4c63c343ab564468df88e50d95efcc7521db14a063b5876ea43899c333ebeda Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff x-amp-srv A cache-tag 9pxSx_fu2,l4p5bDg2e,EL6uw4EsI,WepA0szpz x-req-id PSIxuUY7cN content-length 95265 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	cnxtag-min.js Show response js.cnnx.link/roi/	2 KB 1 KB	530ms 155ms	Script text/javascript	13.225.78.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.cnnx.link/roi/cnxtag-min.js?id=316282 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-31.fra2.r.cloudfront.net Software / Resource Hash f7e9c4d6427d6379534a8324d46af322f1a7b3aebe482a1e5bdaf2e069714568 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 google, 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop FRA2-C2 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 cache-control max-age=600 x-amz-cf-id gP6DliJTzhxouZHI6jny59M9VwgmOSXjOhlNSMLwy-bbzQlWTpPTEQ==
GET		kpi pixel.pointmediatracker.com/	0 0
GET H2	200	px secure.adnxs.com/	43 B 1 KB	25ms 21ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/px?id=160890&%20seg=6104893&t=2 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT an-x-request-uuid 36ce0872-db9e-4cba-9d6e-f5faf6471ca0 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 212.7.210.181; 212.7.210.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ insight.adsrvr.org/track/pxl/	70 B 148 B	49ms 45ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT server Kestrel content-length 70 content-type image/gif
POST H3	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	32 B 49 B	123ms 122ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/XT4Gy2ig/init.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash 19e0ccf5f49d76af8db3bcaa13c7fabc8276dcff286235a30c069da7abec2d8e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32
GET H3	200	collect www.google-analytics.com/	35 B 55 B	33ms 33ms	Image image/gif	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=559920280&t=event&ni=1&_s=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ux&ea=scrolled%20page&el=25%25&_u=aEDAAEABAAAAACgAIAC~&jid=&gjid=&cid=244809028.1719107132&tid=UA-432816-1&_gid=1681864243.1719107132&gtm=45He46j0n81WL3STMXv896608294za200&cd4=0&cd6=&cd7=&cd8=&cd9=0&cd14=homepage&cd19=&cd21=US&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&tag_exp=0&z=1164940423 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 22 Jun 2024 14:55:58 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 38974 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	405	favicon.ico elfcosmetics.metricly.workers.dev/	23 B 844 B	398ms 397ms	Other text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elfcosmetics.metricly.workers.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b561af6ac3945ba56eed08a582e1d30b3307d066377d10aad15eaea98a55ce2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 68589ba2b1a9a54786dcb97934f8038c.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop LHR62-C3 x-amzn-requestid fa0e3b8a-8596-407a-8335-41b4aa99c05f x-yottaa-optimizations ob/0 si/34D1a5fe38a8-1718982750-3976310816 tts/1716499765688 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 23 x-amz-apigw-id ZzCpgFNLCYcEVog= server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=td%2FEo2RB1xmp7YkxO7CZqOFurjGTIIVhDbhCwLEu92HQIiByUcK7PLU%2BOT5ztt%2B0GJBgiVW299jEH7wihEUVFhHmBpi9XwtfowGdKkYyyFFHqOn50tl5t3GuJSUk%2BjuodbmMyPIMVEAC%2Bhn0%2FyhLryPn8AM%3D"}],"group":"cf-nel","max_age":604800} content-type null x-yottaa-metrics 3421a5fe383c/[284,278,-] 34D1a5fe38a8/[-,286.603] x-yottaa-os 405 cf-ray 8980cc987e072c4d-FRA x-amz-cf-id yLV_IG4gLW-YNekJbwfVPDDYniP435Y4XaTa6gCvYec_OvbCNNrMPg==
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/	13 KB 3 KB	65ms 64ms	Fetch application/json	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED content-md5 5mNZducabMgxSDzBo+ZI8w== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3017 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:30 GMT server cloudflare etag 0x8DB82A159AF8EA6 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 1708d0d5-801e-0034-7f8d-c13c22000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc98d9213614-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/	61 KB 12 KB	69ms 68ms	Fetch application/json	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 sXFDxCJwbPEMIT/8f5Prwg== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12544 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:33 GMT server cloudflare etag 0x8DB82A15AFF8646 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 43813a93-401e-00ee-070f-c59909000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc98d9233614-FRA
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/	5 KB 2 KB	111ms 111ms	Fetch application/json	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED content-md5 v0pzgeeelPwcAOki15i3HA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1766 x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:32 GMT server cloudflare etag 0x8DB82A15AB9FB83 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 5ddb9032-a01e-00c6-767f-c3eeb6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc98d9243614-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202306.1.0/assets/	21 KB 4 KB	115ms 114ms	Fetch text/css	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding gzip content-md5 oWkBTLgDDXvrUsd93y/Zxg== x-ms-lease-status unlocked last-modified Wed, 12 Jul 2023 06:29:41 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 9ac6eb1f-a01e-004e-628d-c1566f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8980cc98d9253614-FRA
POST H2	200	event qoe-1.yottaa.net/log-nt/	3 B 191 B	69ms 19ms	Ping text/json	140.174.14.147 YOTTAA-AS-1
General Check archive.org Show headers Download Go to Full URL https://qoe-1.yottaa.net/log-nt/event Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 140.174.14.147 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 23 Jun 2024 01:45:32 GMT access-control-expose-headers X-Results-Data-Source access-control-allow-credentials true cache-control no-cache timing-allow-origin * content-type text/json
GET H3	200	site.min.js Show response edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/	84 KB 20 KB	79ms 33ms	Script application/javascript	104.18.26.211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://edge.curalate.com/sites/elfcosmetics-oqltbv/site/latest/site.min.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.26.211 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d126a9c6da46cb41e34e982874ff71952c00cfaefd6d3847d69f5b82da64429 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT x-amz-version-id .qrNcRtRG6VmB5kbLKXtk4Otpa6s5GTr content-encoding br cf-cache-status HIT x-amz-request-id RPXSJ13M5FXMKBRV age 1081 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 x-amz-id-2 6cY9mAMu73SrD7POigB8vFDNHhpy0PMxrmHuYyUnVFLdAd3tw2zS6tzOVGrAiV3dD81fugC1Ni2QKW5l2LshL85b+yLfqRYYVEQTHQBzJhk= last-modified Fri, 07 Jun 2024 18:56:15 GMT server cloudflare etag W/"50d92f85574de50a7d4a214fa4131720" vary Accept-Encoding content-type application/javascript cache-control max-age=1800,s-maxage=1800 cf-ray 8980cc993ce8047e-FRA
GET H2	200	110221.ct.js Show response tag.rmp.rakuten.com/	47 KB 15 KB	68ms 27ms	Script text/javascript	34.102.147.248 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.rmp.rakuten.com/110221.ct.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 248.147.102.34.bc.googleusercontent.com Software / Resource Hash 1267584d601283c592440191bbaab0f6ee5423bb1b267a4f6ea0fea28c353648 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000 last-modified Sun, 23 Jun 2024 01:45:32 GMT x-cache hit x-samesite secure content-type text/javascript cache-control max-age=86400 x-dyn 0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	js Show response www.paypal.com/sdk/	424 KB 118 KB	548ms 481ms	Script application/javascript	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhd/35DB) / Resource Hash 8504109b1bce264edc0e1a03488e5a911871fac641ddee2a4ec8c51d2078b5d8 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-W2O/z/V5krYOSgG5Spr+tuXu77UEMW9asH7CtpyQkV+DXTCs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-W2O/z/V5krYOSgG5Spr+tuXu77UEMW9asH7CtpyQkV+DXTCs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-W2O/z/V5krYOSgG5Spr+tuXu77UEMW9asH7CtpyQkV+DXTCs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-W2O/z/V5krYOSgG5Spr+tuXu77UEMW9asH7CtpyQkV+DXTCs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff date Sun, 23 Jun 2024 01:45:32 GMT disable-set-cookie true strict-transport-security max-age=63072000; includeSubDomains; preload p3p true paypal-debug-id 069b04b2b30b5 server-timing traceparent;desc="00-0000000000000000000069b04b2b30b5-0170273f4f611c00-01", content-encoding;desc="", x-cdn;desc="edgecast" dc ccg11-origin-www-1.paypal.com content-length 119481 x-xss-protection 1; mode=block last-modified Sat, 22 Jun 2024 21:23:43 GMT accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 server ECAcc (lhd/35DB) traceparent 00-0000000000000000000069b04b2b30b5-168bbd46799dc233-01 etag W/"1d2b9-bshmImIdV1cxwK1pXAEY6knlyT8" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	main.js Show response static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/	146 KB 43 KB	115ms 26ms	Script application/javascript	95.100.65.127 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.100.65.