www.elfcosmetics.com Open in urlscan Pro
204.2.48.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.elfcosmetics.com/
Effective URL:
https://www.elfcosmetics.com/
Submission: On December 19 via api (December 19th 2023, 8:05:57 am UTC) from US — Scanned from DE

Summary HTTP 290 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 64 IPs in 4 countries across 46 domains to perform 290 HTTP transactions. The main IP is 204.2.48.21, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 78022.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.2.48.27 204.2.48.27	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1 103	204.2.48.21 204.2.48.21	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	2a02:26f0:480... 2a02:26f0:480:1a::5f65:6fb0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2606:4700:440... 2606:4700:4400::ac40:9ba6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
3	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:231... 2600:9000:2315:f400:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.237.62.212 104.237.62.212	18450 (WEBNX) (WEBNX)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:4800:11:85b0:d600:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:6400:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	18.173.233.26 18.173.233.26	16509 (AMAZON-02) (AMAZON-02)
1	34.197.232.195 34.197.232.195	14618 (AMAZON-AES) (AMAZON-AES)
1	140.174.14.81 140.174.14.81	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
2	104.102.49.120 104.102.49.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:224... 2600:9000:2240:ca00:13:d6f4:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:5af::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
5	184.86.103.223 184.86.103.223	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:244... 2600:9000:2440:bc00:a:7914:b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.248.96 18.66.248.96	16509 (AMAZON-02) (AMAZON-02)
1	52.19.250.192 52.19.250.192	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
1	52.58.17.145 52.58.17.145	16509 (AMAZON-02) (AMAZON-02)
3	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.19.184.255 52.19.184.255	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a02:26f0:310... 2a02:26f0:3100::210:6e29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.86.251.219 184.86.251.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
8	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.51.202.206 52.51.202.206	16509 (AMAZON-02) (AMAZON-02)
1	34.149.175.90 34.149.175.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.117.200.186 34.117.200.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.118.76 34.149.118.76	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.66.122.16 18.66.122.16	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:5... 2600:1901:0:56e0::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	91.235.133.113 91.235.133.113	30286 (THM) (THM)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
290	64

1 204.2.48.27 (United States) 1 redirects

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

103 204.2.48.21 (United States) 1 redirects

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:1a::5f65:6fb0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.c1.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:4400::ac40:9ba6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.media.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn-fsly.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxxt4gy2ig.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2315:f400:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.237.62.212 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4800:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.cnnx.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net

10265292.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:6400:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.173.233.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-26.dus51.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.232.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-232-195.compute-1.amazonaws.com

px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.174.14.81 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.49.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-49-120.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:ca00:13:d6f4:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:5af::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.86.103.223 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-223.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2440:bc00:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-96.dus51.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.250.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-250-192.eu-west-1.compute.amazonaws.com

api.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.17.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-17-145.eu-central-1.compute.amazonaws.com

external-api.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.184.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-184-255.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3100::210:6e29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

elfcosmetics.a.bigcontent.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-219.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.202.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-202-206.eu-west-1.compute.amazonaws.com

srm.ba.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.175.90 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.175.149.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.200.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.200.117.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.118.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.118.149.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-16.fra60.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.235.133.113 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

