www.elfcosmetics.com
151.101.3.52 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://elfcosmetics.com/ 11yr old
Effective URL:
https://www.elfcosmetics.com/ 11yr old
Submission Tags: tranco_l76g4
Submission: On April 18 via api (April 18th 2026, 3:07:34 am UTC) from DE — Scanned from PT

Summary HTTP 258 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 27 domains to perform 258 HTTP transactions. The main IP is 151.101.3.52, located in United States and belongs to FASTLY - Fastly, Inc., US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 182137. 11yr old
TLS certificate: Issued by Certainly Intermediate R1 on April 6th 2026. Valid for: 1mo.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.19.52 151.101.19.52	54113 (FASTLY) (FASTLY - Fastly)
1 71	151.101.3.52 151.101.3.52	54113 (FASTLY) (FASTLY - Fastly)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY - Fastly)
2	3.174.46.60 3.174.46.60	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
20	2.17.147.219 2.17.147.219	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
14	2.17.147.192 2.17.147.192	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2.17.147.171 2.17.147.171	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	13.248.191.155 13.248.191.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	99.83.184.193 99.83.184.193	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.36.73.246 34.36.73.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
7	34.120.250.63 34.120.250.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
13	34.107.218.251 34.107.218.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
3	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
12	104.18.86.42 104.18.86.42	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
21	142.251.20.97 142.251.20.97	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.18.32.137 104.18.32.137	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	142.251.155.119 142.251.155.119	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.212.43.231 35.212.43.231	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.17.234.193 52.17.234.193	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	34.49.124.132 34.49.124.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
1	142.251.14.157 142.251.14.157	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.156.253.221 35.156.253.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	104.16.40.28 104.16.40.28	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	104.18.7.168 104.18.7.168	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.86.53.30 104.86.53.30	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
14	104.18.0.100 104.18.0.100	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	18.244.18.115 18.244.18.115	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 6	142.251.110.154 142.251.110.154	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
10	104.18.38.107 104.18.38.107	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	13.35.58.39 13.35.58.39	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	104.18.6.168 104.18.6.168	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	34.253.163.93 34.253.163.93	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	3.87.234.35 3.87.234.35	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	34.95.94.110 34.95.94.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
16	91.235.133.113 91.235.133.113	30286 (THM) (THM - ThreatMetrix Inc.)
2	3.93.158.79 3.93.158.79	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	91.235.132.130 91.235.132.130	30286 (THM) (THM - ThreatMetrix Inc.)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM - ThreatMetrix Inc.)
258	40

1 151.101.19.52 (Atlanta, United States) 1 redirects

ASN54113 (FASTLY - Fastly, Inc., US)

elfcosmetics.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

71 151.101.3.52 (United States) 1 redirects

ASN54113 (FASTLY - Fastly, Inc., US)

www.elfcosmetics.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)

rapid-cdn.yottaa.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 3.174.46.60 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-3-174-46-60.fra60.r.cloudfront.net

cnstrc.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

20 2.17.147.219 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-17-147-219.deploy.static.akamaitechnologies.com

elfcosmetics.a.bigcontent.io 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

14 2.17.147.192 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-17-147-192.deploy.static.akamaitechnologies.com

cdn.media.amplience.net 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2.17.147.171 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-17-147-171.deploy.static.akamaitechnologies.com

cdn.c1.amplience.net 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.248.191.155 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: a03bd531e8ce9952c.awsglobalaccelerator.com

rapid-1.yottaa.net 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 99.83.184.193 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: a0540a066b92ce4ca.awsglobalaccelerator.com

qoe-1.yottaa.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.73.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 246.73.36.34.bc.googleusercontent.com

tzm.px-cloud.net 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 34.120.250.63 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 63.250.120.34.bc.googleusercontent.com

collector-pxxt4gy2ig.px-cloud.net 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

13 34.107.218.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 251.218.107.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 104.26.12.205 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.ipify.org 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 104.18.86.42 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.cookielaw.org 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

21 142.251.20.97 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bx-in-f97.1e100.net

www.googletagmanager.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.18.32.137 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

geolocation.onetrust.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.155.119 (United States)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.212.43.231 (Washington, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 231.43.212.35.bc.googleusercontent.com

px.adentifi.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.17.234.193 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-234-193.eu-west-1.compute.amazonaws.com

px.gumgum.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 132.124.49.34.bc.googleusercontent.com

sgtm.elfcosmetics.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.14.157 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: pm-in-f157.1e100.net

pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.156.253.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-253-221.eu-central-1.compute.amazonaws.com

ac.cnstrc.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.16.40.28 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.fonts.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 104.18.7.168 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.paypal.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.86.53.30 (Berlin, Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-86-53-30.deploy.static.akamaitechnologies.com

static.ordergroove.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

14 104.18.0.100 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

a42cdn.usablenet.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.244.18.115 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-18-244-18-115.fra56.r.cloudfront.net

t.contentsquare.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 142.251.110.154 (United States) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: bz-in-f154.1e100.net

ade.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 3.67.98.34.bc.googleusercontent.com

consent.linksynergy.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 104.18.38.107 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

sdk.iad-05.braze.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 13.35.58.39 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-58-39.fra60.r.cloudfront.net

cdn.us.heap-api.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 104.18.6.168 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.paypal.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 34.253.163.93 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-163-93.eu-west-1.compute.amazonaws.com

c.contentsquare.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 3.87.234.35 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-87-234-35.compute-1.amazonaws.com

c.us.heap-api.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 34.95.94.110 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 110.94.95.34.bc.googleusercontent.com

cdn-scripts.signifyd.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

16 91.235.133.113 (United States)

ASN30286 (THM - ThreatMetrix Inc., US)

imgs.signifyd.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 3.93.158.79 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-93-158-79.compute-1.amazonaws.com

dp.signifyd.com 7mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 91.235.132.130 (United States)

ASN30286 (THM - ThreatMetrix Inc., US)
PTR: h.online-metrix.net

h.online-metrix.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
h64.online-metrix.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM - ThreatMetrix Inc., US)

w2txo5aaue5cx6s7mswasubdxgx3hgk4ztehw2up6c36d008005ef168am1.e.aa.online-metrix.net 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
75	elfcosmetics.com 2 redirects elfcosmetics.com — Cisco Umbrella Rank: 162009 11yr old www.elfcosmetics.com — Cisco Umbrella Rank: 182137 11yr old sgtm.elfcosmetics.com — Cisco Umbrella Rank: 324591 2yr old	3 MB
23	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 10106 9yr old imgs.signifyd.com — Cisco Umbrella Rank: 8900 10yr old dp.signifyd.com — Cisco Umbrella Rank: 10962 7mo old	172 KB
21	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39 56yr old	899 KB
20	bigcontent.io elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 394714 3yr old	2 MB
15	amplience.net cdn.media.amplience.net — Cisco Umbrella Rank: 16139 6yr old cdn.c1.amplience.net — Cisco Umbrella Rank: 34628 6yr old	910 KB
14	usablenet.com a42cdn.usablenet.com — Cisco Umbrella Rank: 23996 3yr old	37 KB
13	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2323 10yr old	217 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 382 9yr old	330 KB
10	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3484 5yr old	3 KB
8	px-cloud.net tzm.px-cloud.net — Cisco Umbrella Rank: 2327 1yr old collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 709528 6yr old	3 KB
7	googlesyndication.com 3 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 138 9yr old ade.googlesyndication.com — Cisco Umbrella Rank: 438 9yr old	2 KB
6	heap-api.com cdn.us.heap-api.com — Cisco Umbrella Rank: 9422 3yr old c.us.heap-api.com — Cisco Umbrella Rank: 9506 3yr old	77 KB
6	paypal.com www.paypal.com — Cisco Umbrella Rank: 3038 13yr old	235 KB
4	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2548 9yr old h64.online-metrix.net — Cisco Umbrella Rank: 1759 5yr old w2txo5aaue5cx6s7mswasubdxgx3hgk4ztehw2up6c36d008005ef168am1.e.aa.online-metrix.net 1mo old	18 KB
4	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 2782 9yr old c.contentsquare.net — Cisco Umbrella Rank: 4234 9yr old	144 KB
4	yottaa.net rapid-1.yottaa.net — Cisco Umbrella Rank: 20301 2yr old qoe-1.yottaa.net — Cisco Umbrella Rank: 16799 9yr old	2 KB
3	ipify.org api.ipify.org — Cisco Umbrella Rank: 1566 12yr old	324 B
3	cnstrc.com cnstrc.com — Cisco Umbrella Rank: 7410 11yr old ac.cnstrc.com — Cisco Umbrella Rank: 14856 8yr old	103 KB
2	fonts.net cdn.fonts.net — Cisco Umbrella Rank: 16986 5yr old	2 KB
1	linksynergy.com consent.linksynergy.com — Cisco Umbrella Rank: 28635 8yr old	282 B
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 8227 7yr old	13 KB
1	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 45771 13yr old	55 KB
1	gumgum.com px.gumgum.com — Cisco Umbrella Rank: 32116 9yr old	68 B
1	adentifi.com px.adentifi.com — Cisco Umbrella Rank: 12539 7yr old	55 B
1	google.com www.google.com — Cisco Umbrella Rank: 3 56yr old
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 670 8yr old	283 B
1	yottaa.com rapid-cdn.yottaa.com — Cisco Umbrella Rank: 18034 3yr old	45 KB
258	27

	Domain	Requested by
71	www.elfcosmetics.com	1 redirects www.elfcosmetics.com rapid-cdn.yottaa.com
21	www.googletagmanager.com	rapid-cdn.yottaa.com www.elfcosmetics.com
20	elfcosmetics.a.bigcontent.io	www.elfcosmetics.com
16	imgs.signifyd.com	rapid-cdn.yottaa.com imgs.signifyd.com
14	a42cdn.usablenet.com	rapid-cdn.yottaa.com a42cdn.usablenet.com
14	cdn.media.amplience.net	www.elfcosmetics.com
13	dev.visualwebsiteoptimizer.com	www.elfcosmetics.com rapid-cdn.yottaa.com
12	cdn.cookielaw.org	www.elfcosmetics.com cdn.cookielaw.org rapid-cdn.yottaa.com
10	sdk.iad-05.braze.com	www.elfcosmetics.com
7	collector-pxxt4gy2ig.px-cloud.net	www.elfcosmetics.com t.contentsquare.net
6	ade.googlesyndication.com	3 redirects
6	www.paypal.com	rapid-cdn.yottaa.com www.paypal.com
5	cdn-scripts.signifyd.com	rapid-cdn.yottaa.com cdn-scripts.signifyd.com
4	c.us.heap-api.com	www.elfcosmetics.com
3	c.contentsquare.net	t.contentsquare.net
3	sgtm.elfcosmetics.com	www.elfcosmetics.com www.googletagmanager.com
3	api.ipify.org	www.elfcosmetics.com
3	qoe-1.yottaa.net	rapid-cdn.yottaa.com
2	h.online-metrix.net	imgs.signifyd.com
2	dp.signifyd.com	cdn-scripts.signifyd.com
2	cdn.us.heap-api.com	rapid-cdn.yottaa.com
2	cdn.fonts.net	rapid-cdn.yottaa.com
2	cnstrc.com	www.elfcosmetics.com rapid-cdn.yottaa.com
1	w2txo5aaue5cx6s7mswasubdxgx3hgk4ztehw2up6c36d008005ef168am1.e.aa.online-metrix.net
1	h64.online-metrix.net	imgs.signifyd.com
1	consent.linksynergy.com
1	t.contentsquare.net	rapid-cdn.yottaa.com
1	tag.rmp.rakuten.com	rapid-cdn.yottaa.com
1	static.ordergroove.com	rapid-cdn.yottaa.com
1	ac.cnstrc.com	www.elfcosmetics.com
1	pagead2.googlesyndication.com	www.elfcosmetics.com
1	px.gumgum.com	www.elfcosmetics.com
1	px.adentifi.com	www.elfcosmetics.com
1	www.google.com	www.elfcosmetics.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	tzm.px-cloud.net	www.elfcosmetics.com
1	rapid-1.yottaa.net	rapid-cdn.yottaa.com
1	cdn.c1.amplience.net	www.elfcosmetics.com
1	rapid-cdn.yottaa.com	www.elfcosmetics.com
1	elfcosmetics.com	1 redirects
258	40

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.tiktok.com
www.instagram.com
www.pinterest.com
www.facebook.com
www.youtube.com
twitter.com
www.snapchat.com
www.linkedin.com
substack.com
policies.google.com
www.elfbeauty.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.elfcosmetics.com Certainly Intermediate R1	`2026-04-06` - `2026-05-06`	1mo	crt.sh
*.yottaa.com GlobalSign RSA OV SSL CA 2018	`2025-08-04` - `2026-09-05`	1yr	crt.sh
cnstrc.com Amazon RSA 2048 M02	`2025-08-20` - `2026-09-18`	1yr	crt.sh
*.bigcontent.io GeoTrust TLS RSA CA G1	`2025-08-27` - `2026-05-06`	8mo	crt.sh
dm.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-08-06` - `2026-08-14`	1yr	crt.sh
c1.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-24` - `2026-10-23`	1yr	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2025-08-25` - `2026-09-26`	1yr	crt.sh
tzm.px-cloud.net SSL2BUY EMEA ECC Domain Validation Secure Server CA	`2025-07-27` - `2026-08-26`	1yr	crt.sh
px-cloud.net WR3	`2026-03-12` - `2026-06-10`	3mo	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2025-06-30` - `2026-07-06`	1yr	crt.sh
ipify.org WE1	`2026-03-01` - `2026-05-30`	3mo	crt.sh
cookielaw.org WE1	`2026-03-26` - `2026-06-24`	3mo	crt.sh
*.google-analytics.com WE2	`2026-03-30` - `2026-06-22`	3mo	crt.sh
geolocation.onetrust.com WE1	`2026-03-26` - `2026-06-24`	3mo	crt.sh
*.google.com WR2	`2026-03-30` - `2026-06-22`	3mo	crt.sh
*.adtheorent.com WR3	`2026-04-09` - `2026-07-09`	3mo	crt.sh
*.ie-adex-prd-eks-1.ggops.com Amazon RSA 2048 M04	`2026-02-25` - `2026-09-10`	7mo	crt.sh
sgtm.elfcosmetics.com WR3	`2026-04-08` - `2026-07-07`	3mo	crt.sh
*.g.doubleclick.net WE2	`2026-03-30` - `2026-06-22`	3mo	crt.sh
fonts.net WE1	`2026-03-14` - `2026-06-12`	3mo	crt.sh
www.paypal.com DigiCert EV RSA CA G2	`2025-12-22` - `2026-08-04`	7mo	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2025-08-16` - `2026-09-07`	1yr	crt.sh
tag.rmp.rakuten.com WR3	`2026-02-26` - `2026-05-27`	3mo	crt.sh
a42cdn.usablenet.com WE1	`2026-04-03` - `2026-07-02`	3mo	crt.sh
t.contentsquare.net Amazon RSA 2048 M04	`2025-12-09` - `2027-01-07`	1yr	crt.sh
consent.linksynergy.com WR3	`2026-02-27` - `2026-05-28`	3mo	crt.sh
sdk.iad-05.braze.com WE1	`2026-03-28` - `2026-06-26`	3mo	crt.sh
cdn.us.heap-api.com Amazon RSA 2048 M04	`2026-04-16` - `2026-10-30`	7mo	crt.sh
dep.ba.contentsquare.net R13	`2026-04-04` - `2026-07-03`	3mo	crt.sh
c.us.heap-api.com Amazon RSA 2048 M01	`2025-12-04` - `2027-01-02`	1yr	crt.sh
cdn-scripts.signifyd.com WR3	`2026-03-02` - `2026-05-31`	3mo	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2025-10-27` - `2026-06-01`	7mo	crt.sh
*.signifyd.com Amazon RSA 2048 M03	`2025-08-12` - `2026-09-09`	1yr	crt.sh
online-metrix.net GlobalSign RSA OV SSL CA 2018	`2025-09-10` - `2026-10-12`	1yr	crt.sh
*.aa.online-metrix.net GlobalSign RSA OV SSL CA 2018	`2025-09-10` - `2026-10-12`	1yr	crt.sh

This page contains 8 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: 105DFB40627574514672A2A2979208A0
Requests: 225 HTTP requests in this frame

Frame: https://sgtm.elfcosmetics.com/_/service_worker/63b0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmetics.com&1p=1
Frame ID: BC929598960159A6A8BBCECB991F6177
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&deviceID=uid_6bd8052b46_mdm6mdc6nde&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.80.0&integrationType=SDK
Frame ID: C4A13FD21428793A2374D099A20DAE41
Requests: 4 HTTP requests in this frame

Frame: https://cdn-scripts.signifyd.com/o/lite.js?sessionId=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz&ping=false&profile=true&pageURL=https%253A%252F%252Fwww.elfcosmetics.com%252F
Frame ID: 1C92D76730622767683ACC5CD2FE81B6
Requests: 4 HTTP requests in this frame

Frame: https://imgs.signifyd.com/K3cwMuta2EMZoscZ?174a6929d861375a=8GjmPcZCNDYpXNVk-xje8JRNLP77O6vptFyA5z177EOzsfFRzaGdfQQo_sojv1Gfo6sQsllxHCEQqWXAjjL3ynJOkTix-MkaNFJk4LFXQIqZxbjKZ4dNOTo90tBRKQwtsuUIASjKVSkMgsLhNsdWW5yL6Llqgf03b2fZc1Hh4Q3PKLY3fTO4Nav-aQ_9xaW3GtIioqWVbYsSo2OQ&jb=3d3a2c2e6279657d374c6b6e7f7a2e68796f3f4661647d702e6a7b607f3d436a786f6d6f2e60796a3549627a656d6725383239363d
Frame ID: 62D0DDBDCE9456A95F11BC2882F0EDBB
Requests: 13 HTTP requests in this frame

Frame: https://imgs.signifyd.com/1pEEdl7VbUozVJMi?af10aebaaf318848=gtxuPg0n0siWx1lBBSyjlhQtf6TJJrjf9MWwMatxW0jtlkhXdZgY5EkO28BUXq7rGX6AuJgdyuIOOsX-dXKTOP-XgMHcna27y2ZCx5u78LKoE5Z5yFMaDeKZb5lW4q9QwhkyHVFLOCk4WJT_86RyXv5Q0O0iaLPrIzYVdFsAMXnHcresmowptVaN8WLQ-GAmRjROzfeJNYv5aGEZhuI
Frame ID: 0A663453FE2DD9ED91C605503A79AF2C
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/pZRHn0FAY0Ai5DCI?45efeab190a73ca4=vSrT7ZNYQrh7D62YGEWPrkPmIRhAuARXGb8DMU0BX5xcvQ0c6jPhfjYhvscnuMBxH1pyj6SvweTu0eVAC8uJtmeRG61bzZB6yxT2NcAqZrQ04R_UMcX7gq_p2QG-W74XlTYU5rYRMjaRsGN1-AwcJxouteMbhdVyH8bbZNvGP1ddV6HaEynlzU92Xg3R4PPGpM5VP22JOskqRXOUZxtq
Frame ID: C79ECAA80BBACE12F2F5C5955A9B52C5
Requests: 2 HTTP requests in this frame

Frame: https://imgs.signifyd.com/m4EgRZAcfi5obpvL?9df73010cd7e3b37=owK1nfUwS6Q-LTmGYe-Ou_FF3WMeeacqi6x5Llmu-R9b6c0RuEiIQX9_LpRZxO_flFB_5r6J5VYv-wzKPP3VMAgz5aK19A8CRnYrRNlj8GhhTtVcPro87c3tAE7cRsd8kI-jiabk3rrXRRBr8HtOCqHn0kalsZ3COJUKyLSyU1ENGhtqygYoSEUcfnbk9nCGklnKiBtUkNMr7XLsizIV
Frame ID: 6A729B7BA83D5B8BFFC7E9FBBF06A75C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e.l.f. Cosmetics: Affordable Makeup & Skincare - Cruelty Free | e.l.f. Cosmetics

Page URL History Show full URLs

http://elfcosmetics.com/ HTTP 307
https://elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Constructor.io (Search engines) Expand

Overall confidence: 100%
Detected patterns

\.cnstrc\.com/

React (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Ordergroove (Payment processors) Expand

Overall confidence: 100%
Detected patterns

\.ordergroove\.com/

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
\.googletagmanager\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com
\.linksynergy\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/

Yottaa (Tag managers) Expand

Overall confidence: 100%
Detected patterns

cdn\.yottaa\.\w+/

Contentsquare (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.contentsquare\.net/

ipify (Geolocation) Expand

Overall confidence: 100%
Detected patterns

\.ipify\.org

Rakuten Advertising (Advertising) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

Signifyd (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.signifyd\.com

ThreatMetrix (Security) Expand

Overall confidence: 100%
Detected patterns

\.online-metrix\.net

Page Statistics

258
Requests

97 %
HTTPS

0 %
IPv6

27
Domains

40
Subdomains

40
IPs

5
Countries

8636 kB
Transfer

23650 kB
Size

37
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/e-l-f-cosmetics-skincare/id1488721704

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.follow.ElfCosmetics

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-beauty

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elfskincare/

Search URL Search Domain Scan URL

URL: https://substack.com/@elfbeauty

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/work-with-us
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://elfcosmetics.com/ HTTP 307
https://elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=gpLV1x6JTJIfUJTOlDhW1cZ8qfMz5if_oGrhq3R2ufQ HTTP 303
https://www.elfcosmetics.com/callback?usid=acfa905d-4b5d-408d-8d4a-ddb6b87a6e3d&code=3GPFH0_SHpgJM_STsBX1VoZeUtAUB4peBEiBCK3W9G0

Request Chain 115

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;rcb=1;ord=4126841700155;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COO91_K19pMDFW8PogMdyeoDuQ;type=elf8j0;cat=glo_flap;rcb=1;ord=4126841700155;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com

Request Chain 116

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;rcb=6;ord=4902066345035;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181619921z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115616985~115938465~115938468~117266401;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPW91_K19pMDFYEPogMdQjk2kQ;type=retarget;cat=globa0;rcb=6;ord=4902066345035;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181619921z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115616985~115938465~115938468~117266401;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com

Request Chain 140

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;rcb=1;ord=5984530604143;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CNra8_K19pMDFTYJogMdryQQQw;type=elf8j0;cat=glo_flhp;rcb=1;ord=5984530604143;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com

258 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elfcosmetics.com/
Redirect Chain

http://elfcosmetics.com/
https://elfcosmetics.com/
https://www.elfcosmetics.com/

4 MB
1 MB

895ms
781ms

Document
text/html

151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

CloudFront /

Resource Hash

952aefb2c7d9ea58c8e7ddf3cbe793f591564090a038f256f43d111bce90c977

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31557600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

accept-ranges: none
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-security-policy
content-type: text/html; charset=utf-8
date: Sat, 18 Apr 2026 03:07:35 GMT
server: CloudFront
strict-transport-security: max-age=31557600
vary: Accept-Encoding
via: 1.1 5eaf2d59cfe709772e71a72f64052d16.cloudfront.net (CloudFront), 1.1 varnish
x-amz-apigw-id: b_tKtHCGCYcELSA=
x-amz-cf-id: rRf9pOKUwr-oswb7roswZTVOLhAGSdEd6gD9gXfkbpL25OHIc-APGA==
x-amz-cf-pop: LIS50-P2
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-content-length: 3757669
x-amzn-remapped-date: Sat, 18 Apr 2026 03:07:35 GMT
x-amzn-requestid: f1d92195-bc7e-4dac-9e1b-f43b0caf190a
x-amzn-trace-id: Root=1-69e2f577-7d8e7b1036fa8ab007631c99;Parent=5311f2aca9c494e0;Sampled=0;Lineage=1:2b75b0e9:0
x-cache: Miss from cloudfront, MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-fastly-service-version: 10
x-served-by: cache-lis1490055-LIS, cache-lis1490050-LIS
x-timer: S1776481655.196109,VS0,VE731

Redirect headers

accept-ranges: bytes
cache-control: max-age=86400
content-length: 0
date: Sat, 18 Apr 2026 03:07:34 GMT
location: https://www.elfcosmetics.com/
retry-after: 0
server: Varnish
strict-transport-security: max-age=31557600
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-pdk-kfty8610073-PDK
x-timer: S1776481655.978220,VS0,VE0

GET
H2 200 fEtvnY4kcCu-GA.js Show response
rapid-cdn.yottaa.com/rapid/lib/ 148 KB
45 KB 338ms
218ms Script
text/javascript 151.101.66.133
Fastly

General

Check archive.org

Download Go to

Full URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6b370b52a8b6c0af3282e80d630323a04e734136bb9bda5478f55a8a881dea9b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=1800, s-maxage=604800
timing-allow-origin: *
content-encoding: gzip
x-timer: S1776481656.339676,VS0,VE169
age: 0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS
content-length: 45586
date: Sat, 18 Apr 2026 03:07:36 GMT
content-type: text/javascript;charset=utf-8
x-served-by: cache-lis1490022-LIS
x-cache-hits: 0
vary: Accept-Encoding

GET
H2 200 init.js Show response
www.elfcosmetics.com/XT4Gy2ig/ 225 KB
103 KB 59ms
59ms Script
application/javascript 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/XT4Gy2ig/init.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

Resource Hash

b93d08841ee99f8a2e91702a283169c275c7ef6721cfaf6b0f71a7e80fe4d666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: active-cdn,x-served-by
content-encoding: gzip
etag: "38559-UdBt4qDBZNe0qI0c0KDgwJJ7Jjs"
age: 74201
x-cache: HIT
date: Sat, 18 Apr 2026 03:07:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-lis1490050-LIS
x-cache-hits: 2
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: max-age=600
x-px-hash: MDcwMWQxZWQzMDZkYjk5NjU2MmRmZGI5ZWExZjI1OWQxYzYxMDFlODNkZDUyOTE5YzhlODBhODZkMWQ2Y2EzMQ==
active-cdn: fastly
via: 1.1 google, 1.1 varnish, 1.1 google, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 105389
x-px-cs-source: gcsb

GET
H2 200 1c68e318-a896-4137-9bd5-7b3cbc877af1_enhanced.js Show response
www.elfcosmetics.com/mobify/bundle/15888/static/fonts/ 348 B
764 B 66ms
66ms Script
application/javascript 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/fonts/1c68e318-a896-4137-9bd5-7b3cbc877af1_enhanced.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a01a95342841b01ccf69c8b1f171e87087f3d1de5e1c4ecdfbbb61c76994526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: "6c423f2713244fc35e2cc3cb822de4c8"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: HQuH-ASPTGdibPu1rVX_Eb3auFXSGURMNlZ6aD0WfbCw1DrS0uzA7A==
date: Sat, 18 Apr 2026 03:07:36 GMT
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
content-type: application/javascript; charset=utf8
x-served-by: cache-iad-kiad7000079-IAD, cache-iad-kiad7000079-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 100, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481656.220632,VS0,VE1
via: 1.1 769335ba1b0b8b72b720b3358de32b58.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 262
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 elf_beauty_5lQA8q.js Show response
cnstrc.com/js/cust/ 367 KB
103 KB 317ms
117ms Script
text/javascript 3.174.46.60
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://cnstrc.com/js/cust/elf_beauty_5lQA8q.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.174.46.60 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-3-174-46-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab950f45c68248e7e7723462339df66f418394eceeeca4c3a2ed74bacc96b213

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

vary: Accept-Encoding
cache-control: public, max-age=1800
content-encoding: gzip
etag: W/"02683592561a8152dc0ce5661f77fea8"
age: 578
via: 1.1 3ae34da451a19efe92d6bea00849f488.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: SmeJJ2vZN-IQx4zsMdNJL-iHhqjbtAfHyfFmoWu7uI9GMvcrFdShfQ==
date: Sat, 18 Apr 2026 02:58:07 GMT
content-type: text/javascript
last-modified: Thu, 16 Apr 2026 22:29:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P12
x-amz-server-side-encryption: AES256

GET
H2 200 elf-halo-glow-xxlippie-2026-4-nav-card
elfcosmetics.a.bigcontent.io/v1/static/ 59 KB
59 KB 495ms
239ms Image
image/jpeg 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/elf-halo-glow-xxlippie-2026-4-nav-card
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 2895f8d61a1ed3c321ce51d5988953a1249ea32435c4cf6f5a4f0e1bf59665fa