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-100-65-127.deploy.static.akamaitechnologies.com Software nginx / Express Resource Hash 2e8fd8d487b4259dbdc6c529f742806377fae205c8dc7d0f35ac8797bafe5b3b Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Strict-Transport-Security max-age=15768000 Content-Encoding gzip Date Sun, 23 Jun 2024 01:45:32 GMT Server nginx X-Powered-By Express ETag W/"f3bc9cdcf9c97d0ec2f18fd72203201caef8fea5-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control must-revalidate, max-age=900 Connection keep-alive Content-Length 43370 Expires Sun, 23 Jun 2024 02:00:32 GMT
GET H/1.1	200 OK	/ Show response websdk.appsflyer.com/	38 KB 12 KB	422ms 26ms	Script application/javascript	23.48.23.67 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://websdk.appsflyer.com/?st=banners& Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.48.23.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-23-67.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 01:45:32 GMT Content-Encoding gzip x-amz-request-id 2YBD1Y83SA1VBPZN x-amz-server-side-encryption AES256 Connection keep-alive Content-Length 11792 x-amz-id-2 Vo5gJfn4DHGgFFcnzwzpG4njjvgMt8LlOnQtX6RdM+uNb3LkYv06L++KpTpVEqpBqbyFMWzosrU= Last-Modified Wed, 14 Jun 2023 06:58:45 GMT Server AmazonS3 ETag "5a676288bcea03bd05e483bc4ce066ae" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1726 Accept-Ranges bytes X-DataStream-Cache-Status 1 Expires Sun, 23 Jun 2024 02:14:18 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	310 KB 103 KB	58ms 52ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f8.1e100.net Software Google Tag Manager / Resource Hash 6a579870e0c55534f48dad3b9d1e9847fa19bbdd89048eeb165994d18220ff39 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 105188 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 23 Jun 2024 01:45:32 GMT
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 624 B	37ms 32ms	Image image/svg+xml	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 pcXWFGpuVeSg/jVnYCseRg== age 25853 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 19:47:44 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 50afa878-d01e-008d-708a-c3df2c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8980cc99b91abb65-FRA
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 491 B	69ms 65ms	Fetch image/svg+xml	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 19:47:43 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 681a1291-101e-005c-3d7f-c36273000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8980cc99b9ce3614-FRA
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	35ms 35ms	Image image/png	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 E8+sk/ECzKgTUVtDLikiIA== age 36658 content-length 4036 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 19:47:44 GMT server cloudflare etag 0x8DC9161DA6DCD3D vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 47d2e917-201e-0093-7c7b-c305c1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8980cc99b91fbb65-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	37ms 37ms	Image image/svg+xml	104.19.178.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Sun, 23 Jun 2024 01:45:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 5218 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 19:47:44 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id a1658fde-601e-00f2-030e-c4411e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8980cc99b920bb65-FRA
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	430ms 51ms	Script text/javascript	172.217.18.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.14 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f14.1e100.net Software ESF / Resource Hash a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-type text/javascript; charset=utf-8 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sun, 23 Jun 2024 01:45:32 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	213 KB 77 KB	52ms 52ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10265292&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f8.1e100.net Software Google Tag Manager / Resource Hash dd94bb4a815de4007759a8e8b3b44ac4380c50644d275f534eceb7fbced46002 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78341 x-xss-protection 0 last-modified Sun, 23 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 23 Jun 2024 01:45:32 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	213 KB 77 KB	57ms 57ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10742279&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f8.1e100.net Software Google Tag Manager / Resource Hash 8fb657d67ebdcddd8255c3c1e0eb4ae92aa88acbb24d5ce87ebf6baa3f8da2e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78271 x-xss-protection 0 last-modified Sun, 23 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 23 Jun 2024 01:45:32 GMT
GET		experience.min.js edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/	0 0
GET H2	200	1a8bfa042c9c5.js Show response t.contentsquare.net/uxa/	336 KB 80 KB	77ms 24ms	Script application/javascript	18.244.18.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.contentsquare.net/uxa/1a8bfa042c9c5.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-112.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d841b6859d2469f63df65c0a91d70da822367d82810d4d08900d79b21bdddc19 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 07:38:56 GMT content-encoding br via 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 age 0 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 81626 last-modified Wed, 19 Jun 2024 07:37:38 GMT server AmazonS3 etag "833f870d397c05130b52ad5dd9f75837" vary Accept-Encoding, Origin content-type application/javascript;charset=utf-8 cache-control max-age=900 accept-ranges bytes timing-allow-origin * x-amz-cf-id 1egQXL7YBmFOMm5_yCfbTkAv-V85p-5GecUr8nyvDgd63yAgWlMAHg==
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 128 B	534ms 484ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1107812864.1719107133&ecid=200446174&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1721591069.1719107131&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=1&sid=1719107132&sct=1&seg=0&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=pageview&_fv=1&_nsi=1&_ss=1&ep.vendor_id=pinterest&ep.email=&ep.event_id=1719107372906_17191075929289&ep.external_id=&tfd=4326&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 118 B	322ms 277ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1107812864.1719107133&ecid=200446174&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1721591069.1719107131&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=2&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719107132&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.page_country=US&_et=2&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=4332&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 305 B	252ms 214ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1107812864.1719107133&ecid=200446174&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=IA&sst.rnd=1721591069.1719107131&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=3&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719107132&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&en=view_promotion&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.promotions=%5Bobject%20Object%5D&ep.promotion_name=2024-04-makeupRemoverAcneFocus-tile2%20-%20Banner%20Side%20By%20Side%20(v2)&ep.promotion_id=51900033-4b71-48b7-9139-a1faa2b92b79&ep.creative_name=Banner%20Side-by-Side&_et=2&tfd=4339&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 127 B	353ms 315ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1107812864.1719107133&ecid=200446174&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1721591069.1719107131&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&_s=4&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719107132&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_language=EN&ep.vendor_id=facebook&ep.event_id=1719107372906_171910759292812&ep.email=&ep.phone=&tfd=4339&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5D80LRC85N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