w2txo5aahbvg2igr5hyaxrzo3bwyy2tod6kexbczc235d1d61d73890cam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	elfcosmetics.com 2 redirects www.elfcosmetics.com — Cisco Umbrella Rank: 78022	1 MB
23	amplience.net cdn.c1.amplience.net — Cisco Umbrella Rank: 35271 cdn.media.amplience.net — Cisco Umbrella Rank: 10128	3 MB
14	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 6824 imgs.signifyd.com — Cisco Umbrella Rank: 5865	94 KB
13	paypal.com www.paypal.com — Cisco Umbrella Rank: 2085 t.paypal.com — Cisco Umbrella Rank: 2568	239 KB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 324	323 KB
11	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 6084 st.dynamicyield.com — Cisco Umbrella Rank: 5745 async-px.dynamicyield.com — Cisco Umbrella Rank: 5840 px.dynamicyield.com — Cisco Umbrella Rank: 23654	222 KB
9	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2050 api.bounceexchange.com — Cisco Umbrella Rank: 2223	162 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93 region1.analytics.google.com — Cisco Umbrella Rank: 2693	2 KB
8	doubleclick.net 9231397.fls.doubleclick.net Failed 10742279.fls.doubleclick.net Failed 10265292.fls.doubleclick.net — Cisco Umbrella Rank: 472980 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	5 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6765	905 B
6	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3954	2 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	148 KB
4	bigcontent.io elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 128663	9 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 758 tr6.snapchat.com — Cisco Umbrella Rank: 88800	702 B
4	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3083 c.contentsquare.net — Cisco Umbrella Rank: 3307 srm.ba.contentsquare.net — Cisco Umbrella Rank: 13368	69 KB
4	yottaa.net cdn-fsly.yottaa.net — Cisco Umbrella Rank: 13848 Failed qoe-1.yottaa.net — Cisco Umbrella Rank: 6173	1 MB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2534 w2txo5aahbvg2igr5hyaxrzo3bwyy2tod6kexbczc235d1d61d73890cam1.e.aa.online-metrix.net	16 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 4140 page.cdnbasket.net — Cisco Umbrella Rank: 4148 view.cdnbasket.net — Cisco Umbrella Rank: 4147	1014 B
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1965	33 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 715	1 KB
3	jebbit.com js.jebbit.com — Cisco Umbrella Rank: 33156 external-api.jebbit.com — Cisco Umbrella Rank: 39914	60 KB
3	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 557	445 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	301 KB
3	px-cloud.net collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 167677	1 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3280 e.cdnwidget.com — Cisco Umbrella Rank: 13143	335 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 329	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	92 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	21 KB
2	usehero.com cdn.usehero.com — Cisco Umbrella Rank: 31511 api.usehero.com — Cisco Umbrella Rank: 29821	29 KB
2	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 16302	63 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 2843	442 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	974 B
1	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 6223	405 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1387	637 B
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 3860	6 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1266	9 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 945	18 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4632	12 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 5888	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 548	295 B
1	cnnx.link js.cnnx.link — Cisco Umbrella Rank: 6403	1 KB
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	pointmediatracker.com Failed pixel.pointmediatracker.com Failed
290	46