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60454
date: Sat, 18 Apr 2026 03:07:36 GMT
x-amp-srv: A
content-type: image/jpeg
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 barrier-goals-2026-1-nav-card
elfcosmetics.a.bigcontent.io/v1/static/ 88 KB
88 KB 405ms
149ms Image
image/jpeg 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/barrier-goals-2026-1-nav-card
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: fddc18e038a03d661f91034e9ffa81856ae1551f3289467ff8d8f2f2bf2dec6a

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 89933
date: Sat, 18 Apr 2026 03:07:36 GMT
x-amp-srv: A
content-type: image/jpeg
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 elf-cos-2025-8-21-article-nav-card
elfcosmetics.a.bigcontent.io/v1/static/ 62 KB
62 KB 103ms
103ms Image
image/jpeg 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/elf-cos-2025-8-21-article-nav-card
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: ef3bc5c60261ed32d35c136578f9b2787a1ce5e18f761f0970de419378971800

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 63522
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/jpeg
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/ 9 KB
1000 B 148ms
147ms Image
image/svg+xml 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/us.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"2b3ee98009fe98bcf2eee0f90a48466a"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: fRxhPPYIksyeZrfwOaAwTUJNd83-FAU949Mgxm9QpObCU77P_sz2uQ==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/svg+xml
last-modified: Wed, 15 Apr 2026 19:33:52 GMT
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200077-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 80, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.186719,VS0,VE98
via: 1.1 359a68a211613a0b498b726183099110.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 681
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 Icon-BeautySquad-Logo-png
elfcosmetics.a.bigcontent.io/v1/static/ 7 KB
7 KB 395ms
141ms Image
image/png 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/Icon-BeautySquad-Logo-png?%24Desktop%24=&fmt=auto
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 359722b660d0b4a5afb34561728a3918b96bdccf3a3cddc4291ee4cd15f65c3f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6783
date: Sat, 18 Apr 2026 03:07:36 GMT
x-amp-srv: A
content-type: image/png
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 loyalty-bar-icon-three-times-points-B
elfcosmetics.a.bigcontent.io/v1/static/ 4 KB
4 KB 362ms
109ms Image
image/png 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/loyalty-bar-icon-three-times-points-B?%24Desktop%24=&fmt=auto
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: d25310b969fda699a92ce9c02a3c594f6bd9b1fb05da572ece3073830df702a4

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3731
date: Sat, 18 Apr 2026 03:07:36 GMT
x-amp-srv: A
content-type: image/png
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 BS_ScanReciepts_Icon_SnapPhoto
elfcosmetics.a.bigcontent.io/v1/static/ 12 KB
12 KB 348ms
95ms Image
image/png 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/BS_ScanReciepts_Icon_SnapPhoto?%24Desktop%24=&fmt=auto
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 3547f930234f2f9f4a517aadd276d4f80b22d56fb53ac3cb6a688f6b3dc519f7

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12207
date: Sat, 18 Apr 2026 03:07:36 GMT
x-amp-srv: A
content-type: image/png
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 elf-clean_infinite
elfcosmetics.a.bigcontent.io/v1/static/ 946 B
683 B 111ms
108ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/elf-clean_infinite
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: cd3627a418a036de767cd17f27ff6108ecbf59d3acf507e4dca9e94751ee5f5d

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 399
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 vegan_infinite
elfcosmetics.a.bigcontent.io/v1/static/ 680 B
553 B 111ms
109ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/vegan_infinite
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 901339b0b0436e18401988eb25849a9c7a4223bd5b8aff2741e9a4cff961e9f9

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 269
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 cruelty-free-icon_infinite
elfcosmetics.a.bigcontent.io/v1/static/ 6 KB
3 KB 111ms
110ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/cruelty-free-icon_infinite
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: f040fd671bf59a1f6d2f5bfe57d619df1e4e5ccbf576e2981e03b4e170e7cac0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2959
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 fair-trade_infinite
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
878 B 113ms
112ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/fair-trade_infinite
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 6a3f829d1abf4c119c5524877aacd2ed386e8d5a01278258b0a6a5b956bc68e8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 594
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 75_percent_logo
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
991 B 112ms
110ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/75_percent_logo
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: d3e909041e087aae1adf905e2315176457fbe34fe2673078e083b725d5e5a721

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 707
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 0325_HP-Desktop-GIF_Build-Your-SkinKit_US_Updated
elfcosmetics.a.bigcontent.io/v1/static/ 2 MB
2 MB 112ms
111ms Image
image/gif 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/0325_HP-Desktop-GIF_Build-Your-SkinKit_US_Updated
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 772a995f1c010dc597942a3d44ab002671ae8d2ebbb40077abfa4a9793801e08

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1694389
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/gif
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 BS_Exclusives_Badge-2024-min
elfcosmetics.a.bigcontent.io/v1/static/ 9 KB
4 KB 173ms
171ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/BS_Exclusives_Badge-2024-min?fmt=auto
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: b7503b96691e4ac8306ed320f8c99f045299a35454bb515e96ba72efc46dd9bf

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3822
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 loyalty-rewards-2025-9-squeeze-me-lip-balm-strawberry
cdn.media.amplience.net/i/elfcosmetics/ 3 KB
3 KB 345ms
104ms Image
image/avif 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/loyalty-rewards-2025-9-squeeze-me-lip-balm-strawberry?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

e4f685fed7eec70bbe2c8b84185cec63b25d31e50ed9a93f6a96bd68cd8a1b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: S6qhhUVPh,l4p5bDg2e,Vz1xsRk3n,WepA0szpz
x-amp-source-width: 780
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/avif
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: R4Z_4KJR0E
x-amp-source-height: 780
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3231
x-amp-published: Tue, 09 Sep 2025 18:50:06 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 loyalty-rewards-2026-4-mini-holy-hydration-makeup-melting-cleansing-balm
cdn.media.amplience.net/i/elfcosmetics/ 4 KB
4 KB 338ms
96ms Image
image/avif 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/loyalty-rewards-2026-4-mini-holy-hydration-makeup-melting-cleansing-balm?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

16e7f1bc90315db7e4e9b206c7b14333c33d7bd1c7cea267040d3473781311d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: 80-ldXm8x,l4p5bDg2e,Oa5cO21go,WepA0szpz
x-amp-source-width: 780
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/avif
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: qyYMDgCEyL
x-amp-source-height: 780
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4157
x-amp-published: Mon, 13 Apr 2026 15:35:14 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 loyalty-rewards-2026-4-lash-it-out-travel-size-mascara
cdn.media.amplience.net/i/elfcosmetics/ 5 KB
5 KB 337ms
96ms Image
image/avif 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/loyalty-rewards-2026-4-lash-it-out-travel-size-mascara?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

fb3eb67320d9c0fbeee2676252be96ccedd2fec0fde1e89c34c84f5dd24c7839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: f-RAIbQJ_,l4p5bDg2e,URfkVfn7L,WepA0szpz
x-amp-source-width: 780
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/avif
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: e-tWWHHBna
x-amp-source-height: 780
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5267
x-amp-published: Mon, 13 Apr 2026 15:44:53 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 locale-link-rewriter-0.0.6.min Show response
cdn.c1.amplience.net/c/elfcosmetics/ 1 KB
1 KB 413ms
179ms Script
application/javascript 2.17.147.171
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://cdn.c1.amplience.net/c/elfcosmetics/locale-link-rewriter-0.0.6.min
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.171 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5961f606a750c97c54e314cff4d728027e697313bec97de256d8cfa66eda1157

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=120, s-maxage=1800
content-length: 1295
date: Sat, 18 Apr 2026 03:07:37 GMT
x-amp-srv: A
content-type: application/javascript; charset=utf-8

GET
H2 200 GET_APP_QRCODE.png
www.elfcosmetics.com/mobify/bundle/15888/static/img/ 233 KB
234 KB 55ms
54ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/img/GET_APP_QRCODE.png

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

37ae0f6206a187eba0631a4f608cfb337bed4c1823248eca9cd692bac61f6de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
fastly-io-info: ifsz=498632 idim=3000x3000 ifmt=png ofsz=239101 odim=3000x3000 ofmt=avif
etag: "k1azwcL+PhjxyAVWfnfaKbg5Mfjcki5BI7qDEd8bqM4"
age: 200008
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: bUCjUcx3wTmVuwQeK5ZyXJZpgm7354Z-Ac7OIGhqEx6ONBdE1guIvg==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/avif
x-served-by: cache-iad-kiad7000022-IAD, cache-iad-kjyo7100047-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 80, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.194236,VS0,VE1
via: 1.1 dee8b83cfc5bbd3e21ee2db7b2bb9b10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 239101
fastly-io-served-by: img17-us-east4
fastly-io-transform-stats: ifsz=498632 ofsz=239101 ofmt=avif
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 runtime.js Show response
www.elfcosmetics.com/mobify/bundle/15888/ 6 KB
3 KB 52ms
52ms Script
application/javascript 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/runtime.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

45634d5e63702aa7be310b3a31ea58a6540d68d0c46bfd0964b39c276fdf56fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"dd2af234186e224e0adeee5d423ce4a6"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: WDHHq3KnHxIWwPzkPJtkE5IGmwW9KVgcxw8CupCq3Mgo_sXQELKiUA==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
x-served-by: cache-iad-kcgs7200092-IAD, cache-iad-kcgs7200164-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 493, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.193705,VS0,VE1
via: 1.1 a600e3c81bf9abac46be91cc4659d176.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 2437
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 main.js Show response
www.elfcosmetics.com/mobify/bundle/15888/ 5 MB
1 MB 51ms
50ms Script
application/javascript 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/main.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

259716f49c49daee34485d866bc2849e27bee25c0b1741629c94dc5616f8cf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"d5d72ee48106388aec1a71c11d282551"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 3QK3hZN4g194UyVQpw2avcmBuR9s7SyhQBjKtZ_94IbfMSEdFaiPzQ==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
x-served-by: cache-iad-kjyo7100036-IAD, cache-iad-kjyo7100036-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 99, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.193679,VS0,VE1
via: 1.1 dee8b83cfc5bbd3e21ee2db7b2bb9b10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 1468448
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 elf-components-Pages-Home-Home-page.js Show response
www.elfcosmetics.com/mobify/bundle/15888/ 9 KB
4 KB 52ms
51ms Script
application/javascript 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/elf-components-Pages-Home-Home-page.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e1fd69a8b5bc42033c937dc7e7a12893511d26bbebfc493a1e86e4ab678d211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"0b9f6cb3a5428e49cb43cd8376c5b41d"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: KojzYQcD_wxAqdxvOme41MMRG7vut4p2lw80Ulxhe45CCqRfwL04IQ==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
x-served-by: cache-iad-kcgs7200057-IAD, cache-iad-kcgs7200057-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 46, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.193658,VS0,VE1
via: 1.1 1868304b901c3b411b0cd02f39bf4362.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 3493
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 configure.rapid.js Show response
rapid-1.yottaa.net/api/v1/ 4 KB
1 KB 536ms
170ms XHR
text/javascript 13.248.191.155
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://rapid-1.yottaa.net/api/v1/configure.rapid.js?key=fEtvnY4kcCu-GA&ul=pt-PT&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=&sd=24&sr=1600,1200&vp=1600,1200&ct=4g&rtt=150
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.191.155 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: a03bd531e8ce9952c.awsglobalaccelerator.com
Software: /
Resource Hash: 9857293ff548d348d46ad86654f07235abd3c2fd328cc994aa1a4e7ff620ab7a

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
x-yottaa-optstate: active
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 531ms
168ms Ping
text/json 99.83.184.193
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.184.193 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: a0540a066b92ce4ca.awsglobalaccelerator.com
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: *
access-control-expose-headers: X-Results-Data-Source
timing-allow-origin: *
cache-control: no-cache
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: text/json
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 340 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff68d29e05506e8c548f52f038b737a8283df557609548c6c847f5d58bf20f63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ns Show response
tzm.px-cloud.net/ 172 B
306 B 297ms
77ms XHR
text/html 34.36.73.246
Google LLC

General

Check archive.org

Download Go to

Full URL: https://tzm.px-cloud.net/ns?c=c0c60770-3ad3-11f1-bcb5-8349fca49bd0
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.36.73.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 246.73.36.34.bc.googleusercontent.com
Software: /
Resource Hash: 1e960aae666e24ae7b1ee42d60f23251c323e441159efe4740ae7259ce5f2217

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Access-Control-Allow-Origin: *
Content-Length: 172
Date: Sat, 18 Apr 2026 03:07:36 GMT
Content-Type: text/html

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 1 KB
1 KB 328ms
176ms XHR
application/json 34.120.250.63
Google LLC

General

Check archive.org

Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.250.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 63.250.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 8e19c49cfc5724234094b0d23726e0eec36741a4f68e53a178167769a1b8964a

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1276
date: Sat, 18 Apr 2026 03:07:36 GMT
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 67 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81119f72ed1baa0464fa788f77a2d128e5729126276391acd850895daeff759c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 97 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d174b70da512e5e6c28f07c8aea116eff6772a7682d7d7d8f1aa04ef5a44627b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 20 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7459acbaddc31605486f947f034116771b19983c18431a98a87ea398a05c719b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 FuturaNowText-XBd.otf
www.elfcosmetics.com/mobify/bundle/15888/static/fonts/ 95 KB
57 KB 51ms
50ms Font
application/x-font-otf 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/fonts/FuturaNowText-XBd.otf

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

79abc1e352d107d086e2c18d911facc81aa110dcc3fd570013cb02767c7681c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://www.elfcosmetics.com
sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: "b96ab814719199d50aedad21821b6d57"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: aZaFu4-m7XmH_CEPi5eUQDzNQPU0KyvNeEPX2CFEy78V5Bm7bd-WUA==
date: Sat, 18 Apr 2026 03:07:37 GMT
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
content-type: application/x-font-otf
x-served-by: cache-iad-kiad7000059-IAD, cache-iad-kiad7000121-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 88, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.273658,VS0,VE1
via: 1.1 8ed049e850641857b8159b937b790558.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 57683
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 FuturaNowText-Rg.otf
www.elfcosmetics.com/mobify/bundle/15888/static/fonts/ 92 KB
55 KB 52ms
52ms Font
application/x-font-otf 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/fonts/FuturaNowText-Rg.otf

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca489e9eed79215a9784c38910dbf5776b50dc584f0c0ff17b19c13a6fdf567d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://www.elfcosmetics.com
sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: "c104bcc99c277e2cd475e3209c10fe46"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: FSXg84CO1qdKm2QYdAZCx_cDsCsTCiLANQYRfUGj7hHnpBGXpbcYwg==
date: Sat, 18 Apr 2026 03:07:37 GMT
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
content-type: application/x-font-otf
x-served-by: cache-iad-kjyo7100153-IAD, cache-iad-kjyo7100071-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 87, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.273747,VS0,VE1
via: 1.1 8ed049e850641857b8159b937b790558.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 55983
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 FuturaNowText-XBlk.otf
www.elfcosmetics.com/mobify/bundle/15888/static/fonts/ 90 KB
54 KB 51ms
50ms Font
application/x-font-otf 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/fonts/FuturaNowText-XBlk.otf

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9e260f144aa9f1ccf463795eae37bebcb36dd1a38799b1dd77bb55a53bbbaeea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://www.elfcosmetics.com
sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: "36e89eed265e33a8b107a0ced4207ae4"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: aEMZj2Lg098CghOzNdsnhjMig9QEqMxd9HEzo4hVmRQ0UW9MnURqAw==
date: Sat, 18 Apr 2026 03:07:37 GMT
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
content-type: application/x-font-otf
x-served-by: cache-iad-kjyo7100095-IAD, cache-iad-kjyo7100086-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 367, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.291400,VS0,VE1
via: 1.1 f5a521b0c23723affbc04087b799247e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 54553
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 FuturaNowText-XBdIt.otf
www.elfcosmetics.com/mobify/bundle/15888/static/fonts/ 96 KB
58 KB 51ms
51ms Font
application/x-font-otf 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/fonts/FuturaNowText-XBdIt.otf

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11ec800dc96a8e2c796de352ca7d7b4eb19ec54df559222ea77ee5a34699cce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://www.elfcosmetics.com
sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: "1ff22b7a48a547d96057b0a37846178e"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: DJNvrItiyOcVOsY37clgitQqJTgNuZSIp1Fo6xNuPEPCWO9TCGIt4g==
date: Sat, 18 Apr 2026 03:07:37 GMT
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
content-type: application/x-font-otf
x-served-by: cache-iad-kcgs7200116-IAD, cache-iad-kcgs7200116-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 57, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.291403,VS0,VE1
via: 1.1 000a463d8b8776d3a29c30db441ca64e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 58710
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/ 9 KB
0 0ms
0ms Image
image/svg+xml 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/us.svg
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"2b3ee98009fe98bcf2eee0f90a48466a"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: fRxhPPYIksyeZrfwOaAwTUJNd83-FAU949Mgxm9QpObCU77P_sz2uQ==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/svg+xml
last-modified: Wed, 15 Apr 2026 19:33:52 GMT
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200077-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 80, 0
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.186719,VS0,VE98
via: 1.1 359a68a211613a0b498b726183099110.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 681
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 32 KB
10 KB 211ms
85ms XHR
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/j.php?a=1128438&u=https%3A%2F%2Fwww.elfcosmetics.com%2F&vn=2.2&ph=1&st=3945.5&x=true

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gbel1 /

Resource Hash

254335604d7965bce30438134e20dab44eddf961d41f0744ed2cd46ff61fdaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: gbel1

GET
H2 200 / Show response
api.ipify.org/ 21 B
154 B 263ms
161ms Fetch
application/json 104.26.12.205
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f6c6dc782210b09202d3345329a22a2a0c87aa5753a295849cc86f3955fe2f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: DYNAMIC
cf-ray: 9ee075de8892f369-LIS
access-control-allow-origin: *
content-length: 21
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 26 KB
9 KB 173ms
64ms Script
application/javascript 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/15888/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0dc0f2c2b6053e08bcaf54fed36660cd737ea710d9200b7bc95e365a537fb63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: ZbblqHgYfYwE/+Lbw8uZdA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DE93850741EAB5
x-ms-lease-status: unlocked
age: 77903
cf-cache-status: HIT
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: application/javascript
last-modified: Mon, 06 Apr 2026 02:34:29 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6c7dd8ae-901e-006f-5e86-c53b5e000000
cf-ray: 9ee075de9fac4813-LIS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8705
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 / Show response
api.ipify.org/ 21 B
73 B 420ms
161ms Fetch
application/json 104.26.12.205
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f6c6dc782210b09202d3345329a22a2a0c87aa5753a295849cc86f3955fe2f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: DYNAMIC
cf-ray: 9ee075df8951f369-LIS
access-control-allow-origin: *
content-length: 21
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H2 200 / Show response
api.ipify.org/ 21 B
97 B 578ms
161ms Fetch
application/json 104.26.12.205
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f6c6dc782210b09202d3345329a22a2a0c87aa5753a295849cc86f3955fe2f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: DYNAMIC
cf-ray: 9ee075e08a06f369-LIS
access-control-allow-origin: *
content-length: 21
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H2 200 searchsession Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
273 B 434ms
434ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/searchsession?locale=en-US&profile_id=&session_id=

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481659.549750,VS0,VE384
via: 1.1 varnish
accept-ranges: bytes
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lis1490045-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 687 KB
192 KB 295ms
112ms Script
application/javascript 142.251.20.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

54cfd47adf48962e722e3c20d0b23d0302f6023ecc9d1a3eca0dd0a174e40921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sat, 18 Apr 2026 03:07:38 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 195872
date: Sat, 18 Apr 2026 03:07:38 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 FuturaNowText-It.otf
www.elfcosmetics.com/mobify/bundle/15888/static/fonts/ 93 KB
57 KB 50ms
50ms Font
application/x-font-otf 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/static/fonts/FuturaNowText-It.otf

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a3ea6210c61e538cbf8b02514a86d2395b55d270193fbd164eb79e65814074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://www.elfcosmetics.com
sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: "257c686f54d5ea20238ada51533f5fb6"
age: 200008
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 4pao4OfqRFaerXmhj-qUT0VWTt7_NbRQ8u6czfiX39lJRwcxJWrMpg==
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: application/x-font-otf
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
x-served-by: cache-iad-kiad7000038-IAD, cache-iad-kiad7000038-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 58, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481659.705533,VS0,VE1
via: 1.1 4fa217901cda1990ecc84ec2341185f2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 57657
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-HEADLINE_D
cdn.media.amplience.net/i/elfcosmetics/ 9 KB
10 KB 101ms
99ms Image
image/avif 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-HEADLINE_D?fmt=auto&qlt=80

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

454376943eacb6ad3b856a4a53178547f38c7d257f8a9941bc0b3b0d84517637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: wG-kH4nhk,l4p5bDg2e,8DJKedv1J,WepA0szpz
x-amp-source-width: 1029
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/avif
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: aRO1UH_CPm
x-amp-source-height: 330
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9488
x-amp-published: Thu, 16 Apr 2026 20:25:21 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-1_D
cdn.media.amplience.net/i/elfcosmetics/ 175 KB
175 KB 256ms
255ms Image
image/webp 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-1_D?%24Desktop%24=&fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

5ff9f284a3af21d9fb6ee980cf339db53ea3ff43eba06288812ef7a7015701bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: vGGE3y5Z0,l4p5bDg2e,mF-g78ke7,x5i0YPYAC,DtzGFM5oJ
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/webp
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: U2c1mIsDOZ
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 178908
x-amp-published: Thu, 16 Apr 2026 20:25:21 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-2_D
cdn.media.amplience.net/i/elfcosmetics/ 194 KB
194 KB 257ms
255ms Image
image/webp 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-2_D?%24Desktop%24=&fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

7f1eac781425d4d98598a91b9d199b8fd4b64a47d8992b41f8d2c59a07f44c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: 7Bcx6Um69,l4p5bDg2e,mF-g78ke7,UduAly1cl,DtzGFM5oJ
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/webp
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: xIdxlV6JYS
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 198242
x-amp-published: Thu, 16 Apr 2026 20:25:21 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 micro-fine-brow-pencil-PROS-2026-4-hero-carousel-IMAGE_D
elfcosmetics.a.bigcontent.io/v1/static/ 80 KB
80 KB 114ms
113ms Image
image/jpeg 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/micro-fine-brow-pencil-PROS-2026-4-hero-carousel-IMAGE_D?%24Desktop%24=&fmt=auto
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 0a32c18b9f9dacd36d16cc55ded479c3c22af0dbb417f49ba1bc9e39c588ba23

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81824
date: Sat, 18 Apr 2026 03:07:38 GMT
x-amp-srv: A
content-type: image/jpeg
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 halo-glow-xxlippie-2026-4-launch-hero-carousel-BACKGROUND_D
cdn.media.amplience.net/i/elfcosmetics/ 66 KB
67 KB 108ms
107ms Image
image/avif 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-xxlippie-2026-4-launch-hero-carousel-BACKGROUND_D?fmt=auto&qlt=80

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

55a659ada45be317956dd3f9d03ee17016907f76fe0a4cd2c9bac2ae004eb0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: TdmEmiz-a,l4p5bDg2e,vNdYECH8B,WepA0szpz
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/avif
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: pASCf02zxy
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67900
x-amp-published: Thu, 16 Apr 2026 20:25:21 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 halo-glow-xxlippie-2026-4-launch-hero-carousel-IMAGE-1_D
cdn.media.amplience.net/i/elfcosmetics/ 110 KB
110 KB 187ms
186ms Image
image/webp 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-xxlippie-2026-4-launch-hero-carousel-IMAGE-1_D?%24Desktop%24=&fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

e9b52dc6d0d6e07f52735664713b1111b95da633312cd67eeffcb5ad338aaee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: 8CL_1ZXNo,l4p5bDg2e,mF-g78ke7,K3Uxtr72x,DtzGFM5oJ
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/webp
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: YOkO1cq1g2
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112190
x-amp-published: Thu, 16 Apr 2026 17:22:54 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 halo-glow-xxlippie-2026-4-launch-hero-carousel-IMAGE-2_D
cdn.media.amplience.net/i/elfcosmetics/ 216 KB
217 KB 187ms
186ms Image
image/webp 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-xxlippie-2026-4-launch-hero-carousel-IMAGE-2_D?%24Desktop%24=&fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

fbeb8148a4fdaab3557195126f98b0ca57d0b83e756ff374a81390defde903f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: NBZ9dTbGh,l4p5bDg2e,mF-g78ke7,FWnV0x1EB,DtzGFM5oJ
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/webp
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: M_ijSFmmOv
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221486
x-amp-published: Thu, 16 Apr 2026 17:22:54 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 elf-and-coachella-2024-4-3-hero-carousel-HEADLINE_D
cdn.media.amplience.net/i/elfcosmetics/ 4 KB
4 KB 95ms
95ms Image
image/avif 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/elf-and-coachella-2024-4-3-hero-carousel-HEADLINE_D?fmt=auto&qlt=80

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

6da03b92fbdff2ad2cdec496d80ccbeb2b4fe533d06f9057ae017e5f1b272412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: mAJXxBowg,l4p5bDg2e,GLlScrLkI,WepA0szpz
x-amp-source-width: 512
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/avif
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: ZhyRPhlBeo
x-amp-source-height: 90
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4154
x-amp-published: Thu, 16 Apr 2026 17:21:59 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 elf-and-coachella-2024-4-3-hero-carousel-IMAGE-1_D
elfcosmetics.a.bigcontent.io/v1/static/ 110 KB
110 KB 109ms
109ms Image
image/jpeg 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/elf-and-coachella-2024-4-3-hero-carousel-IMAGE-1_D?%24Desktop%24=&fmt=auto
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: e8d355ed9dd030911ffc6763ea67abcf5449dcc2b1a8430fad0daaed86be64dc

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112404
date: Sat, 18 Apr 2026 03:07:38 GMT
x-amp-srv: A
content-type: image/jpeg
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

callback Show response
www.elfcosmetics.com/
Redirect Chain

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
https://www.elfcosmetics.com/callback?usid=acfa905d-4b5d-408d-8d4a-ddb6b87a6e3d&code=3GPFH0_SHpgJM_STsBX1VoZeUtAUB4peBEiBCK3W9G0

0
570 B

400ms
400ms

Fetch
application/json

151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/callback?usid=acfa905d-4b5d-408d-8d4a-ddb6b87a6e3d&code=3GPFH0_SHpgJM_STsBX1VoZeUtAUB4peBEiBCK3W9G0

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://www.elfcosmetics.com/

Response headers

x-amzn-remapped-content-length: 0
x-amzn-remapped-connection: keep-alive
age: 0
x-amzn-requestid: 0f7e4ef0-aa64-456f-99f0-c7e374a83d96
x-cache: Miss from cloudfront, MISS, MISS, MISS
x-amz-cf-id: 8juMrgLtH6fXdAj-jbLO_fJEjnNW9MTSwsH5G01Rc0zQ_Ma_KU8P2g==
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100170-IAD, cache-iad-kjyo7100107-IAD, cache-lis1490048-LIS
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-security-policy
x-amz-apigw-id: b_tLUGXPiYcEADg=
x-amzn-remapped-date: Sat, 18 Apr 2026 03:07:39 GMT
x-timer: S1776481659.127070,VS0,VE350
x-amzn-trace-id: Root=1-69e2f57b-4831dc3a2673653b61ccac51;Parent=66bf39c342fd4e94;Sampled=0;Lineage=1:2b75b0e9:0
via: 1.1 f5a521b0c23723affbc04087b799247e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-amz-cf-pop: IAD61-P7
server: CloudFront