GET H2	200	loader.js Show response cdn.usehero.com/	98 KB 28 KB	404ms 22ms	Script application/javascript	18.172.112.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.usehero.com/loader.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-19.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:10:24 GMT content-encoding gzip via 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront) last-modified Tue, 19 Sep 2023 07:56:38 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 age 2112 x-amz-server-side-encryption AES256 etag W/"fbf714a58cbac38c0deea519667d9044" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id A5g0EMjibWASKeCAQX6h7idZhDwMXdu2mZzyT15Zhb3XLKhabFTdOw==
GET H3	200	destination Show response www.googletagmanager.com/gtag/	213 KB 76 KB	37ms 36ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-9231397&l=dataLayer&cx=c Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f8.1e100.net Software Google Tag Manager / Resource Hash e1f2d18744a2ce449c1497e790cfedf559175731e14facfc4e59ecdfc7b247cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78255 x-xss-protection 0 last-modified Sun, 23 Jun 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 23 Jun 2024 01:45:32 GMT
GET H2	200	core.js Show response s.pinimg.com/ct/	5 KB 2 KB	379ms 20ms	Script application/javascript	146.75.120.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/core.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.120.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:32 GMT content-encoding br x-cdn fastly etag "9bc4bd8fd6a7603cc1c91cc83fc17417" x-amz-server-side-encryption AES256 access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-expose-headers X-CDN vary Accept-Encoding, Origin cache-control max-age=7200 alt-svc h3=":443";ma=600 content-length 1878
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	372ms 20ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 23 Jun 2024 01:45:32 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1317, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug bI5F7XiNKHtV6Wv4b4UMH0ZMPw1gYWLNUV7QLkdWBwOd2DEhOvicqxXLJxytK6nqhGWH9dUHTKMw7TDEWXEacQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	447ms 40ms	Script application/javascript	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 20 Jun 2024 19:23:03 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "71b328aff914ada8b774bfa8fff542c4" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 12116
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	421ms 38ms	Script application/javascript	204.79.197.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sun, 23 Jun 2024 01:45:32 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 291192C32A3E4162887F132091CAC4B9 Ref B: DUS30EDGE0912 Ref C: 2024-06-23T01:45:32Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	src=10265292;dc_pre=COy-6I_N8IYDFWEcogMdwTsbsg;type=conte0;cat=homep0;ord=6239403155967;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10265292;type=conte0;cat=homep0;ord=6239403155967;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Ch... https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COy-6I_N8IYDFWEcogMdwTsbsg;type=conte0;cat=homep0;ord=6239403155967;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromiu...	42 B 118 B	68ms 68ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COy-6I_N8IYDFWEcogMdwTsbsg;type=conte0;cat=homep0;ord=6239403155967;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10265292;dc_pre=COy-6I_N8IYDFWEcogMdwTsbsg;type=conte0;cat=homep0;ord=6239403155967;npa=1;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181787185z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	src=10742279;dc_pre=CKfH6o_N8IYDFe8JogMdIzwHcw;type=elf8j0;cat=glo_flhp;ord=1267421382397;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;ord=1267421382397;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Bra... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKfH6o_N8IYDFe8JogMdIzwHcw;type=elf8j0;cat=glo_flhp;ord=1267421382397;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;...	42 B 107 B	68ms 68ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKfH6o_N8IYDFe8JogMdIzwHcw;type=elf8j0;cat=glo_flhp;ord=1267421382397;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CKfH6o_N8IYDFe8JogMdIzwHcw;type=elf8j0;cat=glo_flhp;ord=1267421382397;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	src=10742279;dc_pre=CJPN6o_N8IYDFW0JogMdXFYH0Q;type=elf8j0;cat=glo_flap;ord=2629080420386;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;ord=2629080420386;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Bra... https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJPN6o_N8IYDFW0JogMdXFYH0Q;type=elf8j0;cat=glo_flap;ord=2629080420386;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;...	42 B 107 B	69ms 65ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJPN6o_N8IYDFW0JogMdXFYH0Q;type=elf8j0;cat=glo_flap;ord=2629080420386;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CJPN6o_N8IYDFW0JogMdXFYH0Q;type=elf8j0;cat=glo_flap;ord=2629080420386;npa=1;u1=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181663336z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	8 KB 3 KB	161ms 116ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BRR4GA0I9JJBU29G8GF0&lib=ttq Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 60e90141f12aff551a6cb5f7b7563e61c24a919a23e0b780151f2bfa439c1339 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 444f1493.e4342105 date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406230145322FBA957CB0D2ADAEAF82-5C24473F1BB8779B-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 95,2.20.179.79 server-timing cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=4 content-length 2359 pragma no-cache server nginx x-tt-logid 202406230145322FBA957CB0D2ADAEAF82 x-cache-remote TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 9,23.218.223.73 x-tt-trace-host 015547b42e38dafb745eb0415774d176747a4739d15ac6cf89acb86e94e65daada91508ba5ceb48c11e144ec6ab6d2eb479b12ff28d40e7f373964913381ebf83b722b05d866af673a64d8f6765aa4de8065b988e91c972b7e2a13eeb2963e91855141aead3b489e62667c358ab925e985 expires Sun, 23 Jun 2024 01:45:32 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	7 KB 3 KB	117ms 116ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4bfcd2edfe323d6ec7df2d781f316467fbcee9bbe970371640903e2a81483710 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id e4342131 date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240623014532516895D7533152B1BF04-19919DCEE03073A2-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=94 content-length 2328 pragma no-cache server nginx x-tt-logid 20240623014532516895D7533152B1BF04 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 95,2.20.179.79 x-tt-trace-host 015547b42e38dafb745eb0415774d176745d9c42b317445a4d58f061d52c02ddfcb04bb8fba273796479713051180a45b3b815adedf222a1d2476c8d8412766db40915f8d459b47b2053762d91f1cb3d7b9eaa4e5c150f44d0732cfb75100f8d9e expires Sun, 23 Jun 2024 01:45:32 GMT
GET H2	200	widget.js Show response js.jebbit.com/companion/v1/	44 KB 45 KB	393ms 24ms	Script text/javascript	65.9.66.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-87.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash cc9709489aeba0f23cc18fd3d1ff6f2087e1381ba6dbe92e98738228d520fd54 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id j3bLD5VAFZVsHy8WM9iuVjqRLf9F9664 date Sat, 22 Jun 2024 05:32:06 GMT via 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront) last-modified Thu, 02 May 2024 15:04:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 72810 x-amz-server-side-encryption AES256 etag "226557253164387c89ed4612b780f10f" x-cache Hit from cloudfront content-type text/javascript accept-ranges bytes content-length 45245 x-amz-cf-id iEPTY_v3l-e0jq5gdqj2frNPcsrVZ8fnbnqQxGAFts3lnrbSmwuu9w==