	Domain	Requested by
104	www.elfcosmetics.com	2 redirects www.elfcosmetics.com cdn-fsly.yottaa.net
22	cdn.media.amplience.net	www.elfcosmetics.com
13	cdn.cookielaw.org	cdn-fsly.yottaa.net cdn.cookielaw.org www.elfcosmetics.com
12	imgs.signifyd.com	www.elfcosmetics.com imgs.signifyd.com
11	www.paypal.com	www.elfcosmetics.com www.paypal.com www.paypalobjects.com
8	assets.bounceexchange.com	www.elfcosmetics.com
6	async-px.dynamicyield.com	cdn.dynamicyield.com
6	www.google.de	www.elfcosmetics.com
6	sdk.iad-05.braze.com	cdn-fsly.yottaa.net
5	analytics.tiktok.com	www.elfcosmetics.com analytics.tiktok.com
5	www.google.com	2 redirects www.elfcosmetics.com
4	elfcosmetics.a.bigcontent.io
4	googleads.g.doubleclick.net	2 redirects www.elfcosmetics.com
3	www.paypalobjects.com	www.elfcosmetics.com www.paypalobjects.com
3	ct.pinterest.com	s.pinimg.com www.elfcosmetics.com
3	tr.snapchat.com	www.elfcosmetics.com sc-static.net
3	insight.adsrvr.org	www.elfcosmetics.com
3	cdn.dynamicyield.com	www.elfcosmetics.com
3	www.googletagmanager.com	www.elfcosmetics.com
3	collector-pxxt4gy2ig.px-cloud.net	www.elfcosmetics.com
3	cdn-fsly.yottaa.net	www.elfcosmetics.com
2	h.online-metrix.net	imgs.signifyd.com
2	cdn-scripts.signifyd.com	www.elfcosmetics.com
2	c.contentsquare.net
2	t.paypal.com
2	region1.analytics.google.com	www.googletagmanager.com
2	bat.bing.com	www.elfcosmetics.com
2	js.jebbit.com	www.elfcosmetics.com
2	connect.facebook.net	www.elfcosmetics.com
2	s.pinimg.com	www.elfcosmetics.com
2	static.ordergroove.com	www.elfcosmetics.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	10265292.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.elfcosmetics.com www.google-analytics.com
2	api.ipify.org	cdn-fsly.yottaa.net
1	w2txo5aahbvg2igr5hyaxrzo3bwyy2tod6kexbczc235d1d61d73890cam1.e.aa.online-metrix.net
1	e.cdnwidget.com
1	api.bounceexchange.com	www.elfcosmetics.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	srm.ba.contentsquare.net	t.contentsquare.net
1	tr6.snapchat.com	sc-static.net
1	analytics.pangle-ads.com	analytics.tiktok.com
1	ut.rd.linksynergy.com	www.elfcosmetics.com
1	www.facebook.com
1	external-api.jebbit.com	js.jebbit.com
1	alb.reddit.com
1	tag.wknd.ai	www.elfcosmetics.com
1	api.usehero.com	cdn.usehero.com
1	t.contentsquare.net	www.elfcosmetics.com
1	www.redditstatic.com	www.elfcosmetics.com
1	sc-static.net	www.elfcosmetics.com
1	www.googleadservices.com	www.elfcosmetics.com
1	cdn.usehero.com	www.elfcosmetics.com
1	websdk.appsflyer.com	www.elfcosmetics.com
1	tag.rmp.rakuten.com	www.elfcosmetics.com
1	qoe-1.yottaa.net	www.elfcosmetics.com
1	px.dynamicyield.com	cdn.dynamicyield.com
1	adservice.google.com	10265292.fls.doubleclick.net
1	st.dynamicyield.com	www.elfcosmetics.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	js.cnnx.link	www.googletagmanager.com
1	cdn.c1.amplience.net	www.elfcosmetics.com
0	idsync.rlcdn.com Failed
0	pixel.pointmediatracker.com Failed	www.elfcosmetics.com
0	10742279.fls.doubleclick.net Failed	www.googletagmanager.com
0	9231397.fls.doubleclick.net Failed	www.googletagmanager.com
290	69

This site contains links to these domains. Also see Links.

Domain
cdn.dynamicyield.com
st.dynamicyield.com
rcom.dynamicyield.com
www.tiktok.com
www.instagram.com
www.pinterest.com
www.facebook.com
www.youtube.com
twitter.com
www.snapchat.com
www.linkedin.com
www.elfbeauty.com
elfcosmetics.onelink.me
preferences.elfcosmetics.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-25` - `2024-10-25`	a year	crt.sh
c1.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-06` - `2024-10-23`	a year	crt.sh
dm.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-20` - `2024-08-14`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2023-09-13` - `2024-10-14`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-09-13`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-09-03` - `2024-10-01`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.iad-05.braze.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-27` - `2024-08-27`	a year	crt.sh
js.cnnx.link Amazon RSA 2048 M02	`2023-07-11` - `2024-08-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2023-08-04` - `2024-08-17`	a year	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.usehero.com Amazon RSA 2048 M02	`2023-08-28` - `2024-09-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-27` - `2023-12-26`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.jebbit.com Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
api.usehero.com Amazon RSA 2048 M02	`2023-02-05` - `2024-03-05`	a year	crt.sh
tag.wknd.ai R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M01	`2023-03-20` - `2024-04-17`	a year	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2023-02-13` - `2024-02-13`	a year	crt.sh
*.bigcontent.io GeoTrust TLS RSA CA G1	`2023-03-14` - `2024-04-13`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-11-20` - `2024-02-18`	3 months	crt.sh
srm.ba.contentsquare.net Amazon RSA 2048 M02	`2023-11-07` - `2024-12-06`	a year	crt.sh
data.cdnbasket.net GTS CA 1D4	`2023-11-12` - `2024-02-10`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2023-11-15` - `2024-02-13`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2023-11-20` - `2024-02-18`	3 months	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
ids.cdnwidget.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.wunderkind.co R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
e.cdnwidget.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2023-10-20` - `2024-11-20`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: 72B4594CFFDD4E42B0581AFC1D38D603
Requests: 258 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=2761379703427;auiddc=229840579.1702973143;u6=%2F;u10=undefined;u12=undefined;u8=undefined;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 4D15E9EC40A06BFD8E8A3A3D87E0CC20
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=3062632826788;auiddc=229840579.1702973143;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: B519F486CFEB68A1D09CAD979FA6435A
Requests: 1 HTTP requests in this frame