Redirect headers

cf-cache-status: DYNAMIC
x-ratelimit-1m-limit: 24000, 2000000
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: a5D3cQ4RC-byP5si--Ef8twaUvD5rVnDfDb5OxNnrLEXYcbDlKEO3w==
date: Sat, 18 Apr 2026 03:07:39 GMT
x-served-by: cache-lis1490042-LIS, cache-lis1490048-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
sfdc_correlation_id: 9ee075dfeb77ef0f
cache-control: no-store
location: https://www.elfcosmetics.com/callback?usid=acfa905d-4b5d-408d-8d4a-ddb6b87a6e3d&code=3GPFH0_SHpgJM_STsBX1VoZeUtAUB4peBEiBCK3W9G0
pragma: no-cache
x-timer: S1776481659.804736,VS0,VE212
via: 1.1 5eaf2d59cfe709772e71a72f64052d16.cloudfront.net (CloudFront), 1.1 varnish
cf-ray: 9ee075dfeb77ef0f-LHR
accept-ranges: bytes
x-ratelimit-1m-remaining: 22978, 1904524
content-length: 0
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=gpLV1x6JTJIfUJTOlDhW1cZ8qfMz5if_oGrhq3R2ufQ
x-amz-cf-pop: LIS50-P2
x-ratelimit-1m-reset: 21072, 21072
server: cloudflare

GET
H3 200 worker-ba550d42c69c499898e8b9ca38dc9e4e.br.js Show response
dev.visualwebsiteoptimizer.com/cdn/edrv/ 300 KB
72 KB 144ms
84ms XHR
text/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/cdn/edrv/worker-ba550d42c69c499898e8b9ca38dc9e4e.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 251.218.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dd18fbbb0a2a6192b5678fb2d1286895e906ae05af2cec2eb27c5dc434c73881

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
content-encoding: br
x-goog-hash: crc32c=LRm4Pg==, md5=NONP7X/6Rgy5ZEzjmma1JA==
etag: "34e34fed7ffa460cb9644ce39a66b524"
age: 56616
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 73584
date: Fri, 17 Apr 2026 11:24:02 GMT
last-modified: Fri, 17 Apr 2026 08:43:16 GMT
content-type: text/javascript; charset=UTF-8
x-guploader-uploadid: AMNfjG0iy29R5_BuYKi8syMjLG_rk5dzAeDC3NYcSRm6Yu6EPuuAql9Ee0HS-oPlf4Jd4TQ
cdn_cache_status: hit
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1776415396729496
content-length: 73584
content-language: en
server: UploadServer

GET
H3 200 va_gq-89d0cf1a3ab4e8b958d259cd6d2d278d.br.js Show response
dev.visualwebsiteoptimizer.com/cdn/edrv/ 379 KB
96 KB 120ms
60ms XHR
text/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/cdn/edrv/va_gq-89d0cf1a3ab4e8b958d259cd6d2d278d.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 251.218.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3f210735d8e692ab2385b3ac5fdc249ab9735564a8e23c0606e33b45b24394b8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
content-encoding: br
x-goog-hash: crc32c=170AsA==, md5=/ygYd/t31bgRfWeCfK+Mfw==
etag: "ff281877fb77d5b8117d67827caf8c7f"
age: 56616
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 98751
date: Fri, 17 Apr 2026 11:24:02 GMT
last-modified: Fri, 17 Apr 2026 08:43:33 GMT
content-type: text/javascript; charset=UTF-8
x-guploader-uploadid: AMNfjG3npt-Qo556fcdfZ0l89ub9l2cxPhHC3ntKxiuguTm8crJ5t29jbhGaIMCx0jn6wzLB
cdn_cache_status: hit
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1776415412944426
content-length: 98751
content-language: en
server: UploadServer

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
147 B 139ms
138ms Image
image/gif 34.107.218.251
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=1128438&d=elfcosmetics.com&u=D9481000D0084E6625F6FA0841C216F94&h=d3eb2bc40cd2dfeebb5fdec185444ca5&t=false

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=43200
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/gif
server: gnv01c

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 7 KB
3 KB 168ms
67ms XHR
application/json 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

341f99739dbbda1bf97cdecb1cc9287413ff26a0e73a5620994b9c3ede483f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: dSNBlYV76blErZTN74yr7Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding, X-OneTrust-IsBot
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DE68264FE8B7D1
age: 13569
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 19 Apr 2026 03:07:38 GMT
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: application/json
last-modified: Mon, 09 Feb 2026 21:58:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-onetrust-isbot: true
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 059cba1f-b01e-00d2-030f-9a2dd2000000
cf-ray: 9ee075e04ff98c92-LIS
accept-ranges: bytes
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 67 B
283 B 166ms
63ms XHR
application/json 104.18.32.137
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d91c4b4bcabca42e67bdb3f2fdfe9f52017b9b67111bff940ce2bcc4b7064abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
accept: application/json
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 9ee075e15bac4899-LIS
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: Content-Type

GET 10638754-b2ca-413f-8fa6-b11265a27fc6
https://www.elfcosmetics.com/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 521 KB
171 KB 97ms
97ms Script
application/javascript 142.251.20.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&cx=c&gtm=4e64g0h2

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7a83124c2dabee1671e797faca6039d300708dcacf61cc79e15e1df0386b8eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sat, 18 Apr 2026 03:07:39 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174528
date: Sat, 18 Apr 2026 03:07:39 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 381 KB
137 KB 105ms
105ms Script
application/javascript 142.251.20.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-000000000&cx=c&gtm=4e64g0h2

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d4d8e4be239ffb32c0510a453c368d03f0ad654e8918dca80f392cc9031ce124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sat, 18 Apr 2026 03:07:39 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139958
date: Sat, 18 Apr 2026 03:07:39 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 385 KB
137 KB 118ms
117ms Script
application/javascript 142.251.20.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10812184462&cx=c&gtm=4e64g0h2

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

171a9903c5a78b619ab0e2ae2957021877de80cbe6abeab27661ff7f44405603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sat, 18 Apr 2026 03:07:39 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139799
date: Sat, 18 Apr 2026 03:07:39 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

POST
H3 200 collect
www.google.com/ccm/ 0
0 201ms
82ms Fetch
text/plain 142.251.155.119
Google LLC

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?rcb=12&frm=0&ae=g&en=page_view&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&scrsrc=www.googletagmanager.com&rnd=671918882.1776481659&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20-%20Cruelty%20Free%20%7C%20e.l.f.%20Cosmetics&auid=1902940327.1776481659&navt=n&npa=1&ep.ads_data_redaction=1&_tu=CA&gtm=45He64g0h2v896608294za200zd896608294xea&gcs=G1--&gcd=13l3l3l2l5l1&dma_cps=a&dma=1&tag_exp=0~115938465~115938468~117266401&apve=1&apvf=f&apvc=1&tft=1776481659139&tfd=4568
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.155.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

GET
H2 204 Pixels
px.adentifi.com/ 0
55 B 535ms
168ms Image
text/plain 35.212.43.231
Google LLC

General

Check archive.org

Download Go to Show image

Full URL: https://px.adentifi.com/Pixels?a_id=24506;p_url=https%3A%2F%2Fwww.elfcosmetics.com%2F;uq=8659345781819.727
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.43.231 Washington, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 231.43.212.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

via: 1.1 google
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: text/plain

GET
H2 200 conversion
px.gumgum.com/ad/ 0
68 B 300ms
95ms Image
text/plain 52.17.234.193
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://px.gumgum.com/ad/conversion?cmp=19031&num=1&rnd=340051245
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.17.234.193 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-234-193.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
content-length: 0
date: Sat, 18 Apr 2026 03:07:39 GMT
server: nginx

GET
H3 200 nc-844a9240306e41155c2df95092df36f3.br.js Show response
dev.visualwebsiteoptimizer.com/cdn/edrv/ 91 KB
25 KB 60ms
59ms XHR
text/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/cdn/edrv/nc-844a9240306e41155c2df95092df36f3.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 251.218.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 52034ed26ddf1b56580a68e479c22635ffd04274bb5ea17211fb62ed34736591

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
content-encoding: br
x-goog-hash: crc32c=xQT9Fg==, md5=JWQJbbRJnk5+eeaVC90ahQ==
etag: "2564096db4499e4e7e79e6950bdd1a85"
age: 56614
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 26010
date: Fri, 17 Apr 2026 11:24:05 GMT
last-modified: Fri, 17 Apr 2026 08:44:02 GMT
content-type: text/javascript; charset=UTF-8
x-guploader-uploadid: AMNfjG0-0LwazKUJKAO7VdS0hwCDZwQRoMxZaxngJBmHhc8qqd3BP1X3B2OoEDhZwEBDoVY
cdn_cache_status: hit
cache-control: public, max-age=31536000
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1776415442029375
content-length: 26010
content-language: en
server: UploadServer

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 451 KB
110 KB 59ms
58ms Script
application/javascript 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: 7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56F667161
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 65552
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:20:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 95683132-e01e-0102-5a68-f4d725000000
cf-ray: 9ee075e20b854813-LIS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112027
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-10812184462&v=3&t=t&pid=764220308&gtm=45be64g0h2v886664473za20gzb896608294zd896608294&cv=2&rv=64g0&tc=9&x=2&tag_exp=0~115616986~115938465~115938469~117266401~117384406&es=1&e=gtag.config&eid=2&u=AAAAAIAJAAAAAAAAAAAAEA&h=Ag&tr=1ogt1pdatav2.1ccdadsfirst.1ccdadsfirst.1ccdenablecm.1ccdenablecm.1ccdadslast.1ccdadslast&ti=2ogt1pdatav2.2ccdadsfirst.2ccdadsfirst.2ccdenablecm.2ccdenablecm.2ccdadslast.2ccdadslast&z=0

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:39 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:39 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 97ms
96ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:39 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
96ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:39 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/019bdc7b-65f0-77e7-9659-f83c446fb89d/ 377 KB
62 KB 179ms
178ms Fetch
application/json 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/019bdc7b-65f0-77e7-9659-f83c446fb89d/en.json

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f1b231d496fe09aa16a3d0265e9d254faae892f9c8f629da807947164dfee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: MTPurzDlSsT+MknYmmVN6w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding, X-OneTrust-IsBot
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DE68265518FC69
age: 17738
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 19 Apr 2026 03:07:39 GMT
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
last-modified: Mon, 09 Feb 2026 21:58:17 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-onetrust-isbot: true
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 7cfb5120-f01e-009a-570f-9a1f4f000000
cf-ray: 9ee075e38a328c92-LIS
accept-ranges: bytes
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 iab2V2Data.json Show response
cdn.cookielaw.org/vendorlist/ 677 KB
87 KB 61ms
61ms Fetch
application/json 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2V2Data.json

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab80f629ff319a2fc644d54427badafd4a125dfc9607e128c9055b600c5c6140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: Q9s61V+Zeo6AXsA1oS6iDg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DE9C1CA76102DC
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 41056
x-content-type-options: nosniff
expires: Sun, 19 Apr 2026 03:07:39 GMT
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
last-modified: Fri, 17 Apr 2026 01:00:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 0073326f-b01e-00fb-6b34-ce5b90000000
cf-ray: 9ee075e38a338c92-LIS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 88624
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 60 KB
17 KB 59ms
58ms Script
application/javascript 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otTCF.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: w7rriz6IwW2xtS9bVJshOg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56E73A9D1
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 84150
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:19:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 3c041e35-e01e-008e-4a2a-ecdc2b000000
cf-ray: 9ee075e38d444813-LIS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17104
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 728 B
784 B 249ms
245ms XHR
application/json 34.120.250.63
Google LLC

General

Check archive.org

Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.250.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 63.250.120.34.bc.googleusercontent.com
Software: /
Resource Hash: ac6474b47336415791755bbe44c6bee742ad071e14334645c706b0c3582ef0c0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json; charset=utf-8

POST
H2 200 token Show response
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 2 KB
2 KB 454ms
453ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0d738e87fe46dfb6a9bc34d0819b525e48212ca3774688f724d987b5421a8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Authorization
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
c_x-pwa-request: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-ratelimit-1m-limit: 24000, 2000000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: 4yJXexGDhxBqrIwX1_q47khf0vzI0hPEv_EXwGUPZW64yR_1Ud-WQA==
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
x-served-by: cache-lis1490032-LIS, cache-lis1490048-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
sfdc_correlation_id: 9ee075e47a65bd9f
cache-control: no-store
pragma: no-cache
x-timer: S1776481660.529738,VS0,VE403
access-control-allow-credentials: true
via: 1.1 65b5a4add6e9de092ec77a19ccbe563e.cloudfront.net (CloudFront), 1.1 varnish
cf-ray: 9ee075e47a65bd9f-LHR
accept-ranges: bytes
access-control-allow-origin: https://www.elfcosmetics.com
x-ratelimit-1m-remaining: 22966, 1902601
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-amz-cf-pop: LIS50-P2
server: cloudflare
x-ratelimit-1m-reset: 20255, 20254

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
127 B 337ms
210ms Fetch
text/plain 34.49.124.132
Google LLC

General

Check archive.org

Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je64g0h2v879088318z8896608294za20gzb896608294zd896608294&gcs=G10-&gcd=13m3lPm2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10s5b&ecid=765890350&_eu=EAAAAGA&_fplc=0&are=1&cid=1436343785.1776481660&frm=0&ir=1&pscdl=denied&rcb=4&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0&uam=&uamb=0&uap=Linux&uapv=&uaw=0&ul=pt-pt&ur=PT-11&sst.rnd=671918882.1776481659&sst.etld=google.pt&sst.gcsub=region1&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA&sst.lpc=85103949&sst.navt=n&sst.ude=1&sst.sw_exp=1&gaf=2&_s=1&tag_exp=0~115938465~115938468~117266400~117384406&sid=1776481659&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20-%20Cruelty%20Free%20%7C%20e.l.f.%20Cosmetics&_tu=DA&en=page_view&_fv=1&_nsi=1&_ss=2&ep.gtm_container=GTM-WL3STMX&tfd=5133&richsstsse

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: text/plain
server: Google Frontend

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
230 B 322ms
202ms Fetch
text/plain 34.49.124.132
Google LLC

General

Check archive.org

Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-000000000&gtm=45je64g0h2z8896608294za20gzb896608294zd896608294&gcs=G10-&gcd=13m3l3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10s5b&ecid=2041757916&_fplc=0&are=1&cid=1436343785.1776481660&frm=0&pscdl=denied&rcb=11&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0&uam=&uamb=0&uap=Linux&uapv=&uaw=0&ul=pt-pt&ur=PT-11&sst.rnd=671918882.1776481659&sst.etld=google.pt&sst.gcsub=region1&sst.adr=1&sst.gdpr=1&sst.gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA&sst.lpc=85103949&sst.navt=n&sst.ude=0&sst.sw_exp=1&_s=1&tag_exp=0~115938465~115938469~117266400~117384406&sid=1776481659&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20-%20Cruelty%20Free%20%7C%20e.l.f.%20Cosmetics&_tu=DA&en=page_view&_fv=1&_ss=1&tfd=5139&richsstsse

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: text/plain
server: Google Frontend

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 188ms
94ms Fetch
text/plain 142.251.14.157
Google LLC

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?rcb=3&frm=0&en=page_view&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&scrsrc=www.googletagmanager.com&rnd=671918882.1776481659&navt=n&npa=1&gdpr=1&gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA&_tu=CA&gtm=45be64g0h2v886664473z8896608294za20gzb896608294zd896608294xec&gcs=G10-&gcd=13m3l3m2m5l1&dma_cps=-&dma=1&tcfd=10s5b&tag_exp=0~115616986~115938465~115938469~117266401~117384406&apve=1&apvf=f&apvc=0&tids=AW-10812184462~AW-17674417109&tid=AW-10812184462&tft=1776481659716&tfd=5145
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.14.157 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: pm-in-f157.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 13 KB
3 KB 60ms
59ms Fetch
application/json 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56B3084E2
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 53795
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:19:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: bc98555f-c01e-00d6-3c46-f1d850000000
cf-ray: 9ee075e5bb768c92-LIS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 62 KB
13 KB 63ms
63ms Fetch
application/json 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: LtDYZmcfPNW39lMw/Yu0RQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56C7CC8BB
x-ms-lease-status: unlocked
age: 81796
cf-cache-status: HIT
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:19:56 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1d4c1c9d-101e-0018-04e5-efbe1f000000
cf-ray: 9ee075e5bb778c92-LIS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 24 KB
4 KB 61ms
60ms Fetch
text/css 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
cf-cache-status: HIT
x-ms-lease-status: unlocked
age: 50942
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:20:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: a53615b8-001e-00c0-5295-f019ce000000
cf-ray: 9ee075e5bb798c92-LIS
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 sw_iframe.html Show response
sgtm.elfcosmetics.com/_/service_worker/63b0/ Frame BC92 3 KB
2 KB 90ms
60ms Document
text/html 34.49.124.132
Google LLC

General

Check archive.org

Download Go to

Full URL: https://sgtm.elfcosmetics.com/_/service_worker/63b0/sw_iframe.html?origin=https%3A%2F%2Fwww.elfcosmetics.com&1p=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&cx=c&gtm=4e64g0h2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 132.124.49.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 51bdb0632b8a25a9f75b91ae374875b50831e57fefaed95d7c889b2715a6ae77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

age: 34231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 1738
content-type: text/html
date: Fri, 17 Apr 2026 17:37:08 GMT
last-modified: Wed, 11 Mar 2026 09:08:00 GMT
server: Google Frontend
vary: accept-encoding
via: 1.1 google
x-cloud-trace-context: 3f2d4cc52d8c662d04e8f0bdf88b3f22

POST
H3 200 u
dev.visualwebsiteoptimizer.com/events/t/ 0
37 B 147ms
146ms Ping
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/events/t/u?en=gtm.OneTrustLoaded&a=1128438&v=cf2c1cfa&_cu=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/javascript; charset=UTF-8
server: gnv01c
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For

POST
H3 200 u
dev.visualwebsiteoptimizer.com/events/t/ 0
37 B 146ms
145ms Ping
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/events/t/u?en=gtm.OptanonLoaded&a=1128438&v=cf2c1cfa&_cu=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/javascript; charset=UTF-8
server: gnv01c
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For

POST
H3 200 u
dev.visualwebsiteoptimizer.com/events/t/ 0
37 B 140ms
140ms Ping
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/events/t/u?en=gtm.OneTrustGroupsUpdated&a=1128438&v=cf2c1cfa&_cu=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/javascript; charset=UTF-8
server: gnv01c
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
679 B 61ms
60ms Fetch
image/svg+xml 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
cf-cache-status: HIT
x-ms-lease-status: unlocked
age: 78277
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Apr 2026 02:34:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1e6cdf66-801e-009e-1d9a-c5eacd000000
cf-ray: 9ee075e64bce8c92-LIS
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 19 KB
19 KB 61ms
60ms Image
image/png 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

97722715f92bfef1cccdf80f1dcee232f79e48a4b5612305ca2b864c352f0274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: QHB228W/DDZrpAols8WCfg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE93850B55D40D
age: 69414
cf-cache-status: HIT
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: image/png
last-modified: Mon, 06 Apr 2026 02:34:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 77f2e33b-701e-00a9-187e-c54662000000
cf-ray: 9ee075e669854813-LIS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19373
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
3 KB 59ms
59ms Image
image/svg+xml 104.18.86.42
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cddd450a33be5e50d6f27aea78d2e278beae2762678b22fc2dcee8de29cbc0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: yMeilKp6reuDTG1eNiffRg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
cf-cache-status: HIT
x-ms-lease-status: unlocked
age: 55455
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Apr 2026 02:34:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: a2d46c1a-301e-0100-442a-c6d5df000000
cf-ray: 9ee075e669884813-LIS
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 204 behavior
ac.cnstrc.com/ 0
0 287ms
94ms Fetch 35.156.253.221
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://ac.cnstrc.com/behavior?action=session_start&c=ciojs-2.1397.8&i=6a4f5be5-f2cb-496d-8d05-6418b89c3ac7&s=1&key=key_1lHLccnSdXr0R0Xu&canonical_url=https%3A%2F%2Fwww.elfcosmetics.com%2F&origin_referrer=www.elfcosmetics.com%2F&_dt=1776481659885
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.253.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-253-221.eu-central-1.compute.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-haproxy-rl-blocked: 0
x-haproxy-rl-status: success
x-haproxy-rl-token-exists: 0
x-haproxy-rl-backend-integration: 0
date: Sat, 18 Apr 2026 03:07:40 GMT
x-haproxy-rl-token-valid: 0
x-haproxy-rl-key: 45.94.208.56-b
cache-control: no-cache
x-ratelimit-reset: 1776481660
x-haproxy-req-priority: 100
x-ratelimit-remaining: 200
x-haproxy-rl-backend-company: unknown
access-control-allow-origin: *
x-ratelimit-limit: 201
x-haproxy-rl-cache-handling: miss
server: uvicorn

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
190 B 169ms
169ms Ping
text/json 99.83.184.193
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.184.193 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: a0540a066b92ce4ca.awsglobalaccelerator.com
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: *
access-control-expose-headers: X-Results-Data-Source
timing-allow-origin: *
cache-control: no-cache
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/json
access-control-allow-credentials: true

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 369 KB
131 KB 107ms
107ms Script
application/javascript 142.251.20.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10742279&cx=c&gtm=4e64g0h2

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

727b29ca477a461b1632947418cd7d42ca75765a3afea06f2f7dcf9721d24283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: zstd
report-to: {"group":"ascgsrsghrgc:71:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:71:0"}],}
expires: Sat, 18 Apr 2026 03:07:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:71:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgsrsghrgc:71:0
content-length: 134544
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 369 KB
131 KB 136ms
136ms Script
application/javascript 142.251.20.97
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9231397&cx=c&gtm=4e64g0h2

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

703cda5a8f4868c8c38faccbfb4c575c86864b1af06e032fa503244f27a2d586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: zstd
report-to: {"group":"ascgsrsghrgc:71:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:71:0"}],}
expires: Sat, 18 Apr 2026 03:07:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:71:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgsrsghrgc:71:0
content-length: 134481
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 favicon.ico
www.elfcosmetics.com/ 34 KB
3 KB 53ms
52ms Other
image/x-icon 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

CloudFront /

Resource Hash

1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amzn-remapped-content-length: 34494
content-encoding: gzip
etag: W/"86be-19d87adce80"
x-amzn-remapped-connection: keep-alive
age: 318648
x-amzn-requestid: 4c761872-7b34-4421-8e5a-adeddc56f9e7
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 1SS1ssVcAlQnDNK9-fu6D1RwTkp-nJPwghlpBjBFd53GpriWaao-xg==
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: image/x-icon
last-modified: Mon, 13 Apr 2026 16:30:08 GMT
x-served-by: cache-iad-kcgs7200068-IAD, cache-iad-kcgs7200088-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 7685, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: max-age=600, s-maxage=600
x-amz-apigw-id: bzjOrHU4iYcETMA=
x-amzn-remapped-date: Tue, 14 Apr 2026 10:36:52 GMT
x-timer: S1776481660.993985,VS0,VE1
x-amzn-trace-id: Root=1-69de18c3-6ba9aae97deeb8e574d45c17;Parent=5f52c6f574aabb62;Sampled=0;Lineage=1:2b75b0e9:0
via: 1.1 60fed2a1edb7f0bf722e7271cef9573e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2830
x-amz-cf-pop: IAD55-P10
server: CloudFront

POST
H2 204 sessions
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 0
0 283ms
282ms Fetch 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-dw-request-base-id: SW4c0Xz14mkBAAB_
cf-cache-status: DYNAMIC
x-dw-version-status: obsolete
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: x2O4lUfPIVzXDmFz7Uv5BOPTMHlRSvmBmcUglo81Vfu3WsavNFhjLA==
date: Sat, 18 Apr 2026 03:07:40 GMT
x-served-by: cache-lis1490024-LIS, cache-lis1490050-LIS
x-cache-hits: 0, 0
strict-transport-security: max-age=31557600
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-timer: S1776481660.994578,VS0,VE233
access-control-allow-credentials: true
via: 1.1 7440b5ea829c3cf28f8128e219cde53a.cloudfront.net (CloudFront), 1.1 varnish
cf-ray: 9ee075e768c16418-LHR
allow: OPTIONS,POST
accept-ranges: bytes
access-control-allow-origin: https://www.elfcosmetics.com
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
x-amz-cf-pop: LIS50-P2
server: cloudflare

POST
H2 200 shoppercontext Show response
www.elfcosmetics.com/api/v1/ 154 B
769 B 681ms
680ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

CloudFront /

Resource Hash

67e784a3cb92b7d1a9a3190efafb64718e1aced1d1cd5e7a37023b6258f4af4e

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

x-amzn-remapped-content-length: 154
x-amzn-remapped-connection: keep-alive
etag: W/"9a-mOh4rafxy7tMVRCGYqs6BKf/rNY"
x-amzn-requestid: 047de70d-383b-42ba-98bf-6c2b2f62d3e0
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: 2tytM4l5MeGuiCShr8rj9-w2zeGc8dOvpdN3ri3rx4NJZbvwA0ZMXw==
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lis1490049-LIS, cache-lis1490050-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-security-policy
x-amz-apigw-id: b_tLdGZyiYcEZew=
x-amzn-remapped-date: Sat, 18 Apr 2026 03:07:40 GMT
x-timer: S1776481660.997357,VS0,VE630
x-amzn-trace-id: Root=1-69e2f57c-6228c1ca31e79cee0a8d40f7;Parent=4c739b11c2762014;Sampled=0;Lineage=1:2b75b0e9:0
via: 1.1 b269f6fa0af7d101f9bd2386d65f03e4.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges: bytes
content-length: 154
x-amz-cf-pop: LIS50-P2
server: CloudFront

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 194 B
633 B 350ms
349ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.94.208.56&locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22933c2bd379e2a1c4beee3e235494658937b97d18b59f01133361510e20a3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
c_x-pwa-request: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-dw-version-status: obsolete
x-dw-request-base-id: SW4e0Xz14mkBAAB_
x-content-type-options: nosniff
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: K3B4yHGvk0rliSi6mdKVK1zhsldAybstlZZjOSEW8xDdCCMFE_7JMQ==
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490044-LIS, cache-lis1490050-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-timer: S1776481660.997131,VS0,VE299
via: 1.1 841b3d5fdc263e59f262c5d2dcd97abe.cloudfront.net (CloudFront), 1.1 varnish
cf-ray: 9ee075e77cfff7f1-LHR
allow: GET,HEAD,OPTIONS
accept-ranges: bytes
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.94.208.56&locale=en-US
x-amz-cf-pop: LIS50-P2
server: cloudflare

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 194 B
420 B 679ms
328ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.94.208.56&locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22933c2bd379e2a1c4beee3e235494658937b97d18b59f01133361510e20a3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
c_x-pwa-request: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-dw-version-status: obsolete
x-dw-request-base-id: SW420Xz14mkBAAB_
x-content-type-options: nosniff
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: wpYLEb1tkzMlG1ptWS_or6TRpr5r8w2xEQYXtqdrqNjgBK4J5Qvj2Q==
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490055-LIS, cache-lis1490050-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-timer: S1776481660.347761,VS0,VE278
via: 1.1 3c0a3ce74d108f55f1f115025694b22c.cloudfront.net (CloudFront), 1.1 varnish
cf-ray: 9ee075e9aee53efb-LHR
allow: GET,HEAD,OPTIONS
accept-ranges: bytes
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.94.208.56&locale=en-US
x-amz-cf-pop: LIS50-P2
server: cloudflare

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 194 B
668 B 1033ms
352ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.94.208.56&locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22933c2bd379e2a1c4beee3e235494658937b97d18b59f01133361510e20a3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
c_x-pwa-request: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-dw-version-status: obsolete
x-dw-request-base-id: SW5I0Xz14mkBAAB_
x-content-type-options: nosniff
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: OGmUpn5ZzfdGz1y7oK_iwiQm0F69CpvE0cc8x5lEjiEvaSWkvc7I0A==
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490054-LIS, cache-lis1490050-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-timer: S1776481661.677431,VS0,VE302
via: 1.1 e58800c671725ddb8707b63bab98c29a.cloudfront.net (CloudFront), 1.1 varnish
cf-ray: 9ee075ebcf12edee-LHR
allow: GET,HEAD,OPTIONS
accept-ranges: bytes
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=45.94.208.56&locale=en-US
x-amz-cf-pop: LIS50-P2
server: cloudflare

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
190 B 203ms
195ms Ping
text/json 99.83.184.193
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.184.193 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: a0540a066b92ce4ca.awsglobalaccelerator.com
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: *
access-control-expose-headers: X-Results-Data-Source
timing-allow-origin: *
cache-control: no-cache
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/json
access-control-allow-credentials: true