GET H2	200	src=9231397;dc_pre=COOl64_N8IYDFS4bogMdJr0N8A;type=retarget;cat=globa0;ord=7111538660735;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%... ade.googlesyndication.com/ddm/activity/ Redirect Chain https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;ord=7111538660735;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.... https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COOl64_N8IYDFS4bogMdJr0N8A;type=retarget;cat=globa0;ord=7111538660735;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab...	42 B 107 B	69ms 68ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COOl64_N8IYDFS4bogMdJr0N8A;type=retarget;cat=globa0;ord=7111538660735;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 23 Jun 2024 01:45:32 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=COOl64_N8IYDFS4bogMdJr0N8A;type=retarget;cat=globa0;ord=7111538660735;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=false;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46j0v9181619921z8896608294za201zb896608294;gcs=G100;gcd=13u3uPu2u5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Felfcosmetics.metricly.workers.dev? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/84314bef/www-widgetapi.vflset/	24 KB 8 KB	36ms 30ms	Script text/javascript	172.217.18.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.14 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f14.1e100.net Software sffe / Resource Hash a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 22:35:31 GMT content-encoding br x-content-type-options nosniff age 11401 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8237 x-xss-protection 0 last-modified Mon, 17 Jun 2024 04:18:28 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 22 Jun 2025 22:35:31 GMT
GET H2	200	jsp Show response ut.rd.linksynergy.com/	148 B 414 B	74ms 19ms	Script text/plain	34.98.67.3 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 3.67.98.34.bc.googleusercontent.com Software / Resource Hash bf76a7bc390e1f2c2ad42112224feb3b7fe7ccbbe63fa887d27f101dbfc97ffa Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type text/plain; charset=utf-8 date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 google strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148 x-samesite secure
GET H2	200	main.MTU0NDc1MDUxMA.js Show response analytics.tiktok.com/i18n/pixel/static/	339 KB 97 KB	25ms 22ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id e43421e1 date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240620151359C335DD061A25F985A2C3 x-tt-trace-id 00-240620151359C335DD061A25F985A2C3-0E6C0D03514DC990-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01be17cf2c4172650f467eaa12ea488c851337ef95428b315102f23f109f3e48bc4823203045d83bc0df83689808f2135b22c360b91060d6282dd48ae8aa1c41e86429abceba0eeaf8d51df670fd53e94bb7af2ec99248844040dba64470e71e13 server-timing cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2 content-length 98483
GET H2	200	main.MTU0NDc1MDUxMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	344 KB 99 KB	47ms 42ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 52960b56e4d4fbf39e5cae2833367131bb2354c69ab5d9eb296d82733f62923d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id e4342207 date Sun, 23 Jun 2024 01:45:32 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240620151356C335DD061A25F985A122 x-tt-trace-id 00-240620151356C335DD061A25F985A122-2C16E6605503C5D5-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01296c0fe8f132622e139a43a6f2703ea05b8efa60605e3cc64ac88b52372aa74e4dd2a1f51bb6aa28d3e69abf3835de06814d0bf6e5af0725b551e6ad85cee873cbc2fafc0ac6630bd6a24152c743d470c1c05381681cb21a61503661e6dfe2f3 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 100356
GET H2	200	local www.paypal.com/credit-presentment/experiments/ Frame B9BA	0 0	67ms 18ms	Document text/html	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.64.6&integrationType=SDK Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48D3) / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-expose-headers Server-Timing age 33177 cache-control s-maxage=86400, max-age=0 content-encoding gzip content-length 1525 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com content-type text/html; charset=utf-8 date Sun, 23 Jun 2024 01:45:33 GMT dc ccg11-origin-www-1.paypal.com etag W/"1479-gzKsDouP2RIhSCgVadwGtdYYsVk" last-modified Sat, 22 Jun 2024 16:32:36 GMT origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id 05502305a26aa permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server ECAcc (ama/48D3) server-timing content-encoding;desc="", x-cdn;desc="edgecast" strict-transport-security max-age=63072000; includeSubDomains; preload timing-allow-origin * traceparent 00-000000000000000000005502305a26aa-8b564a050f3d19a4-01 vary Accept-Encoding x-cache HIT x-xss-protection 1; mode=block
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 5 KB	369ms 365ms	Script application/x-javascript	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=elfcosmetics.metricly.workers.dev&t=xo&v=5.0.447&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhd/35D7) / Resource Hash 7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-jDvQjC8LVSZDk0uGg9G15uzOLUhl1C6lFuk7ko817+BQXU+l' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-jDvQjC8LVSZDk0uGg9G15uzOLUhl1C6lFuk7ko817+BQXU+l' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff date Sun, 23 Jun 2024 01:45:33 GMT strict-transport-security max-age=63072000; includeSubDomains; preload paypal-debug-id 061512476a3a8 server-timing content-encoding;desc="", x-cdn;desc="edgecast" dc ccg11-origin-www-1.paypal.com x-xss-protection 1; mode=block accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 server ECAcc (lhd/35D7) traceparent 00-0000000000000000000061512476a3a8-c1cde2f4b7074a8d-01 etag W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo" vary Accept-Encoding, Accept-Encoding x-frame-options SAMEORIGIN content-type application/x-javascript; charset=utf-8 cache-control public, max-age=3600 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") timing-allow-origin *
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/	1005 B 765 B	204ms 201ms	XHR application/json	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhd/35C3) / Resource Hash 15a8a8954d6b4a0aa2efb5336ad73b60e7e16873858fbd5c0d1642041a775241 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json accept application/json Referer https://elfcosmetics.metricly.workers.dev/ sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload paypal-debug-id 0a844280a6244 server-timing content-encoding;desc="", x-cdn;desc="edgecast" dc ccg11-origin-www-1.paypal.com content-length 597 accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 server ECAcc (lhd/35C3) traceparent 00-00000000000000000000a844280a6244-24723094dd6cd375-01 etag W/"3ed-nxbCJQGjnmImdVOxmytt6WLp/fI" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") timing-allow-origin *
GET H2	200	main.f74ed22b.js Show response s.pinimg.com/ct/lib/	70 KB 20 KB	27ms 27ms	Script application/javascript	146.75.120.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/lib/main.f74ed22b.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.120.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-encoding br x-cdn fastly etag "446a72b73c00f6022c92a764d3c540bb" x-amz-server-side-encryption AES256 access-control-max-age 86400 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-expose-headers X-CDN vary Accept-Encoding, Origin cache-control max-age=1209600 alt-svc h3=":443";ma=600 content-length 20114
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	222ms 172ms	Preflight	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lhd/35D5) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://elfcosmetics.metricly.workers.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control max-age=0, no-cache, no-store, must-revalidate content-length 0 date Sun, 23 Jun 2024 01:45:33 GMT dc ccg11-origin-www-1.paypal.com origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id 0a566ba0a655a permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server ECAcc (lhd/35D5) server-timing content-encoding;desc="", x-cdn;desc="edgecast" strict-transport-security max-age=63072000; includeSubDomains; preload timing-allow-origin * traceparent 00-00000000000000000000a566ba0a655a-a620926565122ebf-01 vary Accept-Encoding x-content-type-options nosniff
GET H2	200	display Show response api.usehero.com/webplugin/	118 B 1 KB	290ms 197ms	XHR application/json	176.34.100.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&state=untouched&outboundFeature= Requested by Host: cdn.usehero.com URL: https://cdn.usehero.com/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 176.34.100.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-176-34-100-28.eu-west-1.compute.amazonaws.com Software / Resource Hash 4fd9b5fab51f2e2fbc723fec53e17413d1925f7f6196becdd1c8271ec0cb78b6 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload x-permitted-cross-domain-policies none cross-origin-embedder-policy require-corp surrogate-control no-store x-dns-prefetch-control off x-time-zone Europe/Amsterdam klarna-correlation-id 0e57f142-1e75-44fb-b8d3-febc88bda829 x-envoy-upstream-service-time 11 cross-origin-resource-policy same-origin x-geo-longitude 4.89950 content-length 118 x-xss-protection 0 x-request-id 0e57f142-1e75-44fb-b8d3-febc88bda829 pragma no-cache referrer-policy same-origin cross-origin-opener-policy same-origin etag W/"76-zuK9jU8PIvv74tCwnT62wqewtPE" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-geo-latitude 52.38240 x-country NL x-accuracy 100 expires 0