Frame: https://10265292.fls.doubleclick.net/activityi;dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: FE15A7410BC125B1EE0502D04E9972A2
Requests: 2 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=2046950376976;auiddc=229840579.1702973143;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 4FEC89B9C5A444B6AA281CD31B5F1580
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.52.0&integrationType=SDK
Frame ID: CFAE4AD1CB85FED60D99A25FFBD935DF
Requests: 4 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=955d7053-1265-4a80-8a1d-a227069791ca&u_sclid=da39234b-c7f4-4db1-995a-8a31b98a7614
Frame ID: 593CC0396114C3DF9BAC0066BD00FDE6
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 1BEBE09CC97BC39DB4C9D6BDDD437079
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 1261BDF8551635A96B9958938B86E16E
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 8B446F74B8D8EDE44A2B165427C56BA6
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/-kyvpIk4Nf1k31lm?1295596c13cdd7fe=-KsW0VNS8BPeqDZtmea90o6KfmNh3lTNOEFowItM1uuhkiL_TRmfgXFai-ztNPIhwE3dWa9CD-CktB7Fk82IhUa6NJqAa-lg5T6z2fu1BBNiT49TvG5e0IzwA2S6qjBiQSJl8HC75MPsI4vsdZ4Qev7u4gcDSw-zqWKmArR8O3Hezz-a3L63KY2L2G71o3YOJJx0O7VfmznsjVqu&jb=3d3b262e6071657d355f6b666e6d757b2c607b6d375d696e6e6d77732f323a393b2462716a773d4b627065656d2e687b683f4160786565672f3830313832
Frame ID: C1D8642FA8E4EA920BE5FB4E6BC6E126
Requests: 9 HTTP requests in this frame

Frame: https://imgs.signifyd.com/wKdrMOHy1w59pb0b?21ceb0f347bf369b=FA5CCK7HQ2i0N2DXleN5V-z-__qFPftFKw_ZSA9BIzR-YsbniCS9S0129xkJQAaFyiKMkj95hGO5kbFTDQB3kynC5WkODq6KUpy71ojtTjv23Av9ktDwhRcCOSHIWlPOvDQCIYE9ezvbiU-92SgiMLkvieLCPwRANRcBKZdZJBh7CT8BXcLVrbJhJ5mL4idqoS4uasI3t6PHGuYuG9Q
Frame ID: A8F38B82B3F8B51702F9C29D496DF22A
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/0MzrdSEJZcGR6Zd4?fded7f7dc9229b50=AcoQX5xFoj17wXTUO6SoOtNadntWLtdzZIsPuNpZl0C5dvK_ZGIX_SWPF7vKjaXgcydqcPchFX4ja5nHDSombB9BPZ4Z58SgpyGClSImHZUI97ps4H-cdrGihseM1SV6l_C7Ou_RiQs9KgRCSC6W_xK66osSFVZ-nhLyOBSeIRfaRXqBoWpc_zyVkOr5XE5HQpiKoapqrwqAzS4raj_C
Frame ID: 07C3F17244A1FC3F946C7C4394471838
Requests: 2 HTTP requests in this frame