GET
H2 200 trackingCode.js Show response
cdn.fonts.net/t/ 650 B
1 KB 167ms
56ms Script
application/javascript 104.16.40.28
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://cdn.fonts.net/t/trackingCode.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.40.28 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f288bc724af1cb5ca584353d0fc58ed08250156c2d6f6fe25885d1f02edb818

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: Sdr.VJ3SPOrkqJRK1Q_g20DcwZb2uv8l
age: 4149635
etag: W/"1e252b20dbd707dc92518161c615342f"
expires: Wed, 21 Oct 2026 03:07:40 GMT
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/javascript
last-modified: Wed, 05 Feb 2025 07:44:16 GMT
x-amz-id-2: WjS+3is0CCJ/joH8rgiDrHkm6mQFtGzY/XeU2owztBHD1qgMZN47IhPlLEvZQu0wQp7pU/NeQwCAoZI93MpfZg==
x-amz-replication-status: COMPLETED
cache-control: public, max-age=16070400
x-amz-request-id: RXFMN3EXMWSA6AY4
cf-ray: 9ee075e84d13c6ea-LIS
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.paypal.com/sdk/ 471 KB
115 KB 660ms
551ms Script
application/javascript 104.18.7.168
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.168 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f016bafb905d27cb7f4f47f12863b77a610e5b66281ca51d5130db20e8c7b9fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: c9eaa610f1ef5
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"1ea52-NP4y3AR74ofyiVg4LEC4PWj0xHQ"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
disable-set-cookie: true
server-timing: content-encoding;desc="",x-cdn;desc="cloudflare"
dc: ccg11-origin-www-1.paypal.com
p3p: true
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: public, max-age=3600, s-maxage=10800
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cf-ray: 9ee075e84990d852-LIS
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 elf_beauty_5lQA8q.js Show response
cnstrc.com/js/cust/ 367 KB
0 1ms
1ms Script
text/javascript 3.174.46.60
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://cnstrc.com/js/cust/elf_beauty_5lQA8q.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.174.46.60 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-3-174-46-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab950f45c68248e7e7723462339df66f418394eceeeca4c3a2ed74bacc96b213

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

vary: Accept-Encoding
cache-control: public, max-age=1800
content-encoding: gzip
etag: W/"02683592561a8152dc0ce5661f77fea8"
age: 578
via: 1.1 3ae34da451a19efe92d6bea00849f488.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: SmeJJ2vZN-IQx4zsMdNJL-iHhqjbtAfHyfFmoWu7uI9GMvcrFdShfQ==
date: Sat, 18 Apr 2026 02:58:07 GMT
content-type: text/javascript
last-modified: Thu, 16 Apr 2026 22:29:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P12
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 157 KB
55 KB 397ms
119ms Script
application/javascript 104.86.53.30
Akamai Technologies

General

Check archive.org

Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.86.53.30 Berlin, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-86-53-30.deploy.static.akamaitechnologies.com

Software

nginx / Express

Resource Hash

6d89fd54f0f32a7a2b2cda35a5c314cba4f623fa90a850be6ea22f4af3ee1016

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=15768000
Cache-Control: must-revalidate, max-age=900
Content-Encoding: gzip
Connection: keep-alive
Expires: Sat, 18 Apr 2026 03:22:40 GMT
Access-Control-Allow-Origin: *
Content-Length: 56161
Date: Sat, 18 Apr 2026 03:07:40 GMT
Content-Type: application/javascript;charset=UTF-8
X-Powered-By: Express
Server: nginx
Vary: Accept-Encoding

GET
H2 200 110221.ct.js Show response
tag.rmp.rakuten.com/ 39 KB
13 KB 219ms
94ms Script
text/javascript 34.102.147.248
Google LLC

General

Check archive.org

Download Go to

Full URL

https://tag.rmp.rakuten.com/110221.ct.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

e18ccc63e3ecce9951d412e0dfc23ff37942ff3b72d59d67919a027d31435888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=86400
content-encoding: gzip
x-samesite: secure
via: 1.1 google
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: hit
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 03:07:40 GMT

GET
H2 200 cs-start Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/ 19 KB
5 KB 167ms
55ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/cs-start

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd9b98d8f3cf2ed9bbdb8cae596fa970b17f19ecc7e01355392ebd6344cb5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600, public
content-encoding: gzip
cf-cache-status: HIT
age: 3515
cf-ray: 9ee075e8d8d911e6-LIS
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Sat, 18 Apr 2026 02:09:04 GMT
server: cloudflare

GET
H2 200 1a8bfa042c9c5.js Show response
t.contentsquare.net/uxa/ 541 KB
144 KB 297ms
110ms Script
application/javascript 18.244.18.115
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.115 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-244-18-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928774a4d596d00cc18e8363b2b14bffd90b8d1bb8b60e39cc8cc8d5f4ba2c59

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
x-amz-version-id: uxBjjTUZw5DxQWJ.0DE6vIDJl48CwZZx
etag: W/"6f0d4fa8649e0af9bde58b880dd8190e"
age: 0
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: X1E8UDb1qvnE0CkMbf4QKe5EnHJGVa5-1Le7CUf11lucwlkEkrHdLg==
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding, Origin
last-modified: Fri, 17 Apr 2026 07:46:03 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=900
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/dcdn/ 33 KB
12 KB 86ms
86ms Script
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/dcdn/settings.js?a=1128438&settings_type=4&ts=1776477348&dt=desktop&cc=PT

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gbel1 /

Resource Hash

d4241b3f67b6c96daf3b905f5a838624f81d194a05cccb134eb3792f118e8ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn_cache_status: miss
cache-control: public, max-age=1800, stale-while-revalidate=900
content-encoding: br
etag: W/"1776477348_EA"
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: gbel1

GET
H2 200 1.css
cdn.fonts.net/t/ 0
523 B 64ms
63ms Stylesheet
text/css 104.16.40.28
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://cdn.fonts.net/t/1.css?apiType=css&projectid=1c68e318-a896-4137-9bd5-7b3cbc877af1
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.40.28 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: HIT
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 3984941
x-amz-version-id: XROAb1ml8I2feP5GtaHs21MSuWELxxAN
expires: Sat, 18 Apr 2026 03:07:41 GMT
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/css
last-modified: Thu, 22 May 2025 12:39:06 GMT
vary: Accept-Encoding
x-amz-id-2: sHJTuDhLJApDB9BSD73/YyZRD71/7ccLcHvfygk2nfYlqd5Pws35ais4ZAAupyNviIE1qdg6eVB6k5JMwXWQIu1MxOHNC0fR5y+8ff6N4wM=
x-amz-replication-status: COMPLETED
cache-control: public, max-age=1
x-amz-request-id: MJ7JT2Z70J23787V
cf-ray: 9ee075e8ad82c6ea-LIS
accept-ranges: bytes
content-length: 0
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/ 9 KB
0 1ms
0ms Image
image/svg+xml 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"2b3ee98009fe98bcf2eee0f90a48466a"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: fRxhPPYIksyeZrfwOaAwTUJNd83-FAU949Mgxm9QpObCU77P_sz2uQ==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/svg+xml
last-modified: Wed, 15 Apr 2026 19:33:52 GMT
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200077-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 80, 0
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.186719,VS0,VE98
via: 1.1 359a68a211613a0b498b726183099110.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 681
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H2 200 channel-loader Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/ 2 KB
994 B 94ms
94ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/channel-loader?d=www.elfcosmetics.com

Requested by

Host: a42cdn.usablenet.com
URL: https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/cs-start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a90114d42ac15c05756983ee82e27fe2925c84549179656382bf92c61a93e8eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=300, public
content-encoding: gzip
cf-cache-status: HIT
cf-ray: 9ee075e9b9c711e6-LIS
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Sat, 18 Apr 2026 03:07:21 GMT
server: cloudflare

GET
H2

200

src=10742279;dc_pre=COO91_K19pMDFW8PogMdyeoDuQ;type=elf8j0;cat=glo_flap;rcb=1;ord=4126841700155;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmD...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flap;rcb=1;ord=4126841700155;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACg...
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COO91_K19pMDFW8PogMdyeoDuQ;type=elf8j0;cat=glo_flap;rcb=1;ord=4126841700155;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgAC...

42 B
118 B

123ms
122ms

Image
image/gif

142.251.110.154
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COO91_K19pMDFW8PogMdyeoDuQ;type=elf8j0;cat=glo_flap;rcb=1;ord=4126841700155;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?

Protocol

Server

142.251.110.154 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bz-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://www.elfcosmetics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 18 Apr 2026 03:07:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=COO91_K19pMDFW8PogMdyeoDuQ;type=elf8j0;cat=glo_flap;rcb=1;ord=4126841700155;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 18 Apr 2026 03:07:40 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2

200

src=9231397;dc_pre=CPW91_K19pMDFYEPogMdQjk2kQ;type=retarget;cat=globa0;rcb=6;ord=4902066345035;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDA...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=9231397;type=retarget;cat=globa0;rcb=6;ord=4902066345035;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQ...
https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPW91_K19pMDFYEPogMdQjk2kQ;type=retarget;cat=globa0;rcb=6;ord=4902066345035;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACi...

42 B
107 B

126ms
126ms

Image
image/gif

142.251.110.154
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPW91_K19pMDFYEPogMdQjk2kQ;type=retarget;cat=globa0;rcb=6;ord=4902066345035;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181619921z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115616985~115938465~115938468~117266401;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?

Protocol

Server

142.251.110.154 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bz-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://www.elfcosmetics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 18 Apr 2026 03:07:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ade.googlesyndication.com/ddm/activity/src=9231397;dc_pre=CPW91_K19pMDFYEPogMdQjk2kQ;type=retarget;cat=globa0;rcb=6;ord=4902066345035;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u6=%2F;u10=undefined;u12=undefined;u8=undefined;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181619921z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115616985~115938465~115938468~117266401;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 18 Apr 2026 03:07:40 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 p
consent.linksynergy.com/consent/v3/ 37 B
282 B 212ms
86ms Image
image/gif 34.98.67.3
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.elfcosmetics.com&sought=false&tp=gdpr&attr_sid=110221&aff_mid=39724&purposes=&vendors=&ext_id=cff006e7-5efb-425c-8632-ab1cc8e34cf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Sat, 18 Apr 2026 03:07:40 GMT
x-samesite: secure
content-type: image/gif

GET
H2 200 toggleOffL.svg
a42cdn.usablenet.com/a42/lib/img/ 2 KB
1 KB 55ms
55ms Image
image/svg+xml 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL: https://a42cdn.usablenet.com/a42/lib/img/toggleOffL.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 223a298a1a02096375ccf01e37a4091566d8aca165bb8e0fb089bb257789891d

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 2503849
cf-ray: 9ee075ea2a7011e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Fri, 20 Mar 2026 03:36:50 GMT
server: cloudflare

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 95ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:40 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 182ms
181ms XHR
application/json 34.120.250.63
Google LLC

General

Check archive.org

Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.250.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 63.250.120.34.bc.googleusercontent.com
Software: /
Resource Hash: b01aa775e576ca9ba60429bb5263e6ea0c241a3e6fdd3ba526b0001cef4db77f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/json; charset=utf-8

GET
H2 200 core.js Show response
a42cdn.usablenet.com/a42/lib/js/r1/1772523597477/ 44 KB
15 KB 57ms
57ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://a42cdn.usablenet.com/a42/lib/js/r1/1772523597477/core.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b21f163ddfe78860688090e2295b406b7cccb648dde5fefc5f697c4b644a25a8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 3957634
cf-ray: 9ee075ea5ab811e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Tue, 03 Mar 2026 07:47:05 GMT
server: cloudflare

GET
H2 200 footer.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 3 KB
763 B 58ms
57ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/footer.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b5ee2d470e08c45cd09f2944da8ff2d357d50cc363731028db61a1c97725ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b8b11e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 globals.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 20 KB
3 KB 61ms
60ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/globals.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

32fce0417c3193ba8c08a8e7aab91df42715a114df968d5a87d5dd9dd231449a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b8d11e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 header.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 6 KB
1 KB 56ms
54ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/header.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbf5fc8b7cfc5bbec9c4365258017bc2e90a954a5c37fc059fbc0e02007f5db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b8f11e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 cart.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 2 KB
666 B 59ms
58ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/cart.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a83b9683ed4142643e5bc71e50751f0e78040fbe4c203180ad550e816bd884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b9311e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 account.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 15 KB
2 KB 60ms
59ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/account.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fdffe410ee6e2c37fb302223c7b09837f86791b16ddbe2775f829d2fb12cefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b9411e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 checkout.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 7 KB
1 KB 70ms
69ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/checkout.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a24bd6e0e73f5284534e2b5b279f7879f8ae197fe6afe6fa50fe52759240c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b9511e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 content.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 18 KB
3 KB 66ms
65ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/content.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

49186dcd58a5d8c491bf1f2e708e2b5204106efec17406e782d06613869eba96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b9611e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 homepage.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 6 KB
1 KB 69ms
68ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/homepage.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc750313b3641fe5146fe5b449e7c04d6479e21eebbae1d0952d17e5d68ddd24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b9811e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 pdp.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 11 KB
2 KB 58ms
58ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/pdp.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae396bacf500ea4a79590ebe8a24e64eaf79363ac0ba8851250b575f6a0f634f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b9a11e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 plp.js Show response
a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/ 8 KB
1 KB 59ms
59ms Script
text/javascript 104.18.0.100
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://a42cdn.usablenet.com/a42/elfcosmetics/default/prod/rapid/rs/1776338008738/plp.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d36bbf2b58df3f86c063c2992be4289938267f4005ae51d0509291ebc7fed884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=29030400, public
content-encoding: gzip
cf-cache-status: HIT
age: 143345
cf-ray: 9ee075eb0b9c11e6-LIS
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: text/javascript;charset=utf-8
last-modified: Thu, 16 Apr 2026 11:18:35 GMT
server: cloudflare

GET
H2 200 halo-glow-xxlippie-2026-4-launch-hero-carousel-IMAGE-3_D
cdn.media.amplience.net/i/elfcosmetics/ 119 KB
119 KB 98ms
97ms Image
image/webp 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/halo-glow-xxlippie-2026-4-launch-hero-carousel-IMAGE-3_D?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

b7baaaac468647c0c8c7ca27b9beb63692946c514bf1e72e65333ac8c3d4665e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: iZ6jLwfj8,l4p5bDg2e,mF-g78ke7,9XCqePBBr,DtzGFM5oJ
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: image/webp
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: bcnaUTAMXy
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 121686
x-amp-published: Thu, 16 Apr 2026 17:22:54 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET 9ed52c0b-a803-494b-a67c-a1b06ef997fc
https://www.elfcosmetics.com/ 0
0

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/ 9 KB
0 0ms
0ms Image
image/svg+xml 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"2b3ee98009fe98bcf2eee0f90a48466a"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: fRxhPPYIksyeZrfwOaAwTUJNd83-FAU949Mgxm9QpObCU77P_sz2uQ==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/svg+xml
last-modified: Wed, 15 Apr 2026 19:33:52 GMT
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200077-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 80, 0
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.186719,VS0,VE98
via: 1.1 359a68a211613a0b498b726183099110.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 681
x-amz-cf-pop: IAD61-P7
server: AmazonS3

OPTIONS
H2 204 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 300ms
173ms Preflight 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 9ee075ee3bb37859-LIS
date: Sat, 18 Apr 2026 03:07:41 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
272 B 475ms
474ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481661.016608,VS0,VE425
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490049-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 6 KB
2 KB 354ms
353ms XHR
application/json 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/15888/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14432d35700d50f2ebb04d6713966ddc8efdcc212f3b2e211e9bc242783dec01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
X-Braze-TriggersRequest: true
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
X-Braze-Last-Req-Ms-Ago: 7200000
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
X-Braze-Req-Attempt: 1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-ratelimit-reset: 1776481662
access-control-allow-methods: POST, OPTIONS
cf-ray: 9ee075ef4c097859-LIS
x-ratelimit-remaining: 499
x-ratelimit-period: 3
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:41 GMT
x-ratelimit-limit: 500
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare
access-control-allow-headers: *

GET
H2 200 558.js Show response
www.elfcosmetics.com/mobify/bundle/15888/ 8 KB
3 KB 50ms
50ms Script
application/javascript 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/558.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

200cc29c70f51c9974673781a11255e859d436c6976d921220a44cbaae2844c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"94447fff29457f1e9b918ba3f11a3da2"
age: 200007
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 5MOYn5QXNCCdEhgiPmI0JAz2B2g5We6z7Ksa_ikOWNwOrZOJPD1hXg==
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
x-served-by: cache-iad-kiad7000096-IAD, cache-iad-kiad7000096-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 67, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481661.025304,VS0,VE1
via: 1.1 3eb529bb0846d8c00cf9b383bea0278e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 2917
x-amz-cf-pop: IAD61-P7
server: AmazonS3

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
220 B 433ms
431ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481661.115945,VS0,VE382
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490035-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H3

200

src=10742279;dc_pre=CNra8_K19pMDFTYJogMdryQQQw;type=elf8j0;cat=glo_flhp;rcb=1;ord=5984530604143;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmD...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10742279;type=elf8j0;cat=glo_flhp;rcb=1;ord=5984530604143;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACg...
https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CNra8_K19pMDFTYJogMdryQQQw;type=elf8j0;cat=glo_flhp;rcb=1;ord=5984530604143;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgAC...

42 B
63 B

126ms
126ms

Image
image/gif

142.251.110.154
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CNra8_K19pMDFTYJogMdryQQQw;type=elf8j0;cat=glo_flhp;rcb=1;ord=5984530604143;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?

Protocol

Server

142.251.110.154 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bz-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://www.elfcosmetics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 18 Apr 2026 03:07:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ade.googlesyndication.com/ddm/activity/src=10742279;dc_pre=CNra8_K19pMDFTYJogMdryQQQw;type=elf8j0;cat=glo_flhp;rcb=1;ord=5984530604143;gdpr=1;gdpr_consent=CQi298AQi298AAcABBENCbFgAAAAAEPgACiQAAAYsABMNDogjLIgUCBQEIIEACgrCACgQBAAAkDRAQAmDAhyBgAusJkAIAUAAwQAgABBgACAAASABCIAIACAQAgQCBQABgAQBAQAMDAAGACxEAgABAdAxTAggECwASIyqDTAhAASCAlsqEEoGBBXCFIscAggREwUAAAIABQAAID4WAhJKCViQQBcQXQAIAAAAUQIsCKQswBBUGaLQVgScBkaYBk-YJklOgiAJghIyDIhNUEg8UxRCghyA2KWYA6eIKAGXayQh_qBYAAA.YAAACHwAAAAA;npa=1;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Linux;uapv=;uaw=0;pscdl=denied;frm=0;_tu=KFA;gtm=45fe64g0h2v9181663336z8896608294za20gzb896608294zd896608294xea;gcs=G100;gcd=13m3mPm2m5l1;dma_cps=-;dma=1;dc_fmt=8;tcfd=10s5b;tag_exp=0~115938465~115938469~117266400~117384405;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 18 Apr 2026 03:07:41 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/ 11 B
508 B 328ms
328ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/baskets?siteId=elf-us

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
Referer: https://www.elfcosmetics.com/
c_x-pwa-request: true
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: -j2dlVMkZKB31QmSJ3t8tg0gWWUz2BpqCZ7k0EYrGjAX1wl_0rkLsw==
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490028-LIS, cache-lis1490048-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
sfdc_correlation_id: 9ee075ee597def0f
cache-control: no-cache, no-store
pragma: no-cache
x-timer: S1776481661.118617,VS0,VE278
via: 1.1 fe499267d9f75c905d0709dedc658d5c.cloudfront.net (CloudFront), 1.1 varnish
x-ratelimit-remaining: 999
cf-ray: 9ee075ee597def0f-LHR
accept-ranges: bytes
sfdc_load: 1
content-length: 11
dnt: 0
x-ratelimit-limit: 99999
x-amz-cf-pop: LIS50-P2
x-sf-cc-phash: e76b5327e2640ee2
server: cloudflare
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/baskets?siteId=elf-us

GET
H2 200 product-lists Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/ 21 B
605 B 289ms
288ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/product-lists?siteId=elf-us

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaebb4fe87e56e27c8761469abd494cc964f0766c0cd9d616d9bfe2cbd65d224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
Referer: https://www.elfcosmetics.com/
c_x-pwa-request: true
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: HLLUmMJUEIZ6hiG7FNp_GPXtAGOHOxRlLKJe9xspf860rJmuXix9Kw==
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490052-LIS, cache-lis1490048-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
sfdc_correlation_id: 9ee075ee6d25bd9f
cache-control: no-cache, no-store
pragma: no-cache
x-timer: S1776481661.119450,VS0,VE239
via: 1.1 4cfe215d770338885aa5bebc759f4e2e.cloudfront.net (CloudFront), 1.1 varnish
x-ratelimit-remaining: 999
cf-ray: 9ee075ee6d25bd9f-LHR
accept-ranges: bytes
sfdc_load: 1
content-length: 21
dnt: 0
x-ratelimit-limit: 99999
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/product-lists?siteId=elf-us
x-amz-cf-pop: LIS50-P2
server: cloudflare

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 95ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:41 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 95ms
94ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:41 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 heap_config.js Show response
cdn.us.heap-api.com/config/1042782804/ 1 KB
1 KB 400ms
196ms Script
application/javascript 13.35.58.39
Amazon.com

General

Check archive.org

Download Go to

Full URL

https://cdn.us.heap-api.com/config/1042782804/heap_config.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.39 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-58-39.fra60.r.cloudfront.net

Software

nginx / Express

Resource Hash

7315eccdf991b9dcfbc5c8a7f9fd89ea0eea24e00e2e8042eeaac9a6aa5b31b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: W/"523-dmfIkigooadyCnolDTHePp6z038"
age: 2
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: hxN2CXeF9FtiyLFJDYbKh9Me0846PC7b_4AQHi79HFRRg9q1Wj-9eg==
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
cross-origin-resource-policy: cross-origin
via: 1.1 80b00aa2dcc58ca61b2465a37c89fc92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
x-powered-by: Express
server: nginx

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame C4A1 5 KB
3 KB 167ms
66ms Document
text/html 104.18.6.168
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&deviceID=uid_6bd8052b46_mdm6mdc6nde&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.80.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.168 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a07d0c11665d73e677779d2a8f52c31e51cbc30ae937ef5d445ed924f838aa0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-x+ZkDZmeYcqkllw8PVQoWUlvJM+VFAdins1515gtDPc=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers: Server-Timing
age: 85822
cache-control: public, s-maxage=86400, max-age=0
cf-cache-status: HIT
cf-ray: 9ee075ef7e85c6ea-LIS
content-encoding: br
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-x+ZkDZmeYcqkllw8PVQoWUlvJM+VFAdins1515gtDPc=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
correlation-id: c9ed846aa3e01
date: Sat, 18 Apr 2026 03:07:41 GMT
dc: ccg11-origin-www-1.paypal.com
last-modified: Fri, 17 Apr 2026 03:17:19 GMT
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: c9ed846aa3e01
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: cloudflare
server-timing: content-encoding;desc="",x-cdn;desc="cloudflare"
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block

OPTIONS
H2 204 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 375ms
271ms Preflight 104.18.7.168
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.168 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 9ee075f02d564892-LIS
date: Sat, 18 Apr 2026 03:07:41 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: c9ee075f02d56
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: cloudflare
server-timing: content-encoding;desc="",x-cdn;desc="cloudflare"
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding, Origin, Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1 KB
795 B 261ms
259ms XHR
application/json 104.18.7.168
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.168 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd54066685e186c0e7cb6036fc1da5a922c5cc40f4239eedd06338d6948d4db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
accept: application/json
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
content-type: application/json
sec-ch-ua-mobile: ?0

Response headers

paypal-debug-id: c9ee075f1dddf
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"426-JGUAn8KIkTw3s7VJ9EhgelDe0w0"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
server-timing: content-encoding;desc="",x-cdn;desc="cloudflare"
dc: ccg11-origin-www-1.paypal.com
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
cf-ray: 9ee075f1dddf4892-LIS
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin: https://www.elfcosmetics.com
server: cloudflare

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame C4A1 471 KB
115 KB 75ms
75ms Script
application/javascript 104.18.6.168
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&deviceID=uid_6bd8052b46_mdm6mdc6nde&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.80.0&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.168 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f016bafb905d27cb7f4f47f12863b77a610e5b66281ca51d5130db20e8c7b9fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&deviceID=uid_6bd8052b46_mdm6mdc6nde&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.80.0&integrationType=SDK
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: c9eaa610f1ef5
content-encoding: br
cf-cache-status: HIT
etag: W/"1ea52-NP4y3AR74ofyiVg4LEC4PWj0xHQ"
age: 0
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
disable-set-cookie: true
server-timing: content-encoding;desc="",x-cdn;desc="cloudflare"
dc: ccg11-origin-www-1.paypal.com
p3p: true
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ieTaCAKGkbk3J/DX+AKfmr7h1ThO9ux6RT0zTh3yRBUHtU27' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: public, max-age=3600, s-maxage=10800
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cf-ray: 9ee075f01f58c6ea-LIS
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 200 u
dev.visualwebsiteoptimizer.com/events/t/ 0
37 B 139ms
138ms Ping
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/events/t/u?en=gtm.view_promotion&a=1128438&v=cf2c1cfa&_cu=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:40 GMT
content-type: application/javascript; charset=UTF-8
server: gnv01c
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For

POST
H3 200 u
dev.visualwebsiteoptimizer.com/events/t/ 0
37 B 139ms
137ms Ping
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/events/t/u?en=gtm.triggerGroup&a=1128438&v=cf2c1cfa&_cu=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/javascript; charset=UTF-8
server: gnv01c
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For

POST
H2 200 product-lists Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/ 192 B
483 B 540ms
539ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/product-lists?siteId=elf-us

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

36de4ad8aecbd3826f85cfedef42a024a3eadfd5033193bc428b6ca6476bddbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
c_x-pwa-request: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: cFNjwxjSo8XFknm4WQi2qMXkejEdBF0SQkVNw6Z6FGisrT8E9MI-lQ==
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490047-LIS, cache-lis1490048-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
sfdc_correlation_id: 9ee075f08fe6ecff
cache-control: no-cache, no-store
pragma: no-cache
x-timer: S1776481661.460163,VS0,VE488
via: 1.1 98ec7321ae08f779eece6a9f7ecd4414.cloudfront.net (CloudFront), 1.1 varnish
x-ratelimit-remaining: 999
cf-ray: 9ee075f08fe6ecff-LHR
accept-ranges: bytes
sfdc_load: 1
dnt: 0
x-ratelimit-limit: 99999
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/product-lists?siteId=elf-us
x-amz-cf-pop: LIS50-P2
server: cloudflare

POST
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 3 KB
4 KB 311ms
311ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97526a96a76a4a56c741909c8782b83f39f2f171dcdcbaa77445d702c8f2f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
c_x-pwa-request: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-dw-resource-state: fb79bb35b7edbba6e7aeba98c4b51149f3ae03d906499ab5fe725477fb2de744
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
cf-cache-status: DYNAMIC
etag: fb79bb35b7edbba6e7aeba98c4b51149f3ae03d906499ab5fe725477fb2de744
x-dw-request-base-id: SW6A0X314mkBAAB_
x-dw-version-status: obsolete
x-content-type-options: nosniff
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: one0tpUB0ksxR0CLnORB8c9g0Uo7p9IFu8fFHvSpD5MXwHw6PSqWaA==
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490024-LIS, cache-lis1490050-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-timer: S1776481661.461302,VS0,VE261
access-control-allow-credentials: true
via: 1.1 f99550af1fa4a9844f27aebbfee8248c.cloudfront.net (CloudFront), 1.1 varnish
allow: OPTIONS,POST
cf-ray: 9ee075f09d51e913-LHR
accept-ranges: bytes
access-control-allow-origin: https://www.elfcosmetics.com
content-length: 3035
x-amz-cf-pop: LIS50-P2
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets?locale=en-US
server: cloudflare

GET
H2 200 heap.js Show response
cdn.us.heap-api.com/v5/heapjs-static/5.3.10/core/ 327 KB
75 KB 119ms
118ms Script
application/javascript 13.35.58.39
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://cdn.us.heap-api.com/v5/heapjs-static/5.3.10/core/heap.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.39 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-58-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e7a5d1ac225db03f6e1ba92dc8fbfc9d23d2029f69098dbe367424ad6a9fc6