GET H2	200	1638306756445368 Show response connect.facebook.net/signals/config/	71 KB 15 KB	126ms 123ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1638306756445368?v=2.9.158&r=stable&domain=elfcosmetics.metricly.workers.dev&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 3c6ad532f6b2681f5bbf520f052c20564518db128d49c4faa8bfde69fff49760 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 23 Jun 2024 01:45:33 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=25, rtx=0, c=65, mss=1317, tbw=63562, tp=-1, tpl=-1, uplat=103, ullat=0 pragma public x-fb-debug nFhMWvC6B37QGYPi3RkdALcKJ66p2EmNmSaO+ES0hb0PulG9DGQm7G9eC2lH61Srq3xCMuxlJ+kQQlK4IetldA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 40 KB	22ms 22ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id e43422fd date Sun, 23 Jun 2024 01:45:33 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202405211400005A6482EC8658954395AB x-tt-trace-id 00-2405211400005A6482EC8658954395AB-7D65582794A05721-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01bb7da6081e9cf70fa40d500e66dc7f748628c80e0f1c23442ca51ee8a2f8b68964c4f446120724fd2ca9707a41b0908b9313ba92036a2906c239a7d63f0bac733445c05cc1dc4ee260ea56789bff41382955417bb369ac05d71aab0981d5b1c3 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3 content-length 40007
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 844 B	154ms 149ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 64354561.e4342311 date Sun, 23 Jun 2024 01:45:33 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240623014533031840437B7903F7CBDA-6AADCCF2D3388ACF-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 124,2.20.179.79 server-timing cdn-cache; desc=MISS, edge; dur=91, origin; dur=37, inner; dur=34 content-length 0 pragma no-cache server nginx x-tt-logid 20240623014533031840437B7903F7CBDA x-cache-remote TCP_MISS from a23-218-223-70.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 37,23.218.223.70 x-tt-trace-host 015547b42e38dafb745eb0415774d176747a4739d15ac6cf89acb86e94e65daada1fbc24f5737280d6f4f0c2f6fe0d056b56e350777e51f2e5f0d4625cc67acc1b6fbd09aaab76b0bca9ca0f74561070f3a3bd22bce496ce513545a06ca3d12ab1f7448e7475d61dbc729d4e6ed8716faf access-control-allow-headers Authorization,* expires Sun, 23 Jun 2024 01:45:33 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 703 B	152ms 148ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id e4342313 date Sun, 23 Jun 2024 01:45:33 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406230145338938EE967B8BC56FF8FB-51A6EA7E57301484-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=30, cdn-cache; desc=MISS, edge; dur=3, origin; dur=122 content-length 0 pragma no-cache server nginx x-tt-logid 202406230145338938EE967B8BC56FF8FB access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 122,2.20.179.79 x-tt-trace-host 015547b42e38dafb745eb0415774d176745d9c42b317445a4d58f061d52c02ddfcbc5cc4aecd295974310165512adcc39b371f011378c899df1644c4ba25d9a570d8a4eca0a556630e9fca4a18cb2bca15556198843351e5800a1fa4a3185c79af access-control-allow-headers Authorization,* expires Sun, 23 Jun 2024 01:45:33 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 842 B	153ms 150ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id a064f0b.e4342314 date Sun, 23 Jun 2024 01:45:33 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24062301453304831E479E830C6F3AD8-41FB955143260314-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 124,2.20.179.79 server-timing cdn-cache; desc=MISS, edge; dur=92, origin; dur=36, inner; dur=29 content-length 0 pragma no-cache server nginx x-tt-logid 2024062301453304831E479E830C6F3AD8 x-cache-remote TCP_MISS from a23-217-116-207.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 36,23.217.116.207 x-tt-trace-host 015547b42e38dafb745eb0415774d176747a4739d15ac6cf89acb86e94e65daada3107ebdcb0b4906143cf6459f536d5b95be5700cf1c347f0ae14f28e32cdb3209a3971d3008837c50c44894a2ce8eaa692fdb4c91fa913918d4cb296e4010cc47992e5cd47d2f05ae859342e9f112424 access-control-allow-headers Authorization,* expires Sun, 23 Jun 2024 01:45:33 GMT
POST H3	200	collector Show response collector-pxxt4gy2ig.px-cloud.net/api/v2/	32 B 49 B	132ms 132ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash 19e0ccf5f49d76af8db3bcaa13c7fabc8276dcff286235a30c069da7abec2d8e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 23 Jun 2024 01:45:32 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32
GET H2	204	5013978.js Show response bat.bing.com/p/action/	0 119 B	44ms 42ms	Script text/plain	204.79.197.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5013978.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Sun, 23 Jun 2024 01:45:33 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: CD3A1B5D38E64C1C971A7E7086D8396A Ref B: DUS30EDGE0912 Ref C: 2024-06-23T01:45:33Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 290 B	93ms 92ms	Image text/plain	204.79.197.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5013978&tm=gtm002&Ver=2&mid=11c28d5f-ce13-4032-a639-f8b6ea26f5fa&sid=477d9d90310211ef80445b19a9c297cd&vid=477df610310211efa52c6ba40f66336d&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&p=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&r=&lt=3952&evt=pageLoad&sv=1&rn=843462 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 23 Jun 2024 01:45:33 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0375FC6CCFD44ADE9D7F8325EC5C4555 Ref B: DUS30EDGE0912 Ref C: 2024-06-23T01:45:33Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_16331p/	3 B 125 B	132ms 43ms	XHR application/json	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_16331p/config Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-encoding gzip via 1.1 varnish content-type application/json access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes content-length 27
GET H2	200	t2_16331p_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 700 B	432ms 48ms	XHR application/json	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_16331p_telemetry Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 97
GET H2	200	rp.gif alb.reddit.com/	42 B 638 B	129ms 42ms	Image image/gif	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1719107133111&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=313a1199-784e-4bc2-b794-eda0409c352a&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 368 B	184ms 81ms	XHR application/json	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1719107133115&dep=2%2CPAGE_LOAD Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-encoding gzip x-cdn fastly x-envoy-upstream-service-time 0 alt-svc h3=":443";ma=600 x-pinterest-rid 8010653593012477 content-length 186 pin-unauth dWlkPVptSXpOVFE1WldVdFltTXhZUzAwTnpZd0xUa3haV1l0TXpReVltVXhPVGc0TW1JeA pragma no-cache referrer-policy origin content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true pinterest-version ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response ct.pinterest.com/user/	320 B 302 B	184ms 82ms	XHR application/json	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221719107372906_171910759292812%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1719107133115&dep=5%2CEVENT_TAGS_ABSENT Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT content-encoding gzip x-cdn fastly x-envoy-upstream-service-time 1 alt-svc h3=":443";ma=600 x-pinterest-rid 1710325162059205 content-length 186 pin-unauth dWlkPVpHUTNaamhsTkRNdFl6bGtPQzAwTkdRNUxXSTJOekF0Tm1JNE5tSmlPV1l3TTJOaw pragma no-cache referrer-policy origin content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true pinterest-version ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 0	181ms 80ms	Fetch image/gif	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1719107133117 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:33 GMT referrer-policy origin x-cdn fastly content-type image/gif access-control-allow-origin https://elfcosmetics.metricly.workers.dev pinterest-version ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2 cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true x-envoy-upstream-service-time 0 alt-svc h3=":443";ma=600 x-pinterest-rid 1663504636902306 content-length 35 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 275 