Frame: https://imgs.signifyd.com/VLPci3WhecpvP7qV?f9a0b4dd2e282c81=AxqC1bN2s8V_8YbDSx_TkPHunJj1vDgbIsZ8OV5nvut2cBvB3W7g8ZFYUXUgexIfCQZAbfrO7SPU7qP1tlxHWCaUWqdC_dxuDttoFuufvFysmOJR19TWFd8oUsWnNmu4R4zRw3gxb3pZnGPzSa4Wyjpdc57A7bYxOAEHiSkwMDAZdLDe_lx2XcxKRm5Kkn_tSN0374F-zoq3kmwPhGvb
Frame ID: 78D8B285697AF7794F0EFDD5F56E41BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e.l.f. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. CosmeticsBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://www.elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

290
Requests

96 %
HTTPS

39 %
IPv6

46
Domains

69
Subdomains

64
IPs

4
Countries

7347 kB
Transfer

35474 kB
Size

61
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://st.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://rcom.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-beauty

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://elfcosmetics.onelink.me/wTtZ/AcrossSiteCosmetics

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/dont_sell
Title: Do Not Sell My Personal Info/Opt Out of Targeted Ads

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/privacy
Title: Privacy Rights Request Form

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=Bv7wz5w2QKlqEAV5tKbnD0NE710OhpzX8iN1mDV22XA HTTP 303
https://www.elfcosmetics.com/callback?usid=72ff787d-1784-4912-8b77-0b13f4b76959&code=b1eTtTCKbrA8B4XJdFbbQ-_znSNAHRBOc9JaDrpmkTc

Request Chain 43

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://10265292.fls.doubleclick.net/activityi;dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 45

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1702973143355&cv=11&fst=1702973143355&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&auid=229840579.1702973143&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D HTTP 302
https://www.google.com/pagead/1p-user-list/698270988/?random=1702973143355&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&cid=CAQSGwAvHhf_-tA48AKKTAqo32CFwalvtX0B2eLIjQ&random=921758498 HTTP 302
https://www.google.de/pagead/1p-user-list/698270988/?random=1702973143355&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&cid=CAQSGwAvHhf_-tA48AKKTAqo32CFwalvtX0B2eLIjQ&random=921758498&ipr=y

Request Chain 120

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&auid=229840579.1702973143&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=2E6BZbHeGNqT78EP8OaA6AI&sscte=1&crd=&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGeO0seCflOLhCQc8X8n-Xg3Q6ydApe_PBc&pscrd=EkxDaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVVBaUQwSi1VTU9OWnJnc0RVeWp1Q3J5Qnd0TUZiWWRGR3lBZUZMTFZQR09temd6VF9ZGlhDaEVJZ0p1RnJBWVF6S0RiczVXSXlmS3ZBUkl0QVBwQ2tTOHdJcy1jcXBpb2l2SjFYUEhUSGN2MnVuNHVLTEN4WTk0SlBZTHIyODhldmxJcE4wRHhrelFQIhMIsarWqoWbgwMV2sk7Ah1wMwAt HTTP 302
https://www.google.com/pagead/1p-conversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&auid=229840579.1702973143&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVVBaUQwSi1VTU9OWnJnc0RVeWp1Q3J5Qnd0TUZiWWRGR3lBZUZMTFZQR09temd6VF9ZGlhDaEVJZ0p1RnJBWVF6S0RiczVXSXlmS3ZBUkl0QVBwQ2tTOHdJcy1jcXBpb2l2SjFYUEhUSGN2MnVuNHVLTEN4WTk0SlBZTHIyODhldmxJcE4wRHhrelFQIhMIsarWqoWbgwMV2sk7Ah1wMwAt&is_vtc=1&ocp_id=2E6BZbHeGNqT78EP8OaA6AI&cid=CAQSKQAvHhf_ciJ4JHhEt3clidaWyEUozcPYEZ7w3fV9-3K8P45I9tXSQ6Wy&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGfI8NNZg32Tf_sa8VN0HKghBEIWkRRD3Fo&random=2283654478 HTTP 302
https://www.google.de/pagead/1p-conversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&auid=229840579.1702973143&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVVBaUQwSi1VTU9OWnJnc0RVeWp1Q3J5Qnd0TUZiWWRGR3lBZUZMTFZQR09temd6VF9ZGlhDaEVJZ0p1RnJBWVF6S0RiczVXSXlmS3ZBUkl0QVBwQ2tTOHdJcy1jcXBpb2l2SjFYUEhUSGN2MnVuNHVLTEN4WTk0SlBZTHIyODhldmxJcE4wRHhrelFQIhMIsarWqoWbgwMV2sk7Ah1wMwAt&is_vtc=1&ocp_id=2E6BZbHeGNqT78EP8OaA6AI&cid=CAQSKQAvHhf_ciJ4JHhEt3clidaWyEUozcPYEZ7w3fV9-3K8P45I9tXSQ6Wy&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGfI8NNZg32Tf_sa8VN0HKghBEIWkRRD3Fo&random=2283654478&ipr=y