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-cf-pop: FRA60-P10
content-encoding: br
etag: W/"a63b5202061ab8dd3cb1cd609293fcaa"
age: 579
cross-origin-resource-policy: cross-origin
via: 1.1 80b00aa2dcc58ca61b2465a37c89fc92.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: LYzF0us8PXiZQ6_cJGrTyIx63Y3lWOYkyOvH531lEbw_D1LukJhZ4g==
date: Sat, 18 Apr 2026 02:58:03 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: AmazonS3
last-modified: Thu, 12 Mar 2026 17:26:07 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 95ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:41 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame C4A1 40 B
874 B 316ms
316ms Fetch
text/html 104.18.6.168
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_6bd8052b46_mdm6mdc6nde&disableSetCookie=true&features=[object%20Object],native-modal

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.168 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9ed29fe44ac15eae073ed5df98a5658bc4c8f0b18a813eb9fb8152489ce764

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&deviceID=uid_6bd8052b46_mdm6mdc6nde&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.80.0&integrationType=SDK
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: c9ee075f1b9e9
content-encoding: br
cf-cache-status: MISS
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
correlation-id: c9ee075f1b9e9
server-timing: content-encoding;desc="",x-cdn;desc="cloudflare"
dc: ccg11-origin-www-1.paypal.com
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
cache-control: public, s-maxage=86400, max-age=0
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cf-ray: 9ee075f1b9e9c6ea-LIS
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
x-xss-protection: 1; mode=block
server: cloudflare

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 163ms
163ms Preflight 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 9ee075f1dcc87859-LIS
content-encoding: gzip
date: Sat, 18 Apr 2026 03:07:41 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 163ms
163ms Preflight 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 9ee075f1dcc97859-LIS
content-encoding: gzip
date: Sat, 18 Apr 2026 03:07:41 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/banners/ Frame 0
0 169ms
169ms Preflight 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/banners/sync

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 9ee075f1dcca7859-LIS
content-encoding: gzip
date: Sat, 18 Apr 2026 03:07:41 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 85 B
222 B 264ms
263ms XHR
application/json 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/15888/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aaf4c05a65ecc1ecedb09d79a0848ff2f9cf16ba0706e58d81376c654ae5e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
BRAZE-SYNC-RETRY-COUNT: 0
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
X-Braze-DataRequest: true
X-Braze-Last-Req-Ms-Ago: 7200000
sec-ch-ua-mobile: ?0
X-Braze-ContentCardsRequest: true
X-Braze-Req-Attempt: 1
X-Braze-Req-Tokens-Remaining: 29
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age: 7200
x-request-id: d956a7af-879e-4e4a-b0c0-5afb1417757a
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"8aaf4c05a65ecc1ecedb09d79a0848ff"
access-control-allow-methods: POST, GET
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json
vary: Origin,Accept-Encoding
x-runtime: 0.096768
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1776481665
cf-ray: 9ee075f2dd0d7859-LIS
x-ratelimit-remaining: 499.0
access-control-allow-origin: *
x-ratelimit-limit: 500.0
server: cloudflare

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 85 B
339 B 224ms
222ms XHR
application/json 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/15888/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4138c9f1bd4f0de12a416f0bba62ade1108c35ba3b8bc65a9268cf38dc03cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
BRAZE-SYNC-RETRY-COUNT: 0
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
X-Braze-DataRequest: true
X-Braze-Last-Req-Ms-Ago: 1
sec-ch-ua-mobile: ?0
X-Braze-ContentCardsRequest: true
X-Braze-Req-Attempt: 1
X-Braze-Req-Tokens-Remaining: 28
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age: 7200
x-request-id: 723def25-4107-42c7-a58d-88664434fccc
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"e4138c9f1bd4f0de12a416f0bba62ade"
access-control-allow-methods: POST, GET
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json
vary: Origin,Accept-Encoding
x-runtime: 0.056454
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1776481665
cf-ray: 9ee075f2dd0f7859-LIS
x-ratelimit-remaining: 499.0
access-control-allow-origin: *
x-ratelimit-limit: 500.0
server: cloudflare

GET
H2 200 3799.js Show response
www.elfcosmetics.com/mobify/bundle/15888/ 234 B
655 B 51ms
51ms Script
application/javascript 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/bundle/15888/3799.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a10a31cd155800a4744ec4876902cbe967d674a57a4c6930722c04b9b4526c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: "5ec43bbf99d6797017542293b50d9926"
age: 200008
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: na2lk3L4UYHk8z_aWmmiT0hFfM4ia-KVz3rkjEDcr9-kQJYW1Lij7Q==
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 15 Apr 2026 19:33:50 GMT
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000104-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 60, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481662.733910,VS0,VE1
via: 1.1 3eb529bb0846d8c00cf9b383bea0278e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 192
x-amz-cf-pop: IAD61-P7
server: AmazonS3

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/banners/ 102 B
220 B 228ms
228ms XHR
application/json 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/banners/sync

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/15888/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

024443247f452df89d7dad31f864ee3bd33228c19e85b9d04123ffc5e988b4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
X-Braze-Last-Req-Ms-Ago: 7200000
sec-ch-ua-mobile: ?0
X-Braze-Req-Attempt: 1
X-Braze-Req-Tokens-Remaining: 27
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age: 7200
x-request-id: 5ee0dca8-cf6a-4e64-bbb3-52c9a799f084
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"024443247f452df89d7dad31f864ee3b"
access-control-allow-methods: POST, GET
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json
vary: Origin,Accept-Encoding
x-runtime: 0.065132
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1776481665
cf-ray: 9ee075f2ed117859-LIS
x-ratelimit-remaining: 499.0
access-control-allow-origin: *
x-ratelimit-limit: 500.0
server: cloudflare

GET
H2 200 PWA-UpdateSession Show response
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/ 56 B
1001 B 334ms
333ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
c_x-pwa-request: true
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-dw-request-base-id: SW6V0X314mkBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront, MISS, MISS, MISS
x-amz-cf-id: ZNRPX4EldqEwc8oKitrfW1jWEHby3DevKxo9QTCK9kzsK8-OEK-Czw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kcgs7200143-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-timer: S1776481662.774507,VS0,VE284
via: 1.1 1868304b901c3b411b0cd02f39bf4362.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9ee075f2b962e645-IAD
accept-ranges: bytes
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-amz-cf-pop: IAD61-P7
server: cloudflare

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/feature_flags/ Frame 0
0 171ms
171ms Preflight 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/feature_flags/sync

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-featureflagsrequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-req-tokens-remaining,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 9ee075f22cdf7859-LIS
content-encoding: gzip
date: Sat, 18 Apr 2026 03:07:41 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/feature_flags/ 20 B
174 B 230ms
230ms XHR
application/json 104.18.38.107
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/feature_flags/sync

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/mobify/bundle/15888/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.107 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
X-Braze-Last-Req-Ms-Ago: 7200000
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
X-Braze-Req-Attempt: 1
X-Braze-Req-Tokens-Remaining: 26
X-Braze-FeatureFlagsRequest: true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57

Response headers

access-control-max-age: 7200
x-request-id: fa64a314-45c5-4a6b-b9e0-a9da32298afa
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"e92f434a50c76d6e52d0d3cc91cdf185"
access-control-allow-methods: POST, GET
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json
vary: Origin,Accept-Encoding
x-runtime: 0.059947
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1776481665
cf-ray: 9ee075f34d287859-LIS
x-ratelimit-remaining: 499.0
access-control-allow-origin: *
x-ratelimit-limit: 500.0
server: cloudflare

POST logger
www.paypal.com/xoplatform/logger/api/ Frame C4A1 0
0

POST
H2 204 pageview Show response
c.contentsquare.net/ 0
272 B 287ms
93ms XHR
text/plain 34.253.163.93
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://c.contentsquare.net/pageview?cw=2&happid=1042782804&t=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20-%20Cruelty%20Free%20%7C%20e.l.f.%20Cosmetics&ex=&dt=433&pvt=n&la=pt-PT&uc=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dr=&dw=1600&dh=6195&ww=1600&wh=1200&sw=1600&sh=1200&uu=e2b11859-72b3-a96b-da7b-a20fc29f4cff&sn=1&hd=1776481661&v=15.214.2&pid=1926&pn=1&hsid=633056696908635&huu=462255842819731&hpvid=4480522565916562&ct=0
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.163.93 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-163-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:42 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

OPTIONS
H2 200 add_user_properties
c.us.heap-api.com/api/capture/v2/ Frame 0
0 664ms
164ms Preflight
text/html 3.87.234.35
Amazon.com

General

Check archive.org

Download Go to

Full URL

https://c.us.heap-api.com/api/capture/v2/add_user_properties

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.87.234.35 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-87-234-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-tags, x-datadog-trace-id, traceparent, tracestate
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Sat, 18 Apr 2026 03:07:42 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 track
c.us.heap-api.com/api/capture/v2/ Frame 0
0 665ms
165ms Preflight
text/html 3.87.234.35
Amazon.com

General

Check archive.org

Download Go to

Full URL

https://c.us.heap-api.com/api/capture/v2/track

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.87.234.35 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-87-234-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-tags, x-datadog-trace-id, traceparent, tracestate
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Sat, 18 Apr 2026 03:07:42 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 add_user_properties Show response
c.us.heap-api.com/api/capture/v2/ 2 B
379 B 167ms
166ms Fetch
text/plain 3.87.234.35
Amazon.com

General

Check archive.org

Download Go to

Full URL

https://c.us.heap-api.com/api/capture/v2/add_user_properties

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.87.234.35 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-87-234-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/octet-stream
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 2
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-tags, x-datadog-trace-id, traceparent, tracestate

POST
H2 200 track Show response
c.us.heap-api.com/api/capture/v2/ 2 B
379 B 166ms
166ms Fetch
text/plain 3.87.234.35
Amazon.com

General

Check archive.org

Download Go to

Full URL

https://c.us.heap-api.com/api/capture/v2/track

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.87.234.35 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-87-234-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/octet-stream
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 2
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-tags, x-datadog-trace-id, traceparent, tracestate

GET
H2 204 dvar
c.contentsquare.net/ 0
272 B 282ms
94ms Image
text/plain 34.253.163.93
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=15.214.2&pid=1926&pn=1&sn=1&uu=e2b11859-72b3-a96b-da7b-a20fc29f4cff&happid=1042782804&hsid=633056696908635&huu=462255842819731&hpvid=4480522565916562&dv=H4sIAAAAAAAAA6tWcvSLd3eMd87JTM0r8XRRslIyNzAxMzc0NTDUMzQ3NzOxMDQzM1SqBQDJDN%2FUKQAAAA%3D%3D&ct=2&r=170084
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.163.93 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-163-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:42 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

POST
H3 200 u
dev.visualwebsiteoptimizer.com/events/t/ 0
37 B 139ms
138ms Ping
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/events/t/u?en=gtm.detect_user&a=1128438&v=cf2c1cfa&_cu=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:41 GMT
content-type: application/javascript; charset=UTF-8
server: gnv01c
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For

POST
H2 200 product-lists Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/ 186 B
665 B 286ms
285ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/product-lists?siteId=elf-us

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b913f61fc062e92d96b699df1e996355ea62d787ec48daf7252504753d4736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
Referer: https://www.elfcosmetics.com/
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
c_x-pwa-request: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: tCxzz1aHD0E9p5_CyAOPhxIYHlvykhTLJHoFlrQKjq4vj75jLzS4rA==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json;charset=UTF-8
x-served-by: cache-lis1490045-LIS, cache-lis1490048-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
sfdc_customization: HOOK
strict-transport-security: max-age=31557600
sfdc_correlation_id: 9ee075f4495aecff
cache-control: no-cache, no-store
pragma: no-cache
x-timer: S1776481662.062486,VS0,VE235
via: 1.1 fe1efb982e7ecb0bef923383a3d937fc.cloudfront.net (CloudFront), 1.1 varnish
x-ratelimit-remaining: 999
cf-ray: 9ee075f4495aecff-LHR
accept-ranges: bytes
sfdc_load: 1
dnt: 0
x-ratelimit-limit: 99999
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/abwulKwrIUluoRlegZxaYYkbFI/product-lists?siteId=elf-us
x-amz-cf-pop: LIS50-P2
server: cloudflare

POST
H2 200 shoppercontext Show response
www.elfcosmetics.com/api/v1/ 154 B
688 B 783ms
782ms Fetch
application/json 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us&method=PATCH

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

CloudFront /

Resource Hash

67e784a3cb92b7d1a9a3190efafb64718e1aced1d1cd5e7a37023b6258f4af4e

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJjNWRiNGJiMC03YTNhLTQwMWUtODMzMi05YmQwNjc3MjBiMzQiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOmFjZmE5MDVkLTRiNWQtNDA4ZC04ZDRhLWRkYjZiODdhNmUzZCIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImRudCI6IjAiLCJhdWQiOiJjb21tZXJjZWNsb3VkL3Byb2QvYmJ4Y19wcmQiLCJuYmYiOjE3NzY0ODE2MjksInN0eSI6IlVzZXIiLCJpc2IiOiJ1aWRvOnNsYXM6OnVwbjpHdWVzdDo6dWlkbjpHdWVzdCBVc2VyOjpnY2lkOmFid3VsS3dySVVsdW9SbGVnWnhhWVlrYkZJOjpjaGlkOmVsZi11cyIsImV4cCI6MTc3NjQ4MzQ1OSwiaWF0IjoxNzc2NDgxNjU5LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDMzNzY1ODM2NDUyNjg1MzAyIn0.aTw3x-wjAxZm6zDX_NhI7BnnCJNc_lWnrN3wD_vMX16IeF3HoBTslprFFY8hzAn5KURUSIx18PTiEFzgdu2-Fw
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

x-amzn-remapped-content-length: 154
x-amzn-remapped-connection: keep-alive
etag: W/"9a-mOh4rafxy7tMVRCGYqs6BKf/rNY"
x-amzn-requestid: 87a0f721-0701-48b8-b614-85a8600694be
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: S49wRAspdumRCML-f0w_E0kJV3bdiS7gcZQiQsOeTpwcoX2TlbquQA==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lis1490052-LIS, cache-lis1490050-LIS
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-security-policy
x-amz-apigw-id: b_tLzER-iYcErpw=
x-amzn-remapped-date: Sat, 18 Apr 2026 03:07:42 GMT
x-timer: S1776481662.178044,VS0,VE732
x-amzn-trace-id: Root=1-69e2f57e-283f0a89096af57f217fb083;Parent=36c86318ee8c283f;Sampled=0;Lineage=1:2b75b0e9:0
via: 1.1 5eaf2d59cfe709772e71a72f64052d16.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges: bytes
content-length: 154
x-amz-cf-pop: LIS50-P2
server: CloudFront

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
288 B 228ms
225ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.524174,VS0,VE175
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490035-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:42 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 newShadeSticker
elfcosmetics.a.bigcontent.io/v1/static/ 1 KB
1 KB 120ms
117ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/newShadeSticker?%24Desktop%24=&fmt=auto&w=60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 4c2d5e77b693423f53d63e06621fb78cca1ea710ee7123c2f8f62cadf9f6e111

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 757
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 bestsellerSticker
elfcosmetics.a.bigcontent.io/v1/static/ 4 KB
2 KB 122ms
120ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/bestsellerSticker?%24Desktop%24=&fmt=auto&w=60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: c9d66f00f9eb1dbe8b78c0e99e5fd72926d293621df552e9b0d79dfeda7251d1

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1543
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 newDropSticker
elfcosmetics.a.bigcontent.io/v1/static/ 4 KB
2 KB 112ms
110ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/newDropSticker?%24Desktop%24=&fmt=auto&w=60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: c965bf460bed07bfe8febaa8ee97ad37068554142f03296266a246c30fb891fa

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1639
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 holyGrailSticker
elfcosmetics.a.bigcontent.io/v1/static/ 4 KB
2 KB 98ms
95ms Image
image/svg+xml 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/holyGrailSticker?%24Desktop%24=&fmt=auto&w=60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: dcce7811dfa55ed267efacadbc20f0116dea9f266a71332ac6b4f8ccc7666c3c

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=1800, s-maxage=86400
content-encoding: gzip
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1841
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amp-srv: A
content-type: image/svg+xml
vary: Accept-Encoding
server: Unknown
x-amz-server-side-encryption: AES256

GET
H2 200 83473_OpenA_V2_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb1a969cc/2026/GlowReviverMeltiingLipBalm_PinaColada/ 7 KB
7 KB 53ms
51ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb1a969cc/2026/GlowReviverMeltiingLipBalm_PinaColada/83473_OpenA_V2_R.jpg?sh=800&sw=800&strip=false&sfrm=png&q=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5aac76e266c4d71682cf4c030b0cc1caa5c340b6539e3fca094602f9ea56366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=38139 idim=800x800 ifmt=jpeg ofsz=6923 odim=800x800 ofmt=avif
cf-cache-status: MISS
etag: "MVZ4v98AUF/6SgGDcHPAtTUXi3LhnR8VELqtHCU+eYI"
age: 924434
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: Nuq682i6xK5kIIVxf2phyC3Bzv1NPjsAuRdqq32r-YaBDcXfzkW8wg==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sfrm=png&sw=800&sh=800&q=90&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Tue, 04 May 2027 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 1, 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-iad-kcgs7200091-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-timer: S1776481663.559185,VS0,VE1
via: 1.1 27a4997d1b1129dbb965ca80a491e18e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9e684fddaac6c92e-IAD
accept-ranges: bytes
content-length: 6923
fastly-io-served-by: img01-us-east4
fastly-io-transform-stats: ifsz=38139 ofsz=6923 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 81514_Closed_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw53746d41/2024/SuntouchableUpdatedAssets_US/AllSetForSun/ 11 KB
11 KB 65ms
63ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw53746d41/2024/SuntouchableUpdatedAssets_US/AllSetForSun/81514_Closed_R.jpg?sh=800&sw=800&strip=false&sfrm=png&q=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92412e105e4f03a1b6a533ff509726e67101d16593e82a45488e8daa864cd22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=32899 idim=800x800 ifmt=jpeg ofsz=10941 odim=800x800 ofmt=avif
cf-cache-status: MISS
etag: "waxEFgaoCT80JJ02KM/HSlgRu0WlU4CL2UA7ND5ViFA"
age: 1842126
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: Y4rwgvLQM67crv3wQ0nmZoUnRwgGvE3osoyrIzzq-yti_z_4VCPk3Q==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sfrm=png&sw=800&sh=800&q=90&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Sun, 31 May 2026 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 395, 0
x-served-by: cache-iad-kiad7000130-IAD, cache-iad-kiad7000152-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-timer: S1776481663.571466,VS0,VE1
via: 1.1 5e868b55b502623cfa1c1fa31e1c91c8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9d21142e7de281ab-IAD
accept-ranges: bytes
content-length: 10941
fastly-io-served-by: vpop-kiad7010246
fastly-io-transform-stats: ifsz=32899 ofsz=10941 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 82321_OpenA_v3_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwad1593a5/2025/SheerForItBlushTint/ 11 KB
12 KB 65ms
63ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwad1593a5/2025/SheerForItBlushTint/82321_OpenA_v3_R.jpg?sh=800&sw=800&strip=false&sfrm=png&q=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

281161e72d905589d624deb7aa8651ae082e881a7920651ee3d5f9498ed35d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=44059 idim=800x800 ifmt=jpeg ofsz=11227 odim=800x800 ofmt=avif
cf-bgj: h2pri
cf-cache-status: HIT
etag: "1CPjQCuiEbI06Kx/6/f9SfnJj5xtBB11rG6L2HP2cG8"
age: 1548892
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: KAN6ANMJ7PxtBNSznTY-30wcS9W_4tFITU2fdfYPv0FHD84zomOX-w==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sfrm=png&sw=800&sh=800&q=90&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Sat, 13 Jun 2026 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 1335, 0
x-served-by: cache-iad-kiad7000159-IAD, cache-iad-kcgs7200050-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-timer: S1776481663.571758,VS0,VE1
via: 1.1 d01a0cfc47d6e412dd81c986ff5d69da.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 969a21305d06883c-IAD
accept-ranges: bytes
content-length: 11227
fastly-io-served-by: vpop-kiad7010228
x-amz-cf-pop: IAD50-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 84759_Open_A_V9_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw06838b04/2024/PowerGripDewySettingSpray/ 16 KB
17 KB 67ms
66ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw06838b04/2024/PowerGripDewySettingSpray/84759_Open_A_V9_R.jpg?sh=800&sw=800&strip=false&sfrm=png&q=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdaf4192799c0e9e9c7c981adefced4a861e82d7f7cdf0076475aa8e858efc01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=56868 idim=800x800 ifmt=jpeg ofsz=16463 odim=800x800 ofmt=avif
cf-cache-status: MISS
etag: "7wNzvUX5H8beeNHk3Y+OdnSRaT2CshlRSG9/e5ZX9Jc"
age: 242759
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: o2sfsgPgzsRs3iuBMuUY2RblvgKb-Xu7-zCt1hf3Qr1UpbShF1vFAA==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sfrm=png&sw=800&sh=800&q=90&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Sun, 31 May 2026 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 602, 0
x-served-by: cache-iad-kiad7000160-IAD, cache-iad-kjyo7100067-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-timer: S1776481663.571748,VS0,VE1
via: 1.1 0dc812a83c1e947b351f1eb1761c3c94.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9cd5320f3e6a0631-IAD
accept-ranges: bytes
content-length: 16463
fastly-io-served-by: vpop-kiad7010247
fastly-io-transform-stats: ifsz=56868 ofsz=16463 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 57011_InPack_R.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw33303451/2025/BestObsessedSkinKit/ 43 KB
43 KB 68ms
66ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw33303451/2025/BestObsessedSkinKit/57011_InPack_R.jpg?sh=800&sw=800&strip=false&sfrm=png&q=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

869a067b80a28a5f754d3ecbd784ef658e0656ab949cc9cbdac34f4dfff3ecf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=112277 idim=800x800 ifmt=jpeg ofsz=43631 odim=800x800 ofmt=avif
cf-bgj: h2pri
cf-cache-status: HIT
etag: "hMVHFMvID37fKd3WuKUIytDSx45JzD0RYkv/Va3AzWo"
age: 146356
x-amzn-requestid: 296c3cc0-1498-4408-9da6-7bf552cefbba
fastly-io-stats: ifsz=112277 ofsz=43631 ofmt=avif
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: Fbi36oiFytRDvS8plNX0JdLupW2wAop_xKq2_CaEN4aMFdJWY64XRA==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200078-IAD, cache-iad-kcgs7200066-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 6381, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: SKuwyEx2oAMEbTw=
x-timer: S1776481663.572544,VS0,VE1
x-amzn-trace-id: Root=1-68e75e6b-29df04fd2e4e24ba4aa15081;Parent=2f5b8568c206f4bf;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 14d757a67b913f1bc93427e69819362c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 98f5c898bd6de6e8-IAD
accept-ranges: bytes
content-length: 43631
fastly-io-served-by: vpop-kiad7010213
x-amz-cf-pop: IAD89-C1
server: cloudflare

GET
H2 200 HaloGlowSkinTint_84504.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw67090a29/2025/HaloGlowSkinTintSPF50/Fair/ 8 KB
8 KB 67ms
65ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw67090a29/2025/HaloGlowSkinTintSPF50/Fair/HaloGlowSkinTint_84504.jpg?sh=800&sw=800&strip=false&sfrm=png&q=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fbc8b039846e2416f8a9f2c3a08d3f3cf28d6e851782fbf06ec5ddb8d2c8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=35681 idim=800x800 ifmt=jpeg ofsz=7707 odim=800x800 ofmt=avif
cf-cache-status: MISS
etag: "zoccIsl6hvBp+bkvS9LBNEhvHx5Rf/9bfMOZokRpLQw"
age: 754897
x-amzn-requestid: 295e852b-63d4-4ed9-b001-46cb42055e04
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: ox-BQgnNslZZJAH9hXl-khP0SaloGG4GVIRbehO3H-B1_IrfYfGUIw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kjyo7100104-IAD, cache-iad-kjyo7100042-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 85, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: YiCZRHHJIAMEOtA=
x-timer: S1776481663.572660,VS0,VE1
x-amzn-trace-id: Root=1-698a4aa1-4d4a2ed03d9c83137bf5a6e4;Parent=7b5a084c07a63a2c;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 765a089d25646573f5b6aeee00cc8876.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9cb64a0f3f033940-IAD
accept-ranges: bytes
content-length: 7707
fastly-io-served-by: vpop-kiad7010210
fastly-io-transform-stats: ifsz=35681 ofsz=7707 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare

GET
H2 200 57520_Rose%20Gold.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwad9ab291/2026/Bronzing_Drops_PDP_Update/ 17 KB
17 KB 101ms
100ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwad9ab291/2026/Bronzing_Drops_PDP_Update/57520_Rose%20Gold.jpg?sh=800&sw=800&strip=false&q=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

85801f5037331e280f2fb90a3f5e9e54c01e4b659d2d552fbb556f24320d3970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=51535 idim=800x800 ifmt=jpeg ofsz=16900 odim=800x800 ofmt=avif
cf-cache-status: MISS
etag: "isGvyzOn0GpwqJv9dafCVx7/2YNL4PM6/9KPScKsyHs"
age: 645785
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: gfyWlodgHSJH7psSUQF2v3dJjaOLDC4FBUaxvTkuxULgwGkIY6UJ3w==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sw=800&sh=800&q=90&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Tue, 20 Apr 2027 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 20, 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-iad-kcgs7200177-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-timer: S1776481663.607774,VS0,VE1
via: 1.1 2791c87775059ed7f42e5c34cfade8d4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9e50526caf5fdb3c-IAD
accept-ranges: bytes
content-length: 16900
fastly-io-served-by: vpop-kiad7010251
fastly-io-transform-stats: ifsz=51535 ofsz=16900 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 83472_E59C9C_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwf56b8464/2026/GlowReviverMeltingLipBalm_BigDill/GlowReviverMeltingLipBalm_PinkLemonade/ 299 B
915 B 91ms
87ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwf56b8464/2026/GlowReviverMeltingLipBalm_BigDill/GlowReviverMeltingLipBalm_PinkLemonade/83472_E59C9C_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4387385e404bd0dcf288efa1c93dbde0592f8b89220bf584c7787e4d15f1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=19631 idim=12x12 ifmt=jpeg ofsz=299 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "asqLYZV5GuuBsC7E+lmH15wQiBOQw2CO0icJ9Ahia/4"
age: 131823
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: LhvchOie-RJo8669wx9QI5oFAGA5qpnqo6G1UdY7bQRxvqPyYeEYcQ==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sw=12&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Tue, 04 May 2027 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 31, 0
x-served-by: cache-iad-kiad7000090-IAD, cache-iad-kiad7000078-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-timer: S1776481663.608010,VS0,VE1
via: 1.1 6f990c126ed1cb8a4cfc1686dbe736e8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9e6630d79845c942-IAD
accept-ranges: bytes
content-length: 299
fastly-io-served-by: vpop-kiad7010250
fastly-io-transform-stats: ifsz=19631 ofsz=299 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 83473_E8E3DA_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwef189183/2026/GlowReviverMeltiingLipBalm_PinaColada/ 297 B
949 B 89ms
85ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwef189183/2026/GlowReviverMeltiingLipBalm_PinaColada/83473_E8E3DA_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f53e3842fe9279396759fc2ed5fdef7bc0a9ec61e564dd7b4357db19187600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=19655 idim=12x12 ifmt=jpeg ofsz=297 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "AQp+QZI6RsZ4AV59nRDTPyc5rMk1PqFxc22IVCR8yI0"
age: 825456
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: jzzIRaHbuhkkQuW5yh5aFUNQXaSVAFGqMD6W0Z2SSxPQOiDFCmD6QQ==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sw=12&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Tue, 04 May 2027 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 29, 712
x-served-by: cache-iad-kcgs7200149-IAD, cache-iad-kcgs7200040-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-timer: S1776481663.607996,VS0,VE1
via: 1.1 4d312fa9950971c88054a0fc2536913e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9e6630d79c2a5f12-IAD
accept-ranges: bytes
content-length: 297
fastly-io-served-by: vpop-kiad7010217
fastly-io-transform-stats: ifsz=19655 ofsz=297 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 85274_9BCACC_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw81fc7186/2026/GlowReviverMeltingLipBalm_BlueSlushy/ 299 B
719 B 102ms
98ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw81fc7186/2026/GlowReviverMeltingLipBalm_BlueSlushy/85274_9BCACC_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ff052568e9fa47cb41d15b270554b9eefa2d53c318f784803754c251fdb9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=19557 idim=12x12 ifmt=jpeg ofsz=299 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "qnbhYf5w2zZpjC8PfPeez0yxkNa3b0Q8lK2mNMWt1l8"
age: 819329
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 0vkwXiwTIUkJbXWkgSVf-xfFGJnt2tEao1Au7lsFtSCuu0CJNSriVg==
date: Sat, 18 Apr 2026 03:07:42 GMT
x-amz-meta-cleanquerystring: sw=12&strip=false
content-type: image/avif
x-amz-expiration: expiry-date="Tue, 04 May 2027 00:00:00 GMT", rule-id="transform_cache_ttl"
x-cache-hits: 0, 29, 0
x-served-by: cache-iad-kjyo7100081-IAD, cache-iad-kcgs7200176-IAD, cache-lis1490050-LIS
fastly-stats: io=1
vary: Accept
strict-transport-security: max-age=31557600
cache-control: public, max-age=2591975
x-timer: S1776481663.620059,VS0,VE1
via: 1.1 6f990c126ed1cb8a4cfc1686dbe736e8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9e6630d7aa81af04-IAD
accept-ranges: bytes
content-length: 299
fastly-io-served-by: img04-us-east4
fastly-io-transform-stats: ifsz=19557 ofsz=299 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 83399_F5746F_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwfdb5d171/2026/GlowReviverMeltingLipBalm/Sherbet_Punch/ 300 B
918 B 103ms
99ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwfdb5d171/2026/GlowReviverMeltingLipBalm/Sherbet_Punch/83399_F5746F_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6aa997b74e7735353f9b0a5fb708392f384c5b56fcd96752c51f94fc141f568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=25381 idim=12x12 ifmt=jpeg ofsz=300 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "n38HhXCUqipOe+Xuk3jxFpNHphZPmhwnb5kzlK+mQ8A"
age: 734635
x-amzn-requestid: 48c10058-be80-4e4d-8f04-f20df29f0466
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: _2oj0LCb7ru_hZb1F8DsG0l0BOgYIshMI0c2vYbBUCk8tR68C8ceSQ==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200021-IAD, cache-iad-kiad7000082-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 53, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2591974
x-amz-apigw-id: aE6FYFhnoAMER9A=
x-timer: S1776481663.620052,VS0,VE2
x-amzn-trace-id: Root=1-69b1d6ee-5021527e1911fb982f1b638d;Parent=1d53bae5e6550be9;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 4647dc1c8001fa9f311935bafe4ec8c2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 9dad76f47b30f2e9-IAD
accept-ranges: bytes
content-length: 300
fastly-io-served-by: vpop-kiad7010212
fastly-io-transform-stats: ifsz=25381 ofsz=300 ofmt=avif
x-amz-cf-pop: IAD61-P12
server: cloudflare