B	364ms 20ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&rl=&if=false&ts=1719107133183&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1719107133180.618752321412802269&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1719107133040&coo=false&eid=1719107372906_171910759292812&tm=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1317, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 23 Jun 2024 01:45:33 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	543ms 199ms	Image image/png	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&rl=&if=false&ts=1719107133183&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1719107133180.618752321412802269&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1719107133040&coo=false&eid=1719107372906_171910759292812&tm=1&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa90e50505ca4fe26","source_keys":["1","2"]},{"key_piece":"0x521824ae15b46aad","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sun, 23 Jun 2024 01:45:33 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383508916692472586", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1317, tbw=3107, tp=-1, tpl=-1, uplat=179, ullat=0 pragma no-cache x-fb-debug c7ptgO7MHIFYWrhgQeqTP6r789FDSZ1/hUwY7kY3ITD8cqwegAY4n+JAAdv+cAgQAnJYLfmYuGp8wmnt7IGxKA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383508916692472586"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	i.js Show response tag.wknd.ai/4142/	18 KB 6 KB	70ms 15ms	Script text/plain	34.120.253.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.wknd.ai/4142/i.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.253.120.34.bc.googleusercontent.com Software istio-envoy / Resource Hash fa82f442825e37da450753beffc9ef5169fb2219bbc409c28b19e55000d7285f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 22 Jun 2024 21:43:08 GMT content-encoding gzip x-envoy-decorator-operation tag-router.tag-router.svc.cluster.local:80/* via 1.1 google age 14545 x-envoy-upstream-service-time 1 x-region us-central1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5912 server istio-envoy etag dca4f14476b310 vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control public,max-age=60 timing-allow-origin * link <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
GET H3	200	include.js Show response cdn8.eu.inside.chat/gtm/IN-1011171-EC/	23 KB 6 KB	77ms 35ms	Script application/javascript	104.18.8.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn8.eu.inside.chat/gtm/IN-1011171-EC/include.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bb5a96a0b8bb188276405893ba46f3dcb643f868258f089870e4ee0edc18bec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT strict-transport-security max-age=31536000; includeSubdomains content-encoding br cf-cache-status HIT age 588 cf-polished origSize=33893 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 11 Jun 2024 18:33:40 GMT server cloudflare etag W/"01a48e12dbcda1:0" vary Accept-Encoding content-type application/javascript cache-control public, max-age=3600 cf-ray 8980cc9eefff9202-FRA expires Sun, 23 Jun 2024 02:45:33 GMT
GET H2	200	widget.css js.jebbit.com/companion/v1/	15 KB 16 KB	29ms 22ms	Stylesheet text/css	65.9.66.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.jebbit.com/companion/v1/widget.css Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-87.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 875ca118023e8741e684a320e73b7f9af4e8eba6c88f1f7e8457f7c0cdda6efb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 5TtP6A3FvksKClCFN7X6r1PsSCc1hWlP date Sat, 22 Jun 2024 04:16:32 GMT via 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront) last-modified Thu, 02 May 2024 15:04:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 77341 x-amz-server-side-encryption AES256 etag "de1b72e797664b9b2c2139e5ccb24844" x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 15521 x-amz-cf-id Cy-pvCYw7FQz8E1hCTR7pLBByQOIIVdthojZrSVuqKBWCAUdp7OQtQ==
GET H2	200	launcher_configs Show response external-api.jebbit.com/moments/v2/	2 B 458 B	90ms 24ms	XHR application/json	18.194.190.186 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZlbGZjb3NtZXRpY3MubWV0cmljbHkud29ya2Vycy5kZXYlMkY=&completedLightboxCampaigns=W10=&jebbitCookies= Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.190.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-190-186.eu-central-1.compute.amazonaws.com Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff surrogate-control no-store x-dns-prefetch-control off content-length 2 x-xss-protection 1; mode=block pragma no-cache etag W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w" x-download-options noopen vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-store, no-cache, must-revalidate, proxy-revalidate access-control-allow-credentials true expires 0
GET H3	200	ig.js Show response cdn8.eu.inside.chat/	124 KB 42 KB	37ms 36ms	Script text/javascript	104.18.8.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn8.eu.inside.chat/ig.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.8.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d13f13f041941770ae11a3ae675276c43cea109b5f4625264388383e2ffec45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT strict-transport-security max-age=31536000; includeSubdomains content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 587 cf-polished origSize=171336 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 cf-ray 8980cc9f18109202-FRA alt-svc h3=":443"; ma=86400 expires Sun, 23 Jun 2024 02:45:33 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 0	82ms 80ms	Fetch image/gif	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221719107372906_171910759292812%22%2C%22np%22%3A%22gtm%22%7D&tid=2615235625530&cb=1719107133303&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22external_id%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPVptSXpOVFE1WldVdFltTXhZUzAwTnpZd0xUa3haV1l0TXpReVltVXhPVGc0TW1JeA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:33 GMT referrer-policy origin x-cdn fastly content-type image/gif access-control-allow-origin https://elfcosmetics.metricly.workers.dev pinterest-version ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2 cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true x-envoy-upstream-service-time 1 alt-svc h3=":443";ma=600 x-pinterest-rid 1523691081111780 content-length 35 expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 704 B	159ms 156ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id e43424bf date Sun, 23 Jun 2024 01:45:33 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406230145332ECD882FC36AFEABED8D-421C8F9B329ABA4E-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=39, cdn-cache; desc=MISS, edge; dur=6, origin; dur=129 content-length 0 pragma no-cache server nginx x-tt-logid 202406230145332ECD882FC36AFEABED8D access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 129,2.20.179.79 x-tt-trace-host 015547b42e38dafb745eb0415774d176745d9c42b317445a4d58f061d52c02ddfc46c0963539efc37c3239916e85c4bb528000444f53b66e9cc46984ed8f9b609d812100a665697bbef3c8feeafcecf582a7720f1c10fa826a0543c7473ad65555 access-control-allow-headers Authorization,* expires Sun, 23 Jun 2024 01:45:33 GMT
GET H2	200	ts t.paypal.com/	42 B 641 B	324ms 212ms	Image image/gif	151.101.1.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1719107133368&g=-120&completeurl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&ru=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cache-hits 0, 0 date Sun, 23 Jun 2024 01:45:33 GMT via 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, MISS p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 74ef90cc8e511 server-timing "traceparent;desc="00-000000000000000000074ef90cc8e511-be1d84ad637a4272-01"";content-encoding;desc="",x-cdn;desc="fastly" x-served-by cache-lhr-egll1980077-LHR, cache-mad2200095-MAD pragma no-cache correlation-id 74ef90cc8e511 traceparent 00-000000000000000000074ef90cc8e511-0dc703ec3734d4bd-01 x-timer S1719107134.504520,VS0,VE169 vary Accept-Encoding content-type image/gif access-control-expose-headers Server-Timing cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 01:45:33 GMT