290 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elfcosmetics.com/
Redirect Chain

http://www.elfcosmetics.com/
https://www.elfcosmetics.com/

899 KB
228 KB

647ms
387ms

Document
text/html

204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 351305d07b471b867709d3dfcab307b35d599a45c0af889f9cd49d215ea940c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 322 322
cache-control: public, must-revalidate, s-maxage=900
content-encoding: gzip
content-length: 231988
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 08:05:41 GMT
etag: W/"c3c9e-flVIVVvesQ/xJTM7DbJfEXkdplE"
vary: Accept-Encoding
via: 1.1 86d459f5880d6293425a222fb32d5cb4.cloudfront.net (CloudFront)
x-amz-apigw-id: QLkO4EXriYcEgBA=
x-amz-cf-id: SXT8m6Gg3M4l_KbFyXHShFmoVj6g1K4DEi1nXZi-MGT4hCGhpjbohw==
x-amz-cf-pop: ORD52-C3
x-amzn-remapped-connection: close
x-amzn-remapped-content-length: 801950
x-amzn-remapped-date: Tue, 19 Dec 2023 08:00:19 GMT
x-amzn-requestid: f8447d66-0390-47db-9e3c-58dab69508bb
x-amzn-trace-id: Root=1-65814d92-3eb4ebe42c65b76e0778742a;Sampled=0;lineage=2b75b0e9:0
x-cache: Hit from cloudfront
x-yottaa-metrics: 2621cc023042/[81,34,-] 26D1cc023015/[-,123.167]
x-yottaa-optimizations: ob/1000000100001000 si/26D1cc023015-1702588992-3672655574 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os: 200

Redirect headers

Age: 0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 125
Content-Type: text/html
Date: Tue, 19 Dec 2023 08:05:40 GMT
Location: https://www.elfcosmetics.com/
Via: 1.1 fee2e0fc8d516ec2db8a330862bc0b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 0UOwHAG6AIVtlKbRbJJ-sV5TNe_ZB5l8okUWUv4kbbp25g3O87ngIw==
X-Amz-Cf-Pop: ORD53-C3
X-Cache: Redirect from cloudfront
X-Yottaa-Metrics: 2621cc8d5874/[29,10,-] 26D1cc02301b/[-,31.335]
X-Yottaa-OS: 301
X-Yottaa-Optimizations: ob/1000 si/26D1cc02301b-1702588990-5148551627 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0

GET
H2 200 init.js Show response
www.elfcosmetics.com/XT4Gy2ig/ 165 KB
74 KB 349ms
349ms Script
application/javascript 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 42abcbe91cd43f8ba5d6b6e52b21c570a830ad4bbf5d3dcd05725c8c4c189d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:41 GMT
content-encoding: gzip
etag: "29585-Bw2MQZL+rQLDND7sf3slFNTyhSE"
active-cdn: Akamai
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
x-yottaa-metrics: 26D1cc023015/[-,26.356]
x-px-hash: NjgzNjJkZjFhMzI3YzMzM2U0MWYwOWE5MzU5ODBkZWI5YmMwY2M5ZTMyNTdjNjVmMjEwYmVmZWYyNTc1YjRkMg==
x-yottaa-optimizations: ob/0 si/26D1cc023015-1702588992-3672655581 tts/1702973141789 ti/0 ai/5a0c9b7632f01c35d42101b2