GET
H2 200 83416_efeae1_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwcf8b6667/2025/GlowReviverMeltingLipBalm/83416/ 298 B
882 B 105ms
102ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwcf8b6667/2025/GlowReviverMeltingLipBalm/83416/83416_efeae1_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b2b5462ed1d52f5454ad3c47053ae2b07406c3d95be576152d0c3d0b56a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=21230 idim=12x12 ifmt=jpeg ofsz=298 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "DnHjV0IMH5+KjjeDLc0ixQXK819w0BF4EqIbNuxnzY8"
age: 642793
x-amzn-requestid: e4346b6a-91eb-4548-a93d-a43122544b34
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: VI_g7Y3JR6mCZ_I57qwsHKfcxvRgH6yUQCgBwU5sJvlxQs3vYFOJtA==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kjyo7100062-IAD, cache-iad-kcgs7200153-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 64, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: QBWwMHSfoAMEhiw=
x-timer: S1776481663.620897,VS0,VE2
x-amzn-trace-id: Root=1-68b06b34-3e69740c166b094577c98537;Parent=5bac2276c6ab46b3;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 976495a46dc505cc-IAD
accept-ranges: bytes
content-length: 298
fastly-io-served-by: vpop-kiad7010226
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 82484_8d5c4b_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw57986785/2025/GlowReviverMeltingLipBalm/ 309 B
857 B 105ms
101ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw57986785/2025/GlowReviverMeltingLipBalm/82484_8d5c4b_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0011ba291cb19430eb79f6b18134e022a7ca5ea02e64f621e5afa4748a12cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=21461 idim=12x12 ifmt=jpeg ofsz=309 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "bdah7fDd+DM3VqTyGQQ2j57fL1h9pu9aWxq5BkTUafk"
age: 148171
x-amzn-requestid: 94a8e2dc-2523-41e1-b95e-23bc52d069fb
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: lVWlQauNpohWqKOOL1ffPIj4wIRf2x0wZ7FkVRf9f-X0zF_xeL-osQ==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200057-IAD, cache-iad-kcgs7200062-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 58, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: J2ehSEHeoAMEZGg=
x-timer: S1776481663.620881,VS0,VE2
x-amzn-trace-id: Root=1-681277a1-3b4e510a2e7031a6008dde90;Parent=07026a1744f83511;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 7fc4d53a17d950b206cd9fccf1108b8a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 938963503b7b0587-IAD
accept-ranges: bytes
content-length: 309
fastly-io-served-by: img04-us-east4
x-amz-cf-pop: IAD89-C1
server: cloudflare

GET
H2 200 82321_d0530d_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwde002a8d/2025/SheerForItBlushTint/ 309 B
917 B 102ms
99ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwde002a8d/2025/SheerForItBlushTint/82321_d0530d_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ceb3d4f6754594ff2ff8ee01adb110071fc2871a6d744483eeb1ce2e9f1017f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=18487 idim=12x12 ifmt=jpeg ofsz=309 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "Nq8tXf7i4sURTiQVaLkxJEn+2rBr/N8NyZ9g/PeG7aA"
age: 1281408
x-amzn-requestid: 366f954e-a95c-4ab2-9c06-568246d5ebee
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 4cAcxsP6g3E8k_95YUuH1XpgUoHmcTQG2229rQ7i8pY2lhEVR1PMBw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kiad7000143-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 29, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: Kg22DFWiIAMEEdA=
x-timer: S1776481663.620428,VS0,VE1
x-amzn-trace-id: Root=1-68236b59-108c1f1e584d67752a2bf608;Parent=471941f519c251e9;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 966a4e45512437c14125c564c492a2d6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 93f3568f0bd8d6b3-IAD
accept-ranges: bytes
content-length: 309
fastly-io-served-by: vpop-kiad7010230
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 82322_ba1d3d_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdad14ff8/2025/SheerForItBlushTint/ 310 B
890 B 104ms
101ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdad14ff8/2025/SheerForItBlushTint/82322_ba1d3d_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e632b86bd240056b9025433d23c071b3a8d6d76e10ae5a1099348d4128223b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=19868 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "PAW7UiHdnzt0AF4Fbyxr3la2ujdO3MnLGlBs04H9Qr4"
age: 574413
x-amzn-requestid: 2a89216c-1905-426d-9fe5-47c4fed8f671
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 4i3HXbmoy2PbiMfR2lnOOofPatH-R0byQe4zDOEMUPPCojAEU7yMKw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kiad7000169-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 29, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: Kg22DFX-oAMEuww=
x-timer: S1776481663.620414,VS0,VE2
x-amzn-trace-id: Root=1-68236b59-2c517a120f8abdb1736e2191;Parent=350f50482280b4bc;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 93f3568efe49dda7-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010249
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 82323_650321_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe955013d/2025/SheerForItBlushTint/ 309 B
850 B 105ms
102ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe955013d/2025/SheerForItBlushTint/82323_650321_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3184b17e0ac2ab24c13b960d66af0dc56444bbaff3c7f2e494b7cb1d49aaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=18478 idim=12x12 ifmt=jpeg ofsz=309 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "4bTvJRXFcrpFrE4Od39gmSZvHoi54JVHXc9VtCF0tmY"
age: 1604760
x-amzn-requestid: 0b2b3dcf-6943-41be-abb8-49799263f55c
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: TLJzytU_uNLovGcfZVzL5fY5ziyko7hMVOQ6--6Qv_No-ozXI6KGUw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kjyo7100178-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 29, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: Kg22DENboAMEIew=
x-timer: S1776481663.621073,VS0,VE1
x-amzn-trace-id: Root=1-68236b59-790a868f0e3f70cc4f287351;Parent=411e27366fc4e624;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 d5710f445906ae917df909d01c495c9e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 93f3568f1b633b7a-IAD
accept-ranges: bytes
content-length: 309
fastly-io-served-by: img18-us-east4
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 82324_5d1810_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6526157a/2025/SheerForItBlushTint/ 310 B
903 B 106ms
104ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6526157a/2025/SheerForItBlushTint/82324_5d1810_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdbc461c216f26163d5028fdb38de52d98776eb67e2e2fdea14fa92f2829bb93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=20182 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "BLPYTTA487ONk1qMPucxNP9ixW3mGFEyWN3T1juA6ww"
age: 1372611
x-amzn-requestid: bddfbe13-91f2-4b77-934b-9c530ea0029d
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: aiOw8FxrV8YiuGAQ9PkN4aBQKJWc5wfzCap_JJzNAMjagBvOF8r_og==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200157-IAD, cache-iad-kcgs7200160-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 28035, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: Kg22DE_-oAMEEOA=
x-timer: S1776481663.621984,VS0,VE1
x-amzn-trace-id: Root=1-68236b59-755a2cad056862d41900d1a2;Parent=5c7cb7cd57c9efb3;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 6a615842cf9e2c637f2872ee9b70eb72.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 93f3568efafdd6b8-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010228
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 82320_ab0205_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7647dadb/2025/SheerForItBlushTint/ 310 B
914 B 105ms
103ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7647dadb/2025/SheerForItBlushTint/82320_ab0205_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bad5eb5a8b5245cfc805ecca6843f8563ab787274f825505c3afc7d4a0f2c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=18481 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "GWTKih22MvNPrBJAdmJ69IoIaEQf1KOyQq7Uk5wZOA8"
age: 215938
x-amzn-requestid: e1394278-44d9-4050-a734-31ca45301dcf
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: nRn0H0PYH1rRZL0gZxXW6UbN6qyfXeQMQwIq1BRejQfUDyWsQWPbPg==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200024-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 10677, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: Kg22DHkYoAMEJhw=
x-timer: S1776481663.621984,VS0,VE1
x-amzn-trace-id: Root=1-68236b59-3f7f7bf53d1ac57f2a47a41a;Parent=0334c246aabed13f;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 65e185f36e65abff9322e261be3491d4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 93f3568efb18ef60-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010210
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 84504_e7caa8_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdede3573/2025/HaloGlowSkinTintSPF50/Fair/ 310 B
896 B 104ms
102ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdede3573/2025/HaloGlowSkinTintSPF50/Fair/84504_e7caa8_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47ec1392c26d9aedda32440be09c3e4ea826c0ecb587980e300fd28e65742eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=20900 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "ufQmUaAVsCvXinYXfKudWcxtt5818mZ0K9o7tjfrEPo"
age: 738133
x-amzn-requestid: 61bcc826-b7c5-4984-b0f5-7ed764dcdd68
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: _S8xg3xf2SRqugxoTqdUyPtYb-cbxvs6nz1j3eJMh-KonBxHcMDf_A==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kiad7000102-IAD, cache-iad-kiad7000077-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 103, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: LeQTtH3vIAMEsEA=
x-timer: S1776481663.621610,VS0,VE1
x-amzn-trace-id: Root=1-683bfa7d-3615b4dc2736caae06a17aa6;Parent=7d05fd756dbcde43;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 948cd5318ff38b3e-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: img10-us-east4
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 84505_e8d1b0_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3ae1ec01/2025/HaloGlowSkinTintSPF50/Fair/ 310 B
845 B 105ms
102ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3ae1ec01/2025/HaloGlowSkinTintSPF50/Fair/84505_e8d1b0_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa487e5d651f21c3e384caa6f25d9bc85543c16d6904ddcad1fd31dad596bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=21953 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "Jg9b0wdGCaWPyR3XyX3SsI6fiqBp+QQda2fvIgzAwpQ"
age: 1336973
x-amzn-requestid: 724d8078-98b1-48cc-bc8e-d490131f5331
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: 2o3xQbE51iVj-pVKY1q8SBzqzLK31sEZMz3prWht7PKQghRI7vABRw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kiad7000169-IAD, cache-iad-kjyo7100130-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 103, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: LeQTtFDYIAMEO-g=
x-timer: S1776481663.621513,VS0,VE1
x-amzn-trace-id: Root=1-683bfa7d-792cb7533dcb869516216401;Parent=717bf946c49e8737;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 0f954bea3b233fb0b6e1981b1e8b6bd8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 948cd531894ee5f3-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010217
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 84506_eacab5_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwf6caf3cd/2025/HaloGlowSkinTintSPF50/Fair/ 310 B
850 B 105ms
103ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwf6caf3cd/2025/HaloGlowSkinTintSPF50/Fair/84506_eacab5_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

626c24aed63d53de18ec8069407e2521389cf4b6de96de30ac3eae72401b5dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=22277 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "nzAHJii4BFTsrn3PgqEcwbiKnpqa8wLul0+QtKPvqwA"
age: 827468
x-amzn-requestid: e8931698-fa77-4b31-8140-395ba34409f6
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: JMPN4FcjzHpAkjTi42g5k4rehpWEegz9lldy4RWig7pD5V7qyUTLcw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200073-IAD, cache-iad-kcgs7200048-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 104, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: LeQTtE4YIAMEm_A=
x-timer: S1776481663.622057,VS0,VE1
x-amzn-trace-id: Root=1-683bfa7d-7c55fde922c1f9b030afaa27;Parent=3660ec825b3f1877;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 ec8b1bfbf511818c606f196b49f871e2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 948cd5319c8dc5a6-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010215
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 84507_e5c7a1_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5626ba19/2025/HaloGlowSkinTintSPF50/Light/ 310 B
859 B 136ms
133ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5626ba19/2025/HaloGlowSkinTintSPF50/Light/84507_e5c7a1_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27aaed09e4ea75ef788da6985315ff5cbc960c99bdab0bfacbf245814698ed8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=20582 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "DkdwJSCVGqLp/05d28dU7IgCPswW2LVSy3y/wfERoHo"
age: 1287621
x-amzn-requestid: 10111e5c-1752-421b-a157-abe46a4febf6
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: S80GbEfyNEzHIM-rgJ4zf3B_RCrwts_MHeNoBbxc88zwgggrQmnsSQ==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kiad7000065-IAD, cache-iad-kcgs7200088-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 105, 18
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: LeQTuFmYoAMEZ_A=
x-timer: S1776481663.656515,VS0,VE1
x-amzn-trace-id: Root=1-683bfa7d-4550e86b5dc8beaf7bfd012c;Parent=588c82ff616f0ecb;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 fbcfedc2e9be11ab7daeb3c7d2230356.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 948cd5319a69cc13-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010215
x-amz-cf-pop: ORD56-P12
server: cloudflare

GET
H2 200 84508_d7b685_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw20b7887e/2025/HaloGlowSkinTintSPF50/Light/ 310 B
892 B 136ms
134ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw20b7887e/2025/HaloGlowSkinTintSPF50/Light/84508_d7b685_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

389e5f07a367908452332adac30ba85dfa78544375620edf1dfd1a80cdaf5a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=19892 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "JLymDlMo+XkAkrCm5IHb9Hzu+kPFM/a8Ge4FIXrLARk"
age: 823389
x-amzn-requestid: 6bbbf8ff-1ca1-4d06-a783-88ea7a159c00
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: _yYSAGLIFb7ddYQ6P3ml62BIU-Au9VOY8Wqt2gGGY5N0dOa-P9EcOg==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kcgs7200156-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 103, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: LeQTuGydIAMEaeQ=
x-timer: S1776481663.656502,VS0,VE1
x-amzn-trace-id: Root=1-683bfa7d-162efb195811c7b900fc69ae;Parent=43c45361be0ff8a2;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 22512dca1de1fae848b2509fed0309aa.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 948cd5319c8b07b6-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010249
x-amz-cf-pop: IAD50-C2
server: cloudflare

GET
H2 200 84509_d9af8d_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw666b9e8f/2025/HaloGlowSkinTintSPF50/Light/ 310 B
862 B 136ms
134ms Image
image/avif 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL

https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw666b9e8f/2025/HaloGlowSkinTintSPF50/Light/84509_d9af8d_tile.jpg?sw=12&strip=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8796bb53ed458cbcaaa037e4e3c500f713ff03fd43aaa8015ef2cafc1879dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

fastly-io-info: ifsz=19868 idim=12x12 ifmt=jpeg ofsz=310 odim=12x12 ofmt=avif
cf-cache-status: MISS
etag: "ULJ0dzW3oCsOmnJAFiXNeHwCyXCJtQTOKryYaj6Xi4M"
age: 748758
x-amzn-requestid: 1c687375-f3d0-4eee-ba89-8d492c9bff43
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: Yfo9wXhXVPlpf_F092oGRkK3Jzuqs69Bi603E5Qkst-bVosHjLe6iw==
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: image/avif
x-served-by: cache-iad-kjyo7100058-IAD, cache-iad-kcgs7200078-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 105, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: public, max-age=2592000
x-amz-apigw-id: LeQTuGXWIAMEb_w=
x-timer: S1776481663.656655,VS0,VE1
x-amzn-trace-id: Root=1-683bfa7d-323861592f64750a457840e1;Parent=4feef41d0fb90562;Sampled=0;Lineage=1:36621fcf:0
via: 1.1 eb47372c5b2aa60ec2c49e0be0d5fb34.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
cf-ray: 948cd5319b6938f9-IAD
accept-ranges: bytes
content-length: 310
fastly-io-served-by: vpop-kiad7010247
x-amz-cf-pop: ORD56-P12
server: cloudflare

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
211 B 439ms
436ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.680489,VS0,VE386
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490035-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
182 B 436ms
435ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.778387,VS0,VE385
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490035-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 95ms
94ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:42 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
96ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:42 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
229 B 438ms
437ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.895825,VS0,VE387
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490047-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 95ms
94ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:42 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
296 B 420ms
419ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.003712,VS0,VE368
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490025-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 95ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:43 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
215 B 438ms
436ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.128943,VS0,VE386
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490028-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 175ms
174ms XHR
application/json 34.120.250.63
Google LLC

General

Check archive.org

Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.250.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 63.250.120.34.bc.googleusercontent.com
Software: /
Resource Hash: b01aa775e576ca9ba60429bb5263e6ea0c241a3e6fdd3ba526b0001cef4db77f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Sat, 18 Apr 2026 03:07:42 GMT
content-type: application/json; charset=utf-8

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 20 KB
6 KB 235ms
61ms Script
application/javascript 34.95.94.110
Google LLC

General

Check archive.org

Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.94.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 110.94.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 34c289d36c4ee53b94d7f69b8ab32c1b3721d72959323176e87b2cc9252b2605

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Content-Length, Cache-Control
x-goog-hash: crc32c=hrk7vQ==, md5=s1S17GHH2GMZXeaPsf8/cg==
content-encoding: br
etag: W/"b354b5ec61c7d863195de68fb1ff3f72"
age: 712608
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 20050
date: Thu, 09 Apr 2026 21:10:55 GMT
last-modified: Thu, 12 Mar 2026 15:50:23 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AMNfjG15ThPo3CudifqeeSzuOyr16M6G7_dunTM3bEd9Q402m5A7dbdrTFqxs0S18jokbDA31Aj9SIo
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1773330623081830
content-length: 5532
server: UploadServer

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
216 B 228ms
227ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.323083,VS0,VE177
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490049-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
216 B 439ms
437ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481663.449924,VS0,VE387
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490045-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 20 KB
40 B 61ms
59ms Script
application/javascript 34.95.94.110
Google LLC

General

Check archive.org

Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.94.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 110.94.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 34c289d36c4ee53b94d7f69b8ab32c1b3721d72959323176e87b2cc9252b2605

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Content-Length, Cache-Control
x-goog-hash: crc32c=hrk7vQ==, md5=s1S17GHH2GMZXeaPsf8/cg==
content-encoding: br
etag: W/"b354b5ec61c7d863195de68fb1ff3f72"
age: 712608
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 20050
date: Thu, 09 Apr 2026 21:10:55 GMT
last-modified: Thu, 12 Mar 2026 15:50:23 GMT
vary: Accept-Encoding
content-type: application/javascript
x-guploader-uploadid: AMNfjG15ThPo3CudifqeeSzuOyr16M6G7_dunTM3bEd9Q402m5A7dbdrTFqxs0S18jokbDA31Aj9SIo
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1773330623081830
content-length: 5532
server: UploadServer

POST
H3 200 u
dev.visualwebsiteoptimizer.com/events/t/ 0
37 B 142ms
141ms Ping
application/javascript 34.107.218.251
Google LLC

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/events/t/u?en=gtm.view_item_list&a=1128438&v=cf2c1cfa&_cu=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gnv01c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: application/javascript; charset=UTF-8
server: gnv01c
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For

GET
H2 200 loader.js Show response
cdn-scripts.signifyd.com/o/ 3 KB
2 KB 61ms
60ms Script
application/javascript 34.95.94.110
Google LLC

General

Check archive.org

Download Go to

Full URL: https://cdn-scripts.signifyd.com/o/loader.js?version=lite&ping=false&profile=true&sessionId=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.94.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 110.94.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b496fed3b4570b42ef2bc566456cbbad4648105af3735de557b9af0638c8fce0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Content-Length, Cache-Control
x-goog-hash: crc32c=vZu1FQ==, md5=p6Z2QGe6Ic8AxRHlsp2A3g==
content-encoding: br
etag: W/"a7a6764067ba21cf00c511e5b29d80de"
age: 1263090
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3322
date: Fri, 03 Apr 2026 12:16:13 GMT
last-modified: Mon, 02 Mar 2026 21:36:14 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AMNfjG1YJpb6WxdRWSLCLpZ72f4hsG8AeW0rPpjLikzW7UrC3Y6UT_Q-Amjxr7Mk-CZ4jSq7
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1772487374019582
content-length: 1422
server: UploadServer

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 62ms
62ms Script
application/javascript 34.95.94.110
Google LLC

General

Check archive.org

Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.94.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 110.94.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e813ff91a6e51ecc01f64cdb28c26d8367c88b8575329c508ae9ee484b1f626f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1756414994
access-control-expose-headers: Content-Type, Content-Length, Cache-Control
x-goog-hash: crc32c=MCPoXQ==, md5=zs4jZuCLt3ZT1ms8kJWEvg==
content-encoding: br
etag: W/"cece2366e08bb77653d66b3c909584be"
age: 559035
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3701
date: Sat, 11 Apr 2026 15:50:28 GMT
last-modified: Fri, 27 Feb 2026 17:15:34 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AMNfjG0jFeo_ZipaisF4_VcYCd319NywlDhxjtecKI31GUFIjXRddxXgjQlVPPEcC4SU-ezm
cache-control: private,max-age=0
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1772212534783242
content-length: 1447
server: UploadServer

POST
H2 200 event Show response
www.elfcosmetics.com/api/en-us/v2.0/ 105 B
182 B 228ms
226ms Fetch
text/plain 151.101.3.52
Fastly

General

Check archive.org

Download Go to

Full URL

https://www.elfcosmetics.com/api/en-us/v2.0/event?locale=en-US

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-timer: S1776481664.638902,VS0,VE176
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS, MISS
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-lis1490028-LIS, cache-lis1490050-LIS
server: nginx
x-cache-hits: 0, 0
vary: Accept-Encoding

POST
H2 204 errors Show response
c.contentsquare.net/ 0
42 B 94ms
93ms XHR
text/plain 34.253.163.93
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://c.contentsquare.net/errors?v=15.214.2&pid=1926&pn=1&sn=1&uu=e2b11859-72b3-a96b-da7b-a20fc29f4cff&happid=1042782804&hsid=633056696908635&huu=462255842819731&hpvid=4480522565916562&ct=0
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.253.163.93 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-253-163-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain;charset=UTF-8
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 24 Oct 1982 23:00:00 GMT
access-control-allow-origin: *
date: Sat, 18 Apr 2026 03:07:43 GMT
content-disposition: inline
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/ 9 KB
0 0ms
0ms Image
image/svg+xml 151.101.3.52
Fastly

General

Check archive.org

Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/15888/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.3.52 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-meta-deploy: 1536976
content-encoding: gzip
etag: W/"2b3ee98009fe98bcf2eee0f90a48466a"
age: 200009
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-amz-cf-id: fRxhPPYIksyeZrfwOaAwTUJNd83-FAU949Mgxm9QpObCU77P_sz2uQ==
date: Sat, 18 Apr 2026 03:07:37 GMT
content-type: image/svg+xml
last-modified: Wed, 15 Apr 2026 19:33:52 GMT
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200077-IAD, cache-lis1490050-LIS
x-cache-hits: 0, 80, 0
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000
x-timer: S1776481657.186719,VS0,VE98
via: 1.1 359a68a211613a0b498b726183099110.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-meta-bundle: 15888
accept-ranges: bytes
content-length: 681
x-amz-cf-pop: IAD61-P7
server: AmazonS3

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
95ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:43 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H/1.1 200
OK hcgbrbpzybldwfv2.js Show response
imgs.signifyd.com/ 101 KB
15 KB 300ms
100ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/hcgbrbpzybldwfv2.js?am8rf9v2gyj75nbo=w2txo5aa&vdyykjeonjfuyial=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/fEtvnY4kcCu-GA.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

61f4de0be6478d7d7e997fcaf6055e42e273d742259c696c044f25e3e71662db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Keep-Alive: timeout=2, max=100
Date: Sat, 18 Apr 2026 03:07:43 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: 6c36d008005ef168
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H3 200 lite.js Show response
cdn-scripts.signifyd.com/o/ Frame 1C92 150 KB
51 KB 60ms
60ms Script
application/javascript 34.95.94.110
Google LLC

General

Check archive.org

Download Go to

Full URL: https://cdn-scripts.signifyd.com/o/lite.js?sessionId=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz&ping=false&profile=true&pageURL=https%253A%252F%252Fwww.elfcosmetics.com%252F
Requested by: Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/o/loader.js?version=lite&ping=false&profile=true&sessionId=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.94.110 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 110.94.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 79413f743e2bb9914250733682aa4e82db680ee08eab74278d49c2cf2c16e49f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Content-Length, Cache-Control
x-goog-hash: crc32c=3cOspQ==, md5=aFDMzrG7mBUU+7zvtdwQXw==
content-encoding: br
etag: W/"6850ccceb1bb981514fbbcefb5dc105f"
age: 1263090
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 153518
date: Fri, 03 Apr 2026 12:16:13 GMT
last-modified: Mon, 02 Mar 2026 21:36:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AMNfjG1-ztudKNknJvFRkuDpWAMEUgCvE2uK281Y1n6r689riR6Xpp9O81emjTgrA7WO09a7SQ2MYXw
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1772487376052185
content-length: 52487
server: UploadServer

GET
H/1.1 200
OK K3cwMuta2EMZoscZ Show response
imgs.signifyd.com/ Frame 62D0 359 KB
60 KB 109ms
109ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/K3cwMuta2EMZoscZ?174a6929d861375a=8GjmPcZCNDYpXNVk-xje8JRNLP77O6vptFyA5z177EOzsfFRzaGdfQQo_sojv1Gfo6sQsllxHCEQqWXAjjL3ynJOkTix-MkaNFJk4LFXQIqZxbjKZ4dNOTo90tBRKQwtsuUIASjKVSkMgsLhNsdWW5yL6Llqgf03b2fZc1Hh4Q3PKLY3fTO4Nav-aQ_9xaW3GtIioqWVbYsSo2OQ&jb=3d3a2c2e6279657d374c6b6e7f7a2e68796f3f4661647d702e6a7b607f3d436a786f6d6f2e60796a3549627a656d6725383239363d