GET H3	403	config Show response www8.eu.inside.chat/	4 B 381 B	119ms 81ms	XHR application/json	104.18.9.17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www8.eu.inside.chat/config?acc=IN-1011171&pid=&c1=OK&dev=1&url=https%3A%2F%2Felfcosmetics.metricly.workers.dev&sid=1&j=1 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.9.17 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 23 Jun 2024 01:45:33 GMT strict-transport-security max-age=31536000; includeSubdomains cf-cache-status DYNAMIC last-modified Sat, 01 Jan 2000 00:00:00 GMT server cloudflare content-type application/json; charset=UTF-8 access-control-allow-origin https://elfcosmetics.metricly.workers.dev p3p CP="insert_p3p_privacy_policy_here" cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true cf-ray 8980cc9fed974d70-FRA alt-svc h3=":443"; ma=86400 content-length 4 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	2024-06-hptile-newArrivals-hero-D-img3-min cdn.media.amplience.net/i/elfcosmetics/	21 KB 22 KB	25ms 19ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img3-min?fmt=auto&w=2460%203x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash cf0bc04f014f0ba1d65c050fa9d2c49183d65bff457becdd380ced028e97e1c1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT x-content-type-options nosniff x-amp-srv A cache-tag qwALGRYRV,l4p5bDg2e,xRMdGFflt,WepA0szpz x-req-id BRSEnXG7nR content-length 21815 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	runtime_6459738026535cda4232dc813c61447d.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 2 KB	67ms 15ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 03:41:57 GMT content-encoding br age 2412216 x-guploader-uploadid ABPtcPpharWguC404MMqE65WPw54imomgoFp0luaEoZfaisfl6xcGU1G8zp13fhP_ElcGQ4fF4YU-rrCpA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1316 last-modified Thu, 23 May 2024 19:16:48 GMT server UploadServer etag "09512239cb2a22728ca9f8608dfc2181" x-goog-generation 1713883050962681 x-goog-hash crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 1316 accept-ranges bytes content-type text/javascript
GET H3	200	token_create.js Show response ct.pinterest.com/static/ct/	4 KB 4 KB	45ms 44ms	Script application/javascript	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/static/ct/token_create.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:33 GMT x-cdn fastly age 5485 etag "19c94b308deaf8fbf050b4fca2fa21b7" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript cache-control max-age=7200 timing-allow-origin https://ct.pinterest.com alt-svc h3=":443";ma=600 content-length 4103
GET H2	200	ct.html ct.pinterest.com/ Frame 60A2	0 0	169ms 78ms	Document text/html	151.101.64.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/ct.html Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443";ma=600 cache-control max-age=86400 content-encoding gzip content-length 323 content-type text/html; charset=utf-8 date Sun, 23 Jun 2024 01:45:33 GMT pinterest-version ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2 referrer-policy origin x-cdn fastly x-envoy-upstream-service-time 0 x-pinterest-rid 1286929991908725
GET H2	200	main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	498 KB 109 KB	16ms 14ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_533d031a0a5ca2c9d24e6369b88e2862.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 01bd0485587edbcc45fa110675af95224340155e499316c48351efa913a4b4e6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 14:05:03 GMT content-encoding br age 214830 x-guploader-uploadid ACJd0NrQykMhdIWSKt7UP3mpxdMM6t-mcA2xJyIRCdmIzjWawazny3lTsiB-wMajkp1LpD1FKmW8XJHN5w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111326 last-modified Thu, 20 Jun 2024 14:04:53 GMT server UploadServer etag "a3580b440541e883c55099f395aa5926" x-goog-generation 1718892293787562 x-goog-hash crc32c=0MdYbw==, md5=o1gLRAVB6IPFUJnzlapZJg== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 111326 accept-ranges bytes content-type text/javascript
GET H2	200	cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	49 KB 16 KB	45ms 45ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 03:42:17 GMT content-encoding gzip age 2412196 x-guploader-uploadid ABPtcPpFBqwbJXBgZsVoBAtM7pUEnJcf8AgH5kE3TUm2UufDd993XXC-FewDgNX3srOuw8ksCYCryeZNPw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15748 last-modified Mon, 22 Apr 2024 20:59:52 GMT server UploadServer etag "1eb885454ea6bef1c9747800702959de" x-goog-generation 1713819592631797 x-goog-hash crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000,no-transform x-goog-stored-content-length 15748 accept-ranges bytes content-type text/javascript; charset=utf-8
GET H/1.1	200 OK	/ Show response data.cdnbasket.net/	14 B 338 B	497ms 119ms	XHR application/json	34.149.148.173 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.cdnbasket.net/ Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.148.173 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 173.148.149.34.bc.googleusercontent.com Software / Resource Hash 5d8b255182de2684e2e17f2d36273f83d72287116879d7ef038c4c24dee84cee Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Sun, 23 Jun 2024 01:45:34 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H/1.1	200 OK	/ Show response page.cdnbasket.net/	14 B 338 B	578ms 129ms	XHR application/json	34.120.117.252 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://page.cdnbasket.net/ Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.120.117.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 252.117.120.34.bc.googleusercontent.com Software / Resource Hash 5fc62ace6f935bc7d12dfb78e2c1b5b29c20acd5180d3aa4dc55a852a7bf4a3e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Sun, 23 Jun 2024 01:45:34 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H/1.1	200 OK	/ Show response view.cdnbasket.net/	14 B 338 B	653ms 114ms	XHR application/json	34.117.86.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://view.cdnbasket.net/ Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.117.86.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.86.117.34.bc.googleusercontent.com Software / Resource Hash 27c2b549e5a8c790671c751928917df02e62ab94e7d0c038a19c6ce4d561cb17 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Sun, 23 Jun 2024 01:45:34 GMT Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Origin, Content-Type, Accept Expires 0
GET H3	200	inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	17 KB 5 KB	18ms 16ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash 03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 16:07:14 GMT content-encoding br age 2108299 x-guploader-uploadid ABPtcPqymiAApSTO1EtNuW7wIEGQW9LsxKVwowBohDXODQ60UutOHM3ltalulKKp7qnK8Mr01xZwNk7-lg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5089 last-modified Wed, 29 May 2024 15:57:03 GMT server UploadServer etag "2a4c802d3ec2dfc292cc9bb15ef5f45d" x-goog-generation 1714406829637644 x-goog-hash crc32c=PRHjLA==, md5=KkyALT7C38KSzJuxXvX0XQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 5089 accept-ranges bytes content-type text/javascript
GET H3	200	sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	3 KB 1 KB	19ms 17ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 03:48:49 GMT content-encoding br age 2411804 x-guploader-uploadid ABPtcPqJRIghl2pmStBCh6XQfehajnJiTgJqQvlBTbX5dDBGrijSG3n25p2xrhnNvDlN0XHQc_M x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1303 last-modified Thu, 23 May 2024 19:16:51 GMT server UploadServer etag "684b816ff7fa85526ab4b729fb5f0c91" x-goog-generation 1713883053015461 x-goog-hash crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 1303 accept-ranges bytes content-type text/javascript
GET H3	200	onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response assets.bounceexchange.com/assets/smart-tag/versioned/	16 KB 5 KB	16ms 15ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 03:41:50 GMT content-encoding br age 2412223 x-guploader-uploadid ABPtcPpnXb3Iyhz8MlZGnhj0GMrN_uc_QEFBa45-ZkpH41Qwf-WrCr52NMiGmMPijxTKyFm12R0 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5003 last-modified Thu, 23 May 2024 19:16:42 GMT server UploadServer etag "7ff99b6f1cea743cef749de91009e764" x-goog-generation 1713883044855037 x-goog-hash crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 5003 accept-ranges bytes content-type text/javascript
GET H3	200	jquery-3.7.1.min.js Show response assets.bounceexchange.com/assets/bounce/	85 KB 30 KB	18ms 17ms	Script text/javascript	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 20:35:03 GMT content-encoding br age 1487430 x-guploader-uploadid ABPtcPrqBsc2CiYFiR_c4Q2AojloKftMQy2SVYtd8liFUdqvKS94F22bFv1m9bjQywj98HHLKEyM2VeZQw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31007 last-modified Wed, 05 Jun 2024 14:18:26 GMT server UploadServer etag W/"2c872dbe60f4ba70fb85356113d8b35e" vary Accept-Encoding x-goog-generation 1717597106792405 x-goog-hash crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg== access-control-allow-origin * access-control-expose-headers etag, Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 87533 accept-ranges none content-type text/javascript; charset=UTF-8