GET /
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/ 0
0

GET
H2 200 custom-slider-0.0.15.min Show response
cdn.c1.amplience.net/c/elfcosmetics/ 2 KB
2 KB 202ms
40ms Script
application/javascript 2a02:26f0:480:1a::5f65:6fb0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c1.amplience.net/c/elfcosmetics/custom-slider-0.0.15.min
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:1a::5f65:6fb0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 08:05:42 GMT
cache-control: max-age=120, s-maxage=1800
accept-ranges: bytes
content-length: 1626
x-amp-srv: A
content-type: application/javascript; charset=utf-8

GET
H2 200 2023-12-blush-tile1-background_D-min
cdn.media.amplience.net/i/elfcosmetics/ 28 KB
28 KB 216ms
98ms Image
image/webp 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-blush-tile1-background_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa6dcd76299abb9a120143e813174c9e867ff08f4881a039be575b263c443cb

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: EXPIRED
x-amp-srv: CF
edge-cache-tag: UKslgSmTc,l4p5bDg2e,xBlIk4sC4,Cqm_p3RsQ,DtzGFM5oJ
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: QBtBSQS1yp
alt-svc: h3=":443"; ma=86400
content-length: 28278
x-xss-protection: 1; mode=block
x-amp-source-height: 1200
last-modified: Mon, 18 Dec 2023 08:03:29 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/webp
access-control-allow-origin: *
x-amp-source-width: 1600
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245abb1203c4-FRA
x-amp-published: Fri, 15 Dec 2023 17:00:10 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a2b3b5ecaa7d5c67e5e28f9712ebcf28a592c7191e24bcde25cc5bb374cbf7b

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a33177a1b1a44698bc85bc710dfd4a6aba8bbe329db64dbb0622c894a1c05cbd

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 2023-12-blush-tile1-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 183 KB
183 KB 167ms
57ms Image
image/webp 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-blush-tile1-image-1_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dcdfd275696be50bb9d6a6c242f3920901deeddd0376957438fd3d6d13bac60

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: EXPIRED
x-amp-srv: CF
edge-cache-tag: xVpl5lx7x,l4p5bDg2e,Pdg6_aYBX,Cqm_p3RsQ,DtzGFM5oJ
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: w6QuT-Vz8U
alt-svc: h3=":443"; ma=86400
content-length: 187090
x-xss-protection: 1; mode=block
x-amp-source-height: 1200
last-modified: Mon, 18 Dec 2023 08:03:29 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/webp
access-control-allow-origin: *
x-amp-source-width: 1600
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245abb1403c4-FRA
x-amp-published: Fri, 15 Dec 2023 17:38:05 GMT

GET
H2 200 2023-12-blush-tile1-eyebrow_D-min
cdn.media.amplience.net/i/elfcosmetics/ 10 KB
10 KB 165ms
56ms Image
image/webp 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-blush-tile1-eyebrow_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b837967236555a4a648cae116e9145a08928bcee2bbe7da208d18ab261980491

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: EXPIRED
x-amp-srv: CF
edge-cache-tag: O6rGYv0LW,l4p5bDg2e,y1Gg46RFb,Cqm_p3RsQ,DtzGFM5oJ
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: T7PpCLg_eQ
alt-svc: h3=":443"; ma=86400
content-length: 9886
x-xss-protection: 1; mode=block
x-amp-source-height: 116
last-modified: Mon, 18 Dec 2023 08:03:29 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/webp
access-control-allow-origin: *
x-amp-source-width: 440
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245abb1503c4-FRA
x-amp-published: Fri, 15 Dec 2023 17:00:10 GMT

GET
H2 200 vendor.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/ 2 MB
619 KB 121ms
41ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57e461c9b78558e62478cca713658387eaf54afe6ae0a8128ee38e5846b4d6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 7DhVfT1FfID7USGHRQIdkAPtGlAbpV1z
via: 1.1 20340eb7909bfa098c771e4c93be880a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:42 GMT
x-amz-cf-pop: LHR62-C3
age: 1170199
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/3411a5fe3887-1690921777-1105583644 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront, HIT
x-amz-meta-deploy: 621192
content-length: 633349
x-amz-meta-bundle: 10314
x-served-by: cache-fra-etou8220053-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1702973142.279455,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 3421a5fe3894/[940,855,-] 3411a5fe3887/[-,1341.400]
accept-ranges: bytes
x-amz-cf-id: zSQSSJjgsZfkn5dSovYi7NApT_4Bn2YTkgHSWcIeodTCmRzlXV8CdA==
x-cache-hits: 2