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/hcgbrbpzybldwfv2.js?am8rf9v2gyj75nbo=w2txo5aa&vdyykjeonjfuyial=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

a7179979c5be96626ff7f4675f3c67868d203796cb1309e8a35d7339b7a2513d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Date: Sat, 18 Apr 2026 03:07:44 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: 6c36d008005ef168
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK 1T-yRcftBi9ejAi2
imgs.signifyd.com/ Frame 62D0 81 B
475 B 258ms
86ms Image
image/png 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to Show image

Full URL

https://imgs.signifyd.com/1T-yRcftBi9ejAi2?d7eeafaa98c86b40=QeaOfJRGsoYYZ1k7bgF8jN9ytR3XNVY103NS0vonRxcLLIJKqYYDucHBGtlBejfXNV4zw2OFnpsVPqovinxhcgS4Vi4Ra8cG2ZzNuAGr1wvFi-cNRDTXwAK3lxc1n169awUakQrhI1MldMYprflM1A7avthOKCGnlL_2n04

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
96ms Image
text/html 142.251.20.97
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.20.97 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

bx-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 18 Apr 2026 03:07:44 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 175ms
174ms XHR
application/json 34.120.250.63
Google LLC

General

Check archive.org

Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.250.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 63.250.120.34.bc.googleusercontent.com
Software: /
Resource Hash: b01aa775e576ca9ba60429bb5263e6ea0c241a3e6fdd3ba526b0001cef4db77f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Sat, 18 Apr 2026 03:07:43 GMT
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK kZMpieFtaMm8ZpA-
imgs.signifyd.com/ Frame 62D0 81 B
475 B 263ms
88ms Image
image/png 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to Show image

Full URL

https://imgs.signifyd.com/kZMpieFtaMm8ZpA-?16381426a1ecbcc6=1LmefP-aYIEAwPMvLvlAWUfPTuFdbjZW71htPKnXkxlMgBxgJb5d50dkR2fh2j0rFKSfKdonRXcwVlT96Oav7G5mMMgHWYBjaTKqneuu3Xl9jXtyNMkOgqNifn6yRNN3tNdeGoHhWLYCI3D4dNiPyAT1rHBeq4pHyng9ihM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET 69c23208-0342-40c9-a6f1-73f9da84fc79
https://www.elfcosmetics.com/ Frame 1C92 0
0

GET c7f26459-9869-4b35-814f-fd8e03de5384
https://www.elfcosmetics.com/ Frame 1C92 0
0

POST
H2 200 fp-web
dp.signifyd.com/ Frame 1C92 0
0 294ms
288ms Fetch
application/json 3.93.158.79
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://dp.signifyd.com/fp-web
Requested by: Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/o/lite.js?sessionId=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz&ping=false&profile=true&pageURL=https%253A%252F%252Fwww.elfcosmetics.com%252F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.93.158.79 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-93-158-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
data-order-session-id: LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCRKYgHr53sEe9dGO
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
content-length: 0
date: Sat, 18 Apr 2026 03:07:45 GMT
content-type: application/json
access-control-allow-headers: *

OPTIONS
H2 200 fp-web
dp.signifyd.com/ Frame 0
0 501ms
165ms Preflight 3.93.158.79
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://dp.signifyd.com/fp-web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.93.158.79 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-93-158-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: data-order-session-id
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: *
content-length: 0
date: Sat, 18 Apr 2026 03:07:44 GMT

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame 62D0 81 B
536 B 271ms
91ms XHR
image/png 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/K3cwMuta2EMZoscZ?174a6929d861375a=8GjmPcZCNDYpXNVk-xje8JRNLP77O6vptFyA5z177EOzsfFRzaGdfQQo_sojv1Gfo6sQsllxHCEQqWXAjjL3ynJOkTix-MkaNFJk4LFXQIqZxbjKZ4dNOTo90tBRKQwtsuUIASjKVSkMgsLhNsdWW5yL6Llqgf03b2fZc1Hh4Q3PKLY3fTO4Nav-aQ_9xaW3GtIioqWVbYsSo2OQ&jb=3d3a2c2e6279657d374c6b6e7f7a2e68796f3f4661647d702e6a7b607f3d436a786f6d6f2e60796a3549627a656d6725383239363d

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Accept: */*, w2txo5aa/6c36d008005ef168lzjhyjjlzdc5n2m3otczmjyxytmwode2odez
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, max-age=0
Etag: 97e239e12b6c4924bb4271948d5c08c2
Connection: Keep-Alive
Expires: Thu, 17 Apr 2031 03:07:44 GMT
Access-Control-Allow-Origin: https://www.elfcosmetics.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Sat, 18 Apr 2026 03:07:44 GMT
Last-Modified: Sat, 18 Apr 2026 03:07:44 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK 1pEEdl7VbUozVJMi Show response
imgs.signifyd.com/ Frame 0A66 103 KB
16 KB 279ms
100ms Document
text/html 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/1pEEdl7VbUozVJMi?af10aebaaf318848=gtxuPg0n0siWx1lBBSyjlhQtf6TJJrjf9MWwMatxW0jtlkhXdZgY5EkO28BUXq7rGX6AuJgdyuIOOsX-dXKTOP-XgMHcna27y2ZCx5u78LKoE5Z5yFMaDeKZb5lW4q9QwhkyHVFLOCk4WJT_86RyXv5Q0O0iaLPrIzYVdFsAMXnHcresmowptVaN8WLQ-GAmRjROzfeJNYv5aGEZhuI

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

c333fe8b16e7a57974b136133803208afe62d834e7f6530b2007f4df8fe4e6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 18 Apr 2026 03:07:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bjHNQmW2j4ttgO45 Show response
imgs.signifyd.com/ Frame 62D0 0
398 B 90ms
89ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=98
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK Ro3YKZH8AqP-mWEh Show response
imgs.signifyd.com/ Frame 62D0 134 B
655 B 88ms
88ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/Ro3YKZH8AqP-mWEh?81a98f56d17c2761=tMSut0pZEOmivYyzLyhS9Ta2mEZm-9XAeg3_9v1BGmQQOQkfQRPZRRIZbZUI9LtD9f9ticzHvkY5adoVB4LI6pV-tHHuKItz3OHn0WKc0R9BLlTxwgkqmDKG5gweROnJ2v7-nqVhwhdXzySjXd3BHg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

2a903196be7eea9c9776ecac5962875d4bf0effbde8b52e46b3002503fa63152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK pZRHn0FAY0Ai5DCI Show response
h.online-metrix.net/ Frame C79E 114 KB
17 KB 279ms
95ms Document
text/html 91.235.132.130
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://h.online-metrix.net/pZRHn0FAY0Ai5DCI?45efeab190a73ca4=vSrT7ZNYQrh7D62YGEWPrkPmIRhAuARXGb8DMU0BX5xcvQ0c6jPhfjYhvscnuMBxH1pyj6SvweTu0eVAC8uJtmeRG61bzZB6yxT2NcAqZrQ04R_UMcX7gq_p2QG-W74XlTYU5rYRMjaRsGN1-AwcJxouteMbhdVyH8bbZNvGP1ddV6HaEynlzU92Xg3R4PPGpM5VP22JOskqRXOUZxtq

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

791006c96677f40131a5006894da0dddf6d25cc04c783fa0d905a2ab8b9b8587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 18 Apr 2026 03:07:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK m4EgRZAcfi5obpvL Show response
imgs.signifyd.com/ Frame 6A72 100 KB
15 KB 270ms
97ms Document
text/html 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/m4EgRZAcfi5obpvL?9df73010cd7e3b37=owK1nfUwS6Q-LTmGYe-Ou_FF3WMeeacqi6x5Llmu-R9b6c0RuEiIQX9_LpRZxO_flFB_5r6J5VYv-wzKPP3VMAgz5aK19A8CRnYrRNlj8GhhTtVcPro87c3tAE7cRsd8kI-jiabk3rrXRRBr8HtOCqHn0kalsZ3COJUKyLSyU1ENGhtqygYoSEUcfnbk9nCGklnKiBtUkNMr7XLsizIV

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

56807c5808922c2c9a48f1e3028d5d8ae33f258fd0258af9717bf28d9528247d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 18 Apr 2026 03:07:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bufxCmoN-9vfOhIA Show response
h64.online-metrix.net/ Frame 62D0 0
399 B 277ms
89ms Script
text/javascript 91.235.132.130
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://h64.online-metrix.net/bufxCmoN-9vfOhIA?0d01500df2061d3e=7ZeQl1zwcu0RuJ1H5B7TDPH5kGcynRQQac1EAfKJVTDqT_Ifr4J_E64v7CqAnMP9LKzPqrWOeOd7YkmqI8m-9UFVwQLBj6ZFd6CTr8XIt-5YnW1mwBHrynsg1F6klza0W0PoBF-nbQa-dAlVeM_Pt__62mb4br91

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=100
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 bjHNQmW2j4ttgO45 Show response
imgs.signifyd.com/ Frame 62D0 0
406 B 236ms
236ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/bjHNQmW2j4ttgO45?08f2e5c81ebfb7fc=HAa0XTmrp0Dnnj72AWCaJms4HfgUsAY8453WyXQEe1rOE4pEtXMM6CqAOg2q3sE9gnQhzpIWR7T1bvvrFQNR765ozZeyng6CR4WSKYww3j99Ksu0RixKNTkMW2iOaOXUUUlO2fSbsuoL44hDVTvX_iYdJCU&ja=3f38322e2e6937253c30247a373438246c3d333c383a70393a3038246b663d333c30307239383a382e797271373732783d322e667a723f3b243b3e38382c39303a302c333c30302639383a38243b3c383a2c33323a3224333c3032263938303d2437382e3d30266f7e3d323d6e3f3b6c3b3b3e316f366066383231603c36606e3b323f6a38616e316934266f643d322c7b696e353a3e2c64623d6a747e727b27394127384e2f3a4e7f777f2c6f6c666165736d6f7c63697b266965652f3244267a6e35372c706a376d32383a6c6669373f35313b3966346f6a6f323131396f6a3e613b39383b38662c686a373e396e396c336b326b6633353e31383d6e386f6e6a6c6c31326363386b3a3c332c6a7165354661667d782e6879623d4162726f676d2f3838393e3d2e60736d75374e616c7f7824607b687d354b687a6d6765266c62633d393a2c646c6537393a2c6e6f747a3f38247e7a6637497e6469667461612f324643706f726f7b2c67697c6278353d3164353e3a6d366833343a30686e6c6e62303b693939346c66643e6e3d3a6e39386b6d396434366b666e363839313f3e68316e3b626b343d3762306c65326c2e6e7835607e7e78792531412f304e273846757d7f246d646e6367716765746b69732e6967672f3a4e2c7a357a6c7767636c5764666171622d3f4d6e696c7b672b706c776d696e557f63646c677d7957676566696b5d786e6b7967782d3f4d6e696c7b672b706c776d696e55696e656a6d556b6b786f60617e273d476c616e796d2b78647d67616c5571756b696b7463656f2f3d4d6c6b647965237066776f6b645f71626769637f69766d273f4566636673652b78667f6f6164557a6f616e70666371677825374f6e6b647b6d21786e7f67696c55766c69577a6669716f782d3f45646166716d237a6c776d6164576c6d76696e7c7225374f6661667b6f2b78647f6d61645f71766d5d7e6b6f7767782d3f4d6e696c7b672b706c776d696e55626b7c692d3f4f6e6b6c7165&jb=39393e2e647b3745657a6b6c66632d304c352c3a2d38382050313927394225303a4c69647d722f3a3872323e553636292f3038437a706e6f5f6f6a4361742d304c3533352433362f3a3a2243405e47442f3241253832646b61652738384d6d6b636f21273830436a786f6d6f2d384c393c3d243824302c302f3038516b666378612f3a4e3d333f2c3936

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK fr6949LUwxv6CGqY
w2txo5aaue5cx6s7mswasubdxgx3hgk4ztehw2up6c36d008005ef168am1.e.aa.online-metrix.net/ Frame 62D0 81 B
438 B 291ms
89ms Image
image/png 91.235.134.131
ThreatMetrix Inc.

General

Check archive.org

Download Go to Show image

Full URL

https://w2txo5aaue5cx6s7mswasubdxgx3hgk4ztehw2up6c36d008005ef168am1.e.aa.online-metrix.net/fr6949LUwxv6CGqY?c31dcd86c6f8f232=Ztk4SsnxmUAFQnsWoT6XYquI_PCho5hNZ7cHIoGuO7g4Fv6-aurqQnff7nVSG1AENV2qo8nXPgJPjFx4ZucbY5dwGISVLURvtkLE5wj35GE2XXqxg45klgyV8Tgt3nJh_cybVND6D8ywk7PawNL82eOybYwOXBUomtYG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 204
204 -9MlxWIHkaSfrRmd Show response
imgs.signifyd.com/ Frame 62D0 0
406 B 90ms
90ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK N6v64yRUGYH02hw0
imgs.signifyd.com/ Frame 62D0 81 B
500 B 90ms
90ms Image
image/png 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to Show image

Full URL

https://imgs.signifyd.com/N6v64yRUGYH02hw0?97efa02d55b7d1c5=rN1RRefGrVQza8WSobhELZwMOr8h3IIZo6AXpkFMm3q5bQmnT86NHdwILHwtbCT5sasCudZg340JueA6TMR7_1VKYINfE6VktIQEJityWaZG_aoSYJs0Dp2gQLCbbOLrI9JyV9EoSgXel6s5JlUq49O9zR5DZYzQMhjZ6T1Y4WfmTI5Xb8X614fqNoZa_bH4dlOApbt8iW32RxAGiz4&jf=3c3b3e2e7b636e57786e663d7e667a5d4b633661673d433f5d597071656741322c73696e576e6b7c6d373b3f3d3636383b343e362c736b6e577e71786d3d7f67683a65616e73612c7b636e57636f733539303739393239313a36323d3a6b303e3c386b67396430303a31303c38323869303c3e30696531643a3138333a3732393c38383838346e316b3566606b64306c696c6b3d38393a306e3863643e606d316e3332683968316a3b66393a3a3666303d35393d6a3a6f3839383d6a6e383332383739343838343b386c6b306b633d636b6638326b36363b6b386b3b31386c3e3a633b616b616c646e3536323b333e3c6d383a356f6231333936643f6e6b6b3f3a3d323f3c6424736366577163673f39383e3c383a3238363d3739316832373a3f3e683f386c3e6c333736333a366d603230613c3c38693a31306e353c3834323a386368693f6c6b6e39393b6e6637313b3039323c32363a3a38383b3b6531333d323363383964693d3c3a3d383c3d6d3d323b3568676e613839673e30336b3e31306a37683134363b3661386c3c38313f32323d6c3036616f313e2479696478353a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=98
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK ynW_dE1b2HHmolBm Show response
imgs.signifyd.com/ Frame 0A66 0
398 B 88ms
88ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/ynW_dE1b2HHmolBm?c25614d4748e37ae=MIMoRa-aROqy8FpC9AvZ4jcMSReUnC2FqnWKpBtRn0FFOn9x4SZ23-HOP_QNBIIBQ2WCQcBSC2y3XI-KSsD9BNmnY7DoWdM69qNl6LjawNJBYGYTFn6FhVfNKv1swgWqJ6UeE2-CzgYDZ9ER6PUq0SLfoW8&jf=3b3c2c647b6837383365323739323b3132663a3e693b39303d333c3a3b3663333c3630326c6c3f

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/1pEEdl7VbUozVJMi?af10aebaaf318848=gtxuPg0n0siWx1lBBSyjlhQtf6TJJrjf9MWwMatxW0jtlkhXdZgY5EkO28BUXq7rGX6AuJgdyuIOOsX-dXKTOP-XgMHcna27y2ZCx5u78LKoE5Z5yFMaDeKZb5lW4q9QwhkyHVFLOCk4WJT_86RyXv5Q0O0iaLPrIzYVdFsAMXnHcresmowptVaN8WLQ-GAmRjROzfeJNYv5aGEZhuI

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://imgs.signifyd.com/1pEEdl7VbUozVJMi?af10aebaaf318848=gtxuPg0n0siWx1lBBSyjlhQtf6TJJrjf9MWwMatxW0jtlkhXdZgY5EkO28BUXq7rGX6AuJgdyuIOOsX-dXKTOP-XgMHcna27y2ZCx5u78LKoE5Z5yFMaDeKZb5lW4q9QwhkyHVFLOCk4WJT_86RyXv5Q0O0iaLPrIzYVdFsAMXnHcresmowptVaN8WLQ-GAmRjROzfeJNYv5aGEZhuI
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=99
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK 2IVJhLOi_vQqPiUM Show response
imgs.signifyd.com/ Frame 0A66 134 B
655 B 92ms
92ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/2IVJhLOi_vQqPiUM?02361ff33e47490c=_0Cd0OlY2LUQEOuiM9jHtsp1WAViBiUs_PM1lZb7sJS-HAOjmZVqeWI_rdTc6s-h77kaXBLUP_1XGmpi0wL5wGZOxMe2CSktuBEuXz_URhTUjWKZjbWpN0dbhdt2trL-NpeLG8yNr5hm6nNFc5YjHA&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

44df12e413ad61c633d2a90336a23665e413516187ad4082fd2245ba5aa221ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://imgs.signifyd.com/1pEEdl7VbUozVJMi?af10aebaaf318848=gtxuPg0n0siWx1lBBSyjlhQtf6TJJrjf9MWwMatxW0jtlkhXdZgY5EkO28BUXq7rGX6AuJgdyuIOOsX-dXKTOP-XgMHcna27y2ZCx5u78LKoE5Z5yFMaDeKZb5lW4q9QwhkyHVFLOCk4WJT_86RyXv5Q0O0iaLPrIzYVdFsAMXnHcresmowptVaN8WLQ-GAmRjROzfeJNYv5aGEZhuI
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK vDZCvxBeSU7j3ban
h.online-metrix.net/ Frame C79E 81 B
500 B 90ms
90ms Image
image/png 91.235.132.130
ThreatMetrix Inc.

General

Check archive.org

Download Go to Show image

Full URL

https://h.online-metrix.net/vDZCvxBeSU7j3ban?1b57a20dc4e7fac0=gtHSOuvFMizdzaVpZ49E9y0k-fAO10mycq1KySFGgEneiEzaqfcCrTx-yhtgadcEXDUTWw8xGBiNDzfBmTeqcq4EbcLmgWkJbGIWJQLKFCqikA4tI7MFcQ0ReLMlYtYGzxyzXqoDS84invb9tuipoRWOwqKMrj37GA2ZJz7Ldx6Oq6IzUgEIKM6KpzUoTzW8j6spALONtYzR9nJ1MUQ&jf=3c3b322e7b636e57786e663d7e667a5d69695452647a7c3930726770455274662c73696e576e6b7c6d373b3f3d3636383b343e362c736b6e577e71786d3d7f67683a65616e73612c7b636e57636f733539303739393239313a36323d3a6b303e3c386b67396430303a31303c38323869303c3e30696531643a3138333a3732393c3838383834313b3e3430333b64666e3c6c326e303a3a3d3a393b633d353f336865676b6d3d6b696e373b3b6b3938333931386f3e3b3e6e3b6c3c6e3d3731373f36393a3330336e39323d6b39396a3b3c3138613f6164686d386f3c3e333b3f6f64363069353f353f3933326b383f6a6d616e363a6435336c33373d3f6c6b6a3c3f3a6a333424736366577163673f39383e3e383a3239323a62303b3c34323f3c383e316e3c326b3e643034323439376f62373c6b336a3f3b353e336c3036313d30333e303c6c3c3f6e3338683466306f606a3b683361323e3a3a3a393038613f3635326965623f3f386e6a6e383d313a616739383539353f61373f396c313f3c656b3a6e306132336535323a683f3d3d393939323430623b3b3a673e363a2c7b636e7a3531

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://h.online-metrix.net/pZRHn0FAY0Ai5DCI?45efeab190a73ca4=vSrT7ZNYQrh7D62YGEWPrkPmIRhAuARXGb8DMU0BX5xcvQ0c6jPhfjYhvscnuMBxH1pyj6SvweTu0eVAC8uJtmeRG61bzZB6yxT2NcAqZrQ04R_UMcX7gq_p2QG-W74XlTYU5rYRMjaRsGN1-AwcJxouteMbhdVyH8bbZNvGP1ddV6HaEynlzU92Xg3R4PPGpM5VP22JOskqRXOUZxtq
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Date: Sat, 18 Apr 2026 03:07:44 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK bjHNQmW2j4ttgO45 Show response
imgs.signifyd.com/ Frame 62D0 0
398 B 89ms
89ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/bjHNQmW2j4ttgO45?08f2e5c81ebfb7fc=HAa0XTmrp0Dnnj72AWCaJms4HfgUsAY8453WyXQEe1rOE4pEtXMM6CqAOg2q3sE9gnQhzpIWR7T1bvvrFQNR765ozZeyng6CR4WSKYww3j99Ksu0RixKNTkMW2iOaOXUUUlO2fSbsuoL44hDVTvX_iYdJCU&jac=1&je=393b3f302e2c7d61633d3337382c393524302c33243b38263930382c3a2e32247d6569373c3f24313c243838322e37362c72653f646f2468697e7b7c35253f402f32326e6f7665662d38382d3b4b3b263a30273249273a307974637e7d792d3a3a253b432f3232616261726d61646d2d3a382f3f4e2663756e6a35616b3760336d3c6d3e30316b616b63366438613769393338313b3c393c3c62376339333f3b3c62366e306e6c3c30363832393866673e6630396e696e303c3f332e7f616a3d2f354a27383263786b62617c6d637c77786525303825334b2d383870303c2f3a382530432f303a6063746c6f7b792d3a3a253b432f3232343e2532382d38492d3a38687a6b6e66732f303a273941273f4a2f3f4a2d323a6078616e662f32322f3b4b2f3a3a49627a656d6b7567273a302f32412f3a387e6d7a73616d642532302f33412f3a383b3c3f2f383a2f37462538412d35482530386a7869666c253a302f33412738324765676d666d2d383a4b62726d6d6f273a302f32412f3a387e6d7a73616d642532302f33412f3a383b3c3f2f383a2f37462538412d35482530386a7869666c253a302f33412738324e657c274b264a786b666e2530322f304b273832746f7a79616766253a302f3341273832323e2d38382d3f4e2f3d4e2530432f303a647f6c6e5c6d787b61676e446b797425303825334b2d3f482d3f482f3a3862706164662d303825314b2d383a4b6072676f63756d27383225384b2f383a7e6f787b636f6c2538302d314b253038393e3f26382e382c3a2532302f37442f3a492f3f4a2f383a6872636e6e273a302f33432f3a384f67676764672f32304162726f676d2f383a2d38492d383274657871616d642530382d39492d3a3239363d2e302c3a2e302f3a382f3f4c2f384b2f37402538306a706b6e662f3a382d3b49253a30446f742f4b2e427869646e2d3a382f3a492530327c677a71636f6c2f3a382d3b49253a3038342e3224302e3a2d38382d3f4e2f3d4e2530432f303a6f65626b666d2f3a3a2d3349646b6c73672f32432f3a3867676c6f662d383227334b273a302f32302f3a492d3a3a7064637e666f70672532382d394b2d3a38466164757a2538302d30492530387866697c6e6f7a6f5c657271636f6e2f3a382f3b492f383a2f32302538412d3038776d7d3e3e2d3a3a253b436c616c716f25374e2e7f6b64352f3d4a2f32306278636666792530382d39492d3d422d3548253230687261646c2f383a2d394b2d38324168786d656b7f6d27383a2f3a4b2d323a746f72736b656e25383a2f39492d3838393e37273238273f462f32412f3f482d3a3a627a63646425303825334b2d38384f67656d646f253030496a7a6d676527383a2f3a4b2d323a746f72736b656e25383a2f39492d3838393e37273238273f462f32412f3f482d3a3a627a63646425303825334b2d383846677e27492442706164662d30382530492d383a7e6d727b6b656e25303825334b2d38383a3c2f383a2f3746253f462d304925303865656a6164652d30382533436c616c796d2f384b2d383878666176666570652738322739492f3a3a44696677722532302f37442c7d63797c643766616d6876

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=97
Date: Sat, 18 Apr 2026 03:07:45 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 -9MlxWIHkaSfrRmd Show response
imgs.signifyd.com/ Frame 62D0 0
406 B 87ms
87ms Script
text/javascript 91.235.133.113
ThreatMetrix Inc.