GET H2	200	local_storage_frame17.min.html assets.bounceexchange.com/assets/bounce/ Frame 4BD9	0 0	43ms 15ms	Document text/html	34.98.72.95 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 95.72.98.34.bc.googleusercontent.com Software UploadServer / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges none access-control-allow-origin * access-control-expose-headers etag Content-Type age 2276673 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=31536000 content-encoding br content-length 938 content-type text/html; charset=UTF-8 date Mon, 27 May 2024 17:21:01 GMT etag W/"fc893948c3efc689b5b19d8a77958e23" last-modified Thu, 23 May 2024 19:16:17 GMT server UploadServer vary Accept-Encoding x-goog-generation 1716491777356321 x-goog-hash crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 2408 x-guploader-uploadid ABPtcPoZyzve3hHZrk5fDdAnL4HQ52gqSnR7MFbcG35LOI2CIxuUyfGddw0dvegI3SoiSRCTSyE
GET H2	200	cs tags.rd.linksynergy.com/ Redirect Chain https://idsync.rlcdn.com/458359.gif?partner_uid=1b4d5ba9-a830-40a5-8e94-36369b921857 https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDFiNGQ1YmE5LWE4MzAtNDBhNS04ZTk0LTM2MzY5YjkyMTg1NxAAGg0IvvzdswYSBQjoBxAAQgBKAA https://tags.rd.linksynergy.com/cs?ns=lr&uid3=db9870b540cf55380e46299d01618d48464fe17879f45e80f60e9d4f2f80f6636ac34734d8e453ee	37 B 304 B	43ms 22ms	Image image/gif	34.98.67.3 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tags.rd.linksynergy.com/cs?ns=lr&uid3=db9870b540cf55380e46299d01618d48464fe17879f45e80f60e9d4f2f80f6636ac34734d8e453ee Protocol H2 Server 34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 3.67.98.34.bc.googleusercontent.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://elfcosmetics.metricly.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type image/gif date Sun, 23 Jun 2024 01:45:34 GMT via 1.1 google strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37 x-samesite secure Redirect headers date Sun, 23 Jun 2024 01:45:34 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://tags.rd.linksynergy.com/cs?ns=lr&uid3=db9870b540cf55380e46299d01618d48464fe17879f45e80f60e9d4f2f80f6636ac34734d8e453ee cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	2024-06-hptile-newArrivals-hero-D-img4-min cdn.media.amplience.net/i/elfcosmetics/	76 KB 77 KB	23ms 23ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img4-min?fmt=auto&w=2460%203x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 26663e70816428e507929d3c42621895551903c5ceab3bedbf1b3d41385bd309 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:34 GMT x-content-type-options nosniff x-amp-srv A cache-tag 161Cnzq2o,l4p5bDg2e,imkN6HLGL,WepA0szpz x-req-id c6WEX5VyqL content-length 78301 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
GET H2	200	c Show response ids.cdnwidget.com/	61 B 245 B	473ms 117ms	XHR application/json	34.160.20.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=004114001&GCS2=MTcyLjE3LjAuMTEsMTAuNS4yMTEuMjQwLGZkYmY6MWQzNzpiYmUwOjo5MzozOjpmMCxmZGJmOjFkMzc6YmJlMDo6OTM6Mzo6ZjA=&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22lczG9EGf3NKArP2%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A1%2C%22IDStageStart%22%3A1%2C%22netComplete%22%3A141%2C%22obsReqdata%22%3A586%2C%22obsReqpage%22%3A588%2C%22obsReqview%22%3A657%2C%22IDStagePrefire%22%3A657%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A2%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%221384093021712017425%22%2C%22visitid%22%3A%221719107134071003%22%7D Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.20.10 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 10.20.160.34.bc.googleusercontent.com Software / Resource Hash a2d26dc3a3a088c69d2495f5e714a6dc97c6bbcaeeb069b23b065092cca8fc79 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:35 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin https://elfcosmetics.metricly.workers.dev access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61
GET H2	200	init1.js Show response api.bounceexchange.com/bounce/	36 B 392 B	131ms 50ms	Script text/html	34.111.8.32 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.bounceexchange.com/bounce/init1.js?wklzs=917&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8BOfABmIGYBWG8-TYALxCgFp8AmczAdwCmAIxypgAgPqoAJlAAs+OV0wAnAThAAbOGgwEAbOXIAPbkdUCYAlWpVRsAQ02bUCAOYS4KzVAAWwYAAHHABSKgBBEK4AMSjogU0YJBAcAFsBNCQcADp04BVUJE0AT2y+EBUAa2sc6QEANzjMetRRYAlkkErUASgQwgAhKK5NQOGwyK4ufyDQrhoIqJoYpZiEpJS8wpy8gqLS8qqa7LrG+ZWpqIBhYZVxxcvHm6mBY3vwolIKAA4SKioyPh+gARbAgLo9PqDYbSGTvYb4KjfOTkP7kLifHhEJQ0cZcZ5cFrSd6fMiUREo4hGKjXYZnLgTfpDKaaEBuNwCaRSBDvGBOHACWkverWCSs9mc7m8-mC-HDJAOFTtACOwGK73IQq4CqVEnqTjgsoZEU1cqmODgQlSYnEXIwbSNEz5mgFWvFHK5rikdQQaBgPWJlwiztdZu1ivaAuA0pdsoJOujQfCIcFhGBWukbmiqBUOGAABkQA5A8bwvlDSDmoqcABtd2S1wAXVgMqruZrDVF9c9CGbKbbtYTElVxWbvH17aH+u0AjHA5rgRUIC5i8Ks5bsfni+XEgQDnSfdbE9rXrzICQlUPm+PNYtVptkvtYnX-ZvnW6klSy6cEkX6gEvpXgK87dty3oAX6AZAQI85DlG0FbtIgQSDglRwAhb4Rhh1YLmo9QoWhGF1DANZTga67jsRdZsh6YEyBBqD+pyRGWKREYoRkCHvj0EigCAYqKhyG7AUIgRQLwGRiTWABECbSQANLJDjiG4FTFApsm+AIF4gDoGm+CA6Qadu0hwCgGkCoqSC+NJjaYIEwB4AZ6RgqkgQuA4yCSDAmgOG49j1L4DhQEAA Requested by Host: elfcosmetics.metricly.workers.dev URL: https://elfcosmetics.metricly.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 32.8.111.34.bc.googleusercontent.com Software / Resource Hash fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:35 GMT content-encoding gzip x-envoy-decorator-operation legacy-api-tier1.legacy-api.svc.cluster.local:80/* via 1.1 google content-type text/html; charset=UTF-8 p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" x-envoy-upstream-service-time 25 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	204	cjs-logger e.cdnwidget.com/	0 101 B	155ms 117ms	Image image/png	34.102.193.48 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520NL&cookieID=&deviceID=&BXWID=4142&warpspeed=2%5EHIykD&loadID=lczG9EGf3NKArP2&version=1.5.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 48.193.102.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:35 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/png
GET H2	200	2024-06-hptile-newArrivals-hero-D-img5-min cdn.media.amplience.net/i/elfcosmetics/	31 KB 32 KB	21ms 21ms	Image image/avif	23.38.98.78 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=820%201x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=1640%202x,%20https://cdn.media.amplience.net/i/elfcosmetics/2024-06-hptile-newArrivals-hero-D-img5-min?fmt=auto&w=2460%203x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-78.deploy.static.akamaitechnologies.com Software Unknown / Resource Hash 42692dfa6661bd2e7ad2ad4465619ffa9079c20032702dd09e05bfa9fd9bd204 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 01:45:36 GMT x-content-type-options nosniff x-amp-srv A cache-tag aMeJeJNAj,l4p5bDg2e,5L0oRZRq0,WepA0szpz x-req-id FiUzWQ8hW- content-length 32071 x-xss-protection 1; mode=block x-amp-source-height 1040 server Unknown x-frame-options DENY x-amp-source-width 1440 access-control-allow-origin * content-type image/avif cache-control max-age=1800, s-maxage=86400 accept-ranges bytes x-amp-published Mon, 10 Jun 2024 15:55:02 GMT
POST H2	200	collect Show response sgtm.elfcosmetics.com/g/	65 B 215 B	349ms 348ms	XHR text/plain	34.49.124.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-5D80LRC85N&gtm=45je46j0v9125640115z8896608294za200zb896608294&gcs=G100&gcd=13u3u3u2u5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1107812864.1719107133&ecid=200446174&ul=nl-nl&sr=1600x1200&_fplc=0&ur=NL&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1721591069.1719107131&sst.gse=1&sst.etld=google.nl&sst.gcsub=region1&sst.gcd=13u3u3u2u5&sst.adr=1&sst.ude=0&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1719107132&sct=1&seg=1&dl=https%3A%2F%2Felfcosmetics.metricly.workers.dev%2F&_s=5&tfd=9345&richsstsse Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.124.49.34.bc.googleusercontent.com Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://elfcosmetics.metricly.workers.dev/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 23 Jun 2024 01:45:37 GMT via 1.1 google, 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://elfcosmetics.metricly.workers.dev cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cdn-fsly.yottaa.net

URL

https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a5/

Domain

pixel.pointmediatracker.com

URL

https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=8623b782-24ee-44e1-b81c-5739b97efe8e&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=693305582

Domain

edge.curalate.com

URL

https://edge.curalate.com/sites/elfcosmetics-oqltbv/experiences/gallery-OdKxcdTK/latest/experience.min.js