General

Check archive.org

Download Go to

Full URL

https://imgs.signifyd.com/-9MlxWIHkaSfrRmd?51b5475f327faaff=eTVyWnv36dGZ6ZU0G1m5T95KXSqH0WvOINLMfv6KMi14eA8dhueT8Ka5r0vjVFnyX5S1u_y6X43R8JGVqpKEs3AH1OqYgfyvFhqKXp9wsGaUbdC3nkjsYcPneeixqMT2SxQYDhyoq_yVw6mxCvym2xaQCd_vSZ9HeFkfH8BAX0S9SY5D6vbiOpmu0WsG2-GogQVyjhK3hcarwkwHsiI&jac=1&je=3b38322e2e6f723b373861363a643d373c38303b39683b383c6639673963623a3939626b386f3a38306e323f3c3461333e246d7a3c3d356c6a38316c6c6631673d3264606e35663a3d3a393d3a3d3a3a3c6566623d642e677236713739383b3e3b363b313c37383638266766576237303e6c396b323463383d336a363265636e303e3e3169643c633d6235613c303868306b6e3d3d3b3c2e7d676e76374b66766f6c27383843666b26267f6566723d4b647465662d383a417a63792d38304d706f6c4f4e2f32324f666d61666d266f6e625f683f3265616b3e69326a3968396c32373b366e306c636b36616b3a336b386d313a363c3033333a3561322e6f723c356c6e6e693635656c676c363b37633d6a696d3131366e37393537303365343a6d2c6f703d373c6c3b326465326631666f3730683d6e6c6e6b306a663b33393b3862616938382c6a6a7c373b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM - ThreatMetrix Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Date: Sat, 18 Apr 2026 03:07:45 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Server: Apache

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 173ms
172ms XHR
application/json 34.120.250.63
Google LLC

General

Check archive.org

Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.250.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 63.250.120.34.bc.googleusercontent.com
Software: /
Resource Hash: b01aa775e576ca9ba60429bb5263e6ea0c241a3e6fdd3ba526b0001cef4db77f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Sat, 18 Apr 2026 03:07:44 GMT
content-type: application/json; charset=utf-8

GET
H2 200 glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-HEADLINE_D
cdn.media.amplience.net/i/elfcosmetics/ 9 KB
0 0ms
0ms Image
image/avif 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-HEADLINE_D?fmt=auto&qlt=80

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

454376943eacb6ad3b856a4a53178547f38c7d257f8a9941bc0b3b0d84517637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: wG-kH4nhk,l4p5bDg2e,8DJKedv1J,WepA0szpz
x-amp-source-width: 1029
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/avif
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: aRO1UH_CPm
x-amp-source-height: 330
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9488
x-amp-published: Thu, 16 Apr 2026 20:25:21 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-1_D
cdn.media.amplience.net/i/elfcosmetics/ 175 KB
0 1ms
1ms Image
image/webp 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-1_D?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

5ff9f284a3af21d9fb6ee980cf339db53ea3ff43eba06288812ef7a7015701bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: vGGE3y5Z0,l4p5bDg2e,mF-g78ke7,x5i0YPYAC,DtzGFM5oJ
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/webp
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: U2c1mIsDOZ
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 178908
x-amp-published: Thu, 16 Apr 2026 20:25:21 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

GET
H2 200 glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-2_D
cdn.media.amplience.net/i/elfcosmetics/ 194 KB
0 1ms
1ms Image
image/webp 2.17.147.192
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/glow-reviver-melting-lip-balm-new-shimmers-2026-4-festival-hero-carousel-IMAGE-2_D?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.192 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-17-147-192.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

7f1eac781425d4d98598a91b9d199b8fd4b64a47d8992b41f8d2c59a07f44c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-tag: 7Bcx6Um69,l4p5bDg2e,mF-g78ke7,UduAly1cl,DtzGFM5oJ
x-amp-source-width: 1500
x-content-type-options: nosniff
date: Sat, 18 Apr 2026 03:07:38 GMT
content-type: image/webp
x-frame-options: DENY
cache-control: max-age=1800, s-maxage=86400
x-req-id: xIdxlV6JYS
x-amp-source-height: 1500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 198242
x-amp-published: Thu, 16 Apr 2026 20:25:21 GMT
x-amp-srv: A
x-xss-protection: 1; mode=block
server: Unknown

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 728 B
746 B 180ms
178ms XHR
application/json 34.120.250.63
Google LLC

General

Check archive.org

Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.250.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS: 63.250.120.34.bc.googleusercontent.com
Software: /
Resource Hash: d75c781367623c826c4f21e982acd41aa16837078a14bfdc1abe71dc1ad0c75a

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.elfcosmetics.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
date: Sat, 18 Apr 2026 03:07:49 GMT
content-type: application/json; charset=utf-8

GET
H2 200 micro-fine-brow-pencil-PROS-2026-4-hero-carousel-IMAGE_D
elfcosmetics.a.bigcontent.io/v1/static/ 80 KB
0 0ms
0ms Image
image/jpeg 2.17.147.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/micro-fine-brow-pencil-PROS-2026-4-hero-carousel-IMAGE_D?%24Desktop%24=&fmt=auto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.219 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-17-147-219.deploy.static.akamaitechnologies.com
Software: Unknown /
Resource Hash: 0a32c18b9f9dacd36d16cc55ded479c3c22af0dbb417f49ba1bc9e39c588ba23

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-amz-server-side-encryption: AES256
cache-control: max-age=1800, s-maxage=86400
x-amz-version-id: null
access-control-allow-methods: POST, GET, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81824
date: Sat, 18 Apr 2026 03:07:38 GMT
x-amp-srv: A
content-type: image/jpeg
server: Unknown
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.elfcosmetics.com
URL: blob:https://www.elfcosmetics.com/10638754-b2ca-413f-8fa6-b11265a27fc6

Domain: www.elfcosmetics.com
URL: blob:https://www.elfcosmetics.com/9ed52c0b-a803-494b-a67c-a1b06ef997fc

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Domain: www.elfcosmetics.com
URL: blob:https://www.elfcosmetics.com/69c23208-0342-40c9-a6f1-73f9da84fc79

Domain: www.elfcosmetics.com
URL: blob:https://www.elfcosmetics.com/c7f26459-9869-4b35-814f-fd8e03de5384

Verdicts & Comments Add Verdict or Comment

192 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elfcosmetics.com/	1970-01-21 22:13:37	Name: _pxvid Value: c0ecc07b-3ad3-11f1-9d9d-b1ad0421f8a0
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: initAuthComplete Value: true
.elfcosmetics.com/	1970-01-21 22:15:04	Name: _vwo_uuid_v2 Value: D9481000D0084E6625F6FA0841C216F94\|d3eb2bc40cd2dfeebb5fdec185444ca5
.elfcosmetics.com/	1970-01-21 15:37:37	Name: _gcl_au Value: 1.1.1902940327.1776481659
.elfcosmetics.com/	1970-01-21 22:13:58	Name: _vwo_uuid Value: D9481000D0084E6625F6FA0841C216F94
.elfcosmetics.com/	1970-01-21 13:28:03	Name: _vwo_sn Value: 0%3A1
.elfcosmetics.com/	1970-01-21 14:11:13	Name: _vwo_ds Value: 3%241776481658%3A47.28607693%3A%3A%3A%3A%3A1776481658%3A1776481658%3A1
.elfcosmetics.com/	1970-01-21 15:52:01	Name: _vis_opt_s Value: 1%7C
.elfcosmetics.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.elfcosmetics.com/	1970-01-21 23:04:01	Name: _ga_ZLYXLXNDL8 Value: GS2.1.s1776481659$o1$g0$t1776481659$j60$l0$h765890350
.elfcosmetics.com/	1970-01-21 23:04:01	Name: _ga Value: GA1.1.1436343785.1776481660
.elfcosmetics.com/	1970-01-21 23:04:01	Name: _ga_000000000 Value: GS2.1.s1776481659$o1$g0$t1776481659$j60$l0$h2041757916
.elfcosmetics.com/	1970-01-21 13:28:01	Name: _px2 Value: eyJ1IjoiYzBjNjA3NzAtM2FkMy0xMWYxLWJjYjUtODM0OWZjYTQ5YmQwIiwidiI6ImMwZWNjMDdiLTNhZDMtMTFmMS05ZDlkLWIxYWQwNDIxZjhhMCIsInQiOjE3NzY0ODE5NTk2MjMsImgiOiJjMGY1MDA1NjIwN2VlN2FkOTU0OTM1NzNjNTE1MTY1MjhkZTVmN2JjNzdlNmEwZTQ4ODU5NzljZmU1YjE1NTc2In0=
.elfcosmetics.com/	1969-12-31 23:59:59	Name: pxcts Value: ktCObHl/J-nRWjfdJwcdd1yL-phy4sGpzpwd8Vtg7EE=:NksNp0yyKcN/RJ7zaY9P0Zltj/tkygdKGwoqYzXIUUm3t8oG5r/9Tg1oKDZ0VKPrXtrcGNWdyGjyV1YDozz1FPGnxMFhO7JGdEevuUMfCgIr-AGttbFTNu1YalDYCbAWn3sLDYvZNGbYhpW8WhnvusPtq5EgL5jlKVYGU1cLtmfjp8yHfhg0FGLWjekJcN1H
.elfcosmetics.com/	1970-01-21 13:29:28	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Apr+18+2026+03%3A07%3A39+GMT%2B0000+(Hora+de+ver%C3%A3o+dos+A%C3%A7ores)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=a6a91aaf-8819-4ba0-8cf5-abdd06b059c3&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CV2STACK42%3A0
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: SBOPJYJwZsKH-xV0r_BX7Lu_MpXOm0Xp24wg6djxUHJ_eVc2pi9dqkdaJ1ZIoErwH2mcgCp0ZDc2GQZy0l3H6Q==
www.elfcosmetics.com/	1970-01-21 17:47:13	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: abwulKwrIUluoRlegZxaYYkbFI
.linksynergy.com/	1970-01-21 22:13:37	Name: rmuid Value: 74adb830-d97b-4f32-917e-d3f0642586aa
.elfcosmetics.com/	1970-01-21 22:57:25	Name: _cs_c Value: 0
.elfcosmetics.com/	1970-01-21 23:04:01	Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: g%3A5d151e49-b4c1-a0e9-6da0-3dac1006af12%7Ce%3A1776483460998%7Cc%3A1776481660998%7Cl%3A1776481660998
.elfcosmetics.com/	1970-01-21 23:04:01	Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: g%3Ab89d9d13-29f0-aefa-fa55-b715d1727002%7Ce%3Aundefined%7Cc%3A1776481661000%7Cl%3A1776481661000
.elfcosmetics.com/	1970-01-21 22:55:59	Name: _hp5_event_props.1042782804 Value: %7B%7D
.elfcosmetics.com/	1970-01-21 22:55:59	Name: _hp5_let.1042782804 Value: 1776481661796
.elfcosmetics.com/	1970-01-21 22:55:59	Name: _hp5_meta.1042782804 Value: %7B%22setPath%22%3A%7B%7D%2C%22userId%22%3A%22462255842819731%22%2C%22sessionId%22%3A%22633056696908635%22%2C%22sessionProperties%22%3A%7B%22time%22%3A1776481661796%2C%22id%22%3A%22633056696908635%22%2C%22initial_pageview_info%22%3A%7B%22time%22%3A1776481661796%2C%22id%22%3A%224480522565916562%22%2C%22title%22%3A%22e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20-%20Cruelty%20Free%20%7C%20e.l.f.%20Cosmetics%22%2C%22url%22%3A%7B%22domain%22%3A%22www.elfcosmetics.com%22%2C%22path%22%3A%22%2F%22%2C%22query%22%3A%22%22%2C%22hash%22%3A%22%22%7D%7D%2C%22search_keyword%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22utm%22%3A%7B%22source%22%3A%22%22%2C%22medium%22%3A%22%22%2C%22term%22%3A%22%22%2C%22content%22%3A%22%22%2C%22campaign%22%3A%22%22%7D%7D%7D
.elfcosmetics.com/	1970-01-21 22:57:25	Name: _cs_id Value: e2b11859-72b3-a96b-da7b-a20fc29f4cff.1776481661.1.1776481661.1776481661.1738939813.1810645661846.1.x
.elfcosmetics.com/	1970-01-21 13:28:03	Name: _cs_s Value: 1.0.U.9.1776483461870
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: idnabat0U-dczp60bzTtHHp1Z93nn3DMALk
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
www.elfcosmetics.com/	1970-01-21 13:29:28	Name: currentLocale Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: abwulKwrIUluoRlegZxaYYkbFI
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
imgs.signifyd.com/	1970-01-21 22:49:37	Name: thx_guid Value: 231c11a206eaa74497a99909bca64142
imgs.signifyd.com/	1970-01-21 22:49:37	Name: tmx_guid Value: AAxB73HDwJPbRdlFoztT3Cd6ml9s0Nz4R9yrTQWSxDZx-QnBj4or0qJF0DR_IflNGyWuoZMHNRzrd6djjYbuJqXDoGp_pA

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.elfcosmetics.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2E54106820A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
security	error	URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&deviceID=uid_6bd8052b46_mdm6mdc6nde&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.80.0&integrationType=SDK(Line 103) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'sha256-x+ZkDZmeYcqkllw8PVQoWUlvJM+VFAdins1515gtDPc=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com'. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
rendering	warning	URL: https://cdn-scripts.signifyd.com/o/lite.js?sessionId=LzJhYjJlZDc5N2M3OTczMjYxYTMwODE2ODEz&ping=false&profile=true&pageURL=https%253A%252F%252Fwww.elfcosmetics.com%252F(Line 34) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: about:srcdoc Message: No available adapters.
rendering	warning	URL: about:srcdoc Message: [GroupMarkerNotSet(crbug.com/242999)!:2E54106820A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
worker	warning	URL: about:srcdoc Message: [GroupMarkerNotSet(crbug.com/242999)!:2E5425E0A0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.elfcosmetics.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2E541DDCD0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.elfcosmetics.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2E5425E0D0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.elfcosmetics.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2E54251D90A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.elfcosmetics.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:2E54048500A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31557600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a42cdn.usablenet.com
ac.cnstrc.com
ade.googlesyndication.com
api.ipify.org
c.contentsquare.net
c.us.heap-api.com
cdn-scripts.signifyd.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.fonts.net
cdn.media.amplience.net
cdn.us.heap-api.com
cnstrc.com
collector-pxxt4gy2ig.px-cloud.net
consent.linksynergy.com
dev.visualwebsiteoptimizer.com
dp.signifyd.com
elfcosmetics.a.bigcontent.io
elfcosmetics.com
geolocation.onetrust.com
h.online-metrix.net
h64.online-metrix.net
imgs.signifyd.com
pagead2.googlesyndication.com
px.adentifi.com
px.gumgum.com
qoe-1.yottaa.net
rapid-1.yottaa.net
rapid-cdn.yottaa.com
sdk.iad-05.braze.com
sgtm.elfcosmetics.com
static.ordergroove.com
t.contentsquare.net
tag.rmp.rakuten.com
tzm.px-cloud.net
w2txo5aaue5cx6s7mswasubdxgx3hgk4ztehw2up6c36d008005ef168am1.e.aa.online-metrix.net
www.elfcosmetics.com
www.google.com
www.googletagmanager.com
www.paypal.com
www.elfcosmetics.com
www.paypal.com
104.16.40.28
104.18.0.100
104.18.32.137
104.18.38.107
104.18.6.168
104.18.7.168
104.18.86.42
104.26.12.205
104.86.53.30
13.248.191.155
13.35.58.39
142.251.110.154
142.251.14.157
142.251.155.119
142.251.20.97
151.101.19.52
151.101.3.52
151.101.66.133
18.244.18.115
2.17.147.171
2.17.147.192
2.17.147.219
3.174.46.60
3.87.234.35
3.93.158.79
34.102.147.248
34.107.218.251
34.120.250.63
34.253.163.93
34.36.73.246
34.49.124.132
34.95.94.110
34.98.67.3
35.156.253.221
35.212.43.231
52.17.234.193
91.235.132.130
91.235.133.113
91.235.134.131
99.83.184.193
024443247f452df89d7dad31f864ee3bd33228c19e85b9d04123ffc5e988b4d5
08ff052568e9fa47cb41d15b270554b9eefa2d53c318f784803754c251fdb9a6
0a32c18b9f9dacd36d16cc55ded479c3c22af0dbb417f49ba1bc9e39c588ba23
0fd9b98d8f3cf2ed9bbdb8cae596fa970b17f19ecc7e01355392ebd6344cb5ba
11ec800dc96a8e2c796de352ca7d7b4eb19ec54df559222ea77ee5a34699cce5
1331786f628c441b99665436eb8815381e066e17d5c3bb56f5ce2e045d8da17a
14432d35700d50f2ebb04d6713966ddc8efdcc212f3b2e211e9bc242783dec01
16e7f1bc90315db7e4e9b206c7b14333c33d7bd1c7cea267040d3473781311d5
171a9903c5a78b619ab0e2ae2957021877de80cbe6abeab27661ff7f44405603
1e960aae666e24ae7b1ee42d60f23251c323e441159efe4740ae7259ce5f2217
200cc29c70f51c9974673781a11255e859d436c6976d921220a44cbaae2844c9
223a298a1a02096375ccf01e37a4091566d8aca165bb8e0fb089bb257789891d
22933c2bd379e2a1c4beee3e235494658937b97d18b59f01133361510e20a3c1
24b913f61fc062e92d96b699df1e996355ea62d787ec48daf7252504753d4736
254335604d7965bce30438134e20dab44eddf961d41f0744ed2cd46ff61fdaac
259716f49c49daee34485d866bc2849e27bee25c0b1741629c94dc5616f8cf88
27aaed09e4ea75ef788da6985315ff5cbc960c99bdab0bfacbf245814698ed8d
281161e72d905589d624deb7aa8651ae082e881a7920651ee3d5f9498ed35d55
2895f8d61a1ed3c321ce51d5988953a1249ea32435c4cf6f5a4f0e1bf59665fa
2a903196be7eea9c9776ecac5962875d4bf0effbde8b52e46b3002503fa63152
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
32fce0417c3193ba8c08a8e7aab91df42715a114df968d5a87d5dd9dd231449a
341f99739dbbda1bf97cdecb1cc9287413ff26a0e73a5620994b9c3ede483f65
34c289d36c4ee53b94d7f69b8ab32c1b3721d72959323176e87b2cc9252b2605
3547f930234f2f9f4a517aadd276d4f80b22d56fb53ac3cb6a688f6b3dc519f7
359722b660d0b4a5afb34561728a3918b96bdccf3a3cddc4291ee4cd15f65c3f
36de4ad8aecbd3826f85cfedef42a024a3eadfd5033193bc428b6ca6476bddbd
37ae0f6206a187eba0631a4f608cfb337bed4c1823248eca9cd692bac61f6de1
389e5f07a367908452332adac30ba85dfa78544375620edf1dfd1a80cdaf5a9c
3e1fd69a8b5bc42033c937dc7e7a12893511d26bbebfc493a1e86e4ab678d211
3f210735d8e692ab2385b3ac5fdc249ab9735564a8e23c0606e33b45b24394b8
3fdffe410ee6e2c37fb302223c7b09837f86791b16ddbe2775f829d2fb12cefc
44df12e413ad61c633d2a90336a23665e413516187ad4082fd2245ba5aa221ee
454376943eacb6ad3b856a4a53178547f38c7d257f8a9941bc0b3b0d84517637
45634d5e63702aa7be310b3a31ea58a6540d68d0c46bfd0964b39c276fdf56fb
46f6c6dc782210b09202d3345329a22a2a0c87aa5753a295849cc86f3955fe2f
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
49186dcd58a5d8c491bf1f2e708e2b5204106efec17406e782d06613869eba96
4c2d5e77b693423f53d63e06621fb78cca1ea710ee7123c2f8f62cadf9f6e111
4df4687bf29224c4a9827aa12dbaa2acaf17d5df233c8f1e2f0e87890960a4d3
4f4387385e404bd0dcf288efa1c93dbde0592f8b89220bf584c7787e4d15f1fe
51bdb0632b8a25a9f75b91ae374875b50831e57fefaed95d7c889b2715a6ae77
52034ed26ddf1b56580a68e479c22635ffd04274bb5ea17211fb62ed34736591
54cfd47adf48962e722e3c20d0b23d0302f6023ecc9d1a3eca0dd0a174e40921
55a659ada45be317956dd3f9d03ee17016907f76fe0a4cd2c9bac2ae004eb0d3
55f53e3842fe9279396759fc2ed5fdef7bc0a9ec61e564dd7b4357db19187600
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56807c5808922c2c9a48f1e3028d5d8ae33f258fd0258af9717bf28d9528247d
56b5ee2d470e08c45cd09f2944da8ff2d357d50cc363731028db61a1c97725ca
5961f606a750c97c54e314cff4d728027e697313bec97de256d8cfa66eda1157
5a01a95342841b01ccf69c8b1f171e87087f3d1de5e1c4ecdfbbb61c76994526
5bad5eb5a8b5245cfc805ecca6843f8563ab787274f825505c3afc7d4a0f2c15
5ff9f284a3af21d9fb6ee980cf339db53ea3ff43eba06288812ef7a7015701bf
61f4de0be6478d7d7e997fcaf6055e42e273d742259c696c044f25e3e71662db
626c24aed63d53de18ec8069407e2521389cf4b6de96de30ac3eae72401b5dd8
668b2b5462ed1d52f5454ad3c47053ae2b07406c3d95be576152d0c3d0b56a9b
67e784a3cb92b7d1a9a3190efafb64718e1aced1d1cd5e7a37023b6258f4af4e
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a0011ba291cb19430eb79f6b18134e022a7ca5ea02e64f621e5afa4748a12cf
6a3f829d1abf4c119c5524877aacd2ed386e8d5a01278258b0a6a5b956bc68e8
6b370b52a8b6c0af3282e80d630323a04e734136bb9bda5478f55a8a881dea9b
6b9ed29fe44ac15eae073ed5df98a5658bc4c8f0b18a813eb9fb8152489ce764
6ceb3d4f6754594ff2ff8ee01adb110071fc2871a6d744483eeb1ce2e9f1017f
6d89fd54f0f32a7a2b2cda35a5c314cba4f623fa90a850be6ea22f4af3ee1016
6da03b92fbdff2ad2cdec496d80ccbeb2b4fe533d06f9057ae017e5f1b272412
6f1b231d496fe09aa16a3d0265e9d254faae892f9c8f629da807947164dfee7e
6f288bc724af1cb5ca584353d0fc58ed08250156c2d6f6fe25885d1f02edb818
703cda5a8f4868c8c38faccbfb4c575c86864b1af06e032fa503244f27a2d586
727b29ca477a461b1632947418cd7d42ca75765a3afea06f2f7dcf9721d24283
7315eccdf991b9dcfbc5c8a7f9fd89ea0eea24e00e2e8042eeaac9a6aa5b31b2
7459acbaddc31605486f947f034116771b19983c18431a98a87ea398a05c719b
772a995f1c010dc597942a3d44ab002671ae8d2ebbb40077abfa4a9793801e08
791006c96677f40131a5006894da0dddf6d25cc04c783fa0d905a2ab8b9b8587
79413f743e2bb9914250733682aa4e82db680ee08eab74278d49c2cf2c16e49f
79abc1e352d107d086e2c18d911facc81aa110dcc3fd570013cb02767c7681c4
7a3ea6210c61e538cbf8b02514a86d2395b55d270193fbd164eb79e65814074b
7a83124c2dabee1671e797faca6039d300708dcacf61cc79e15e1df0386b8eae
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
7f1eac781425d4d98598a91b9d199b8fd4b64a47d8992b41f8d2c59a07f44c6c
81119f72ed1baa0464fa788f77a2d128e5729126276391acd850895daeff759c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85801f5037331e280f2fb90a3f5e9e54c01e4b659d2d552fbb556f24320d3970
869a067b80a28a5f754d3ecbd784ef658e0656ab949cc9cbdac34f4dfff3ecf5
89a24bd6e0e73f5284534e2b5b279f7879f8ae197fe6afe6fa50fe52759240c5
8aaf4c05a65ecc1ecedb09d79a0848ff2f9cf16ba0706e58d81376c654ae5e1b
8e19c49cfc5724234094b0d23726e0eec36741a4f68e53a178167769a1b8964a
901339b0b0436e18401988eb25849a9c7a4223bd5b8aff2741e9a4cff961e9f9
92412e105e4f03a1b6a533ff509726e67101d16593e82a45488e8daa864cd22c
928774a4d596d00cc18e8363b2b14bffd90b8d1bb8b60e39cc8cc8d5f4ba2c59
952aefb2c7d9ea58c8e7ddf3cbe793f591564090a038f256f43d111bce90c977
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97722715f92bfef1cccdf80f1dcee232f79e48a4b5612305ca2b864c352f0274
97e7a5d1ac225db03f6e1ba92dc8fbfc9d23d2029f69098dbe367424ad6a9fc6
9857293ff548d348d46ad86654f07235abd3c2fd328cc994aa1a4e7ff620ab7a
9a07d0c11665d73e677779d2a8f52c31e51cbc30ae937ef5d445ed924f838aa0
9e260f144aa9f1ccf463795eae37bebcb36dd1a38799b1dd77bb55a53bbbaeea
a0d738e87fe46dfb6a9bc34d0819b525e48212ca3774688f724d987b5421a8b1
a10a31cd155800a4744ec4876902cbe967d674a57a4c6930722c04b9b4526c7f
a7179979c5be96626ff7f4675f3c67868d203796cb1309e8a35d7339b7a2513d
a90114d42ac15c05756983ee82e27fe2925c84549179656382bf92c61a93e8eb
aa487e5d651f21c3e384caa6f25d9bc85543c16d6904ddcad1fd31dad596bb7a
aaebb4fe87e56e27c8761469abd494cc964f0766c0cd9d616d9bfe2cbd65d224
ab80f629ff319a2fc644d54427badafd4a125dfc9607e128c9055b600c5c6140
ab950f45c68248e7e7723462339df66f418394eceeeca4c3a2ed74bacc96b213
ac6474b47336415791755bbe44c6bee742ad071e14334645c706b0c3582ef0c0
ae396bacf500ea4a79590ebe8a24e64eaf79363ac0ba8851250b575f6a0f634f
af3184b17e0ac2ab24c13b960d66af0dc56444bbaff3c7f2e494b7cb1d49aaf7
b01aa775e576ca9ba60429bb5263e6ea0c241a3e6fdd3ba526b0001cef4db77f
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b21f163ddfe78860688090e2295b406b7cccb648dde5fefc5f697c4b644a25a8
b496fed3b4570b42ef2bc566456cbbad4648105af3735de557b9af0638c8fce0
b5aac76e266c4d71682cf4c030b0cc1caa5c340b6539e3fca094602f9ea56366
b7503b96691e4ac8306ed320f8c99f045299a35454bb515e96ba72efc46dd9bf
b7baaaac468647c0c8c7ca27b9beb63692946c514bf1e72e65333ac8c3d4665e
b93d08841ee99f8a2e91702a283169c275c7ef6721cfaf6b0f71a7e80fe4d666
b9fbc8b039846e2416f8a9f2c3a08d3f3cf28d6e851782fbf06ec5ddb8d2c8f3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf5fc8b7cfc5bbec9c4365258017bc2e90a954a5c37fc059fbc0e02007f5db8
c333fe8b16e7a57974b136133803208afe62d834e7f6530b2007f4df8fe4e6c8
c47ec1392c26d9aedda32440be09c3e4ea826c0ecb587980e300fd28e65742eb
c965bf460bed07bfe8febaa8ee97ad37068554142f03296266a246c30fb891fa
c9d66f00f9eb1dbe8b78c0e99e5fd72926d293621df552e9b0d79dfeda7251d1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca489e9eed79215a9784c38910dbf5776b50dc584f0c0ff17b19c13a6fdf567d
cc750313b3641fe5146fe5b449e7c04d6479e21eebbae1d0952d17e5d68ddd24
cd3627a418a036de767cd17f27ff6108ecbf59d3acf507e4dca9e94751ee5f5d
cdaf4192799c0e9e9c7c981adefced4a861e82d7f7cdf0076475aa8e858efc01
cddd450a33be5e50d6f27aea78d2e278beae2762678b22fc2dcee8de29cbc0be
d174b70da512e5e6c28f07c8aea116eff6772a7682d7d7d8f1aa04ef5a44627b
d25310b969fda699a92ce9c02a3c594f6bd9b1fb05da572ece3073830df702a4
d36bbf2b58df3f86c063c2992be4289938267f4005ae51d0509291ebc7fed884
d3e909041e087aae1adf905e2315176457fbe34fe2673078e083b725d5e5a721
d4241b3f67b6c96daf3b905f5a838624f81d194a05cccb134eb3792f118e8ab4
d4d8e4be239ffb32c0510a453c368d03f0ad654e8918dca80f392cc9031ce124
d75c781367623c826c4f21e982acd41aa16837078a14bfdc1abe71dc1ad0c75a
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d91c4b4bcabca42e67bdb3f2fdfe9f52017b9b67111bff940ce2bcc4b7064abc
dcce7811dfa55ed267efacadbc20f0116dea9f266a71332ac6b4f8ccc7666c3c
dd18fbbb0a2a6192b5678fb2d1286895e906ae05af2cec2eb27c5dc434c73881
e0dc0f2c2b6053e08bcaf54fed36660cd737ea710d9200b7bc95e365a537fb63
e18ccc63e3ecce9951d412e0dfc23ff37942ff3b72d59d67919a027d31435888
e3a83b9683ed4142643e5bc71e50751f0e78040fbe4c203180ad550e816bd884
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
e4138c9f1bd4f0de12a416f0bba62ade1108c35ba3b8bc65a9268cf38dc03cb2
e4f685fed7eec70bbe2c8b84185cec63b25d31e50ed9a93f6a96bd68cd8a1b38
e632b86bd240056b9025433d23c071b3a8d6d76e10ae5a1099348d4128223b14
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e813ff91a6e51ecc01f64cdb28c26d8367c88b8575329c508ae9ee484b1f626f
e8d355ed9dd030911ffc6763ea67abcf5449dcc2b1a8430fad0daaed86be64dc
e92f434a50c76d6e52d0d3cc91cdf1854c7fd39fecd5ae65800568aef7c03029
e9b52dc6d0d6e07f52735664713b1111b95da633312cd67eeffcb5ad338aaee7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3bc5c60261ed32d35c136578f9b2787a1ce5e18f761f0970de419378971800
f016bafb905d27cb7f4f47f12863b77a610e5b66281ca51d5130db20e8c7b9fa
f040fd671bf59a1f6d2f5bfe57d619df1e4e5ccbf576e2981e03b4e170e7cac0
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
f6aa997b74e7735353f9b0a5fb708392f384c5b56fcd96752c51f94fc141f568
f8796bb53ed458cbcaaa037e4e3c500f713ff03fd43aaa8015ef2cafc1879dcb
f97526a96a76a4a56c741909c8782b83f39f2f171dcdcbaa77445d702c8f2f65
fb3eb67320d9c0fbeee2676252be96ccedd2fec0fde1e89c34c84f5dd24c7839
fbeb8148a4fdaab3557195126f98b0ca57d0b83e756ff374a81390defde903f5
fd54066685e186c0e7cb6036fc1da5a922c5cc40f4239eedd06338d6948d4db0
fdbc461c216f26163d5028fdb38de52d98776eb67e2e2fdea14fa92f2829bb93
fddc18e038a03d661f91034e9ffa81856ae1551f3289467ff8d8f2f2bf2dec6a
ff68d29e05506e8c548f52f038b737a8283df557609548c6c847f5d58bf20f63

www.elfcosmetics.com 151.101.3.52 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

258 Requests

97 %HTTPS

0 %IPv6

27 Domains

40 Subdomains

40 IPs

5 Countries

8636 kBTransfer

23650 kBSize

37 Cookies

18 Outgoing links

Page URL History

Redirected requests

258 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.elfcosmetics.com
151.101.3.52 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

258
Requests

97 %
HTTPS

0 %
IPv6

27
Domains

40
Subdomains

40
IPs

5
Countries

8636 kB
Transfer

23650 kB
Size

37
Cookies

258 HTTP transactions
4 data transactions