GET
H2 200 main.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/ 2 MB
454 KB 207ms
127ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f770b32793546ad41060cc03c06e4a744b10e9ae4af0b2b0522cfcf1fb33285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ee3xb.NTbr4bzXJ3SxfA7qqa0mkCetT8
via: 1.1 c4ff0051ca0c026ecfda9d67a3f79e8a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:42 GMT
x-amz-cf-pop: LHR62-C3
age: 1170199
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/3411a5fe3873-1698160819-275618161 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront, HIT
x-amz-meta-deploy: 621192
content-length: 464645
x-amz-meta-bundle: 10314
x-served-by: cache-fra-etou8220053-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1702973142.280143,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 3421a5fe3896/[886,822,-] 3411a5fe3873/[-,1169.911]
accept-ranges: bytes
x-amz-cf-id: n542JaN-VUIDKG1s4EnnR-WPZM9V7lEkW5OphkeYfjSAWk6H3DzrPg==
x-cache-hits: 2

GET
H2 200 pages-home.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/ 4 KB
3 KB 119ms
40ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/pages-home.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f0f6bc09ddb2d0086746dc057765e688f7d6f5757bc4005b851a65844c0228d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Wtce_zp0PffpiVY9odDdZvwcinyuKvHB
via: 1.1 2e562a075bb04f6a4549186f5766f046.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:42 GMT
x-amz-cf-pop: ORD53-C3
age: 459672
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1001 si/2611cc028373-1700446746-2116593965 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 621192
content-length: 2001
x-amz-meta-bundle: 10314
x-served-by: cache-fra-etou8220053-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1702973142.279473,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832f/[17,6,-] 2611cc028373/[hit]
accept-ranges: bytes
x-amz-cf-id: ORDJO7wLW81h7_DZYJwv2-EG1fx9yIjl7PKmnGRpbhSarm4L6suXOQ==
x-cache-hits: 2

GET
DATA 200
OK truncated
/ 37 B
37 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 2023-12-18-hp-tile2-hydrating-camo-cc-desktop-bg-min
cdn.media.amplience.net/i/elfcosmetics/ 140 KB
140 KB 63ms
60ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-18-hp-tile2-hydrating-camo-cc-desktop-bg-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8528d4cdd9a7b127f058fe8aef04b91b7f0d0eee2ea03131fdad36a2c6bfd67

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: EXPIRED
x-amp-srv: CF
edge-cache-tag: QVBJrVR7z,l4p5bDg2e,ShIAA175B,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: zthi0f663v
alt-svc: h3=":443"; ma=86400
content-length: 143312
x-xss-protection: 1; mode=block
x-amp-source-height: 840
last-modified: Mon, 18 Dec 2023 08:03:29 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 3200
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245b6bc103c4-FRA
x-amp-published: Fri, 15 Dec 2023 19:15:28 GMT

GET
H2 200 2023-12-18-hp-tile2-hydrating-camo-cc-desktop-bs-logo-min
cdn.media.amplience.net/i/elfcosmetics/ 10 KB
10 KB 61ms
58ms Image
image/png 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-18-hp-tile2-hydrating-camo-cc-desktop-bs-logo-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa7589d86d72080b48af1c61f8c80d85bdac1ef35dba805a6a774f3fddd353c

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: EXPIRED
x-amp-srv: CF
edge-cache-tag: Arm_VKdiM,l4p5bDg2e,OoysN1BOy,UyB2-aY-L
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: MLUJTMZ90i
alt-svc: h3=":443"; ma=86400
content-length: 10361
x-xss-protection: 1; mode=block
x-amp-source-height: 116
last-modified: Mon, 18 Dec 2023 08:03:29 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-amp-source-width: 440
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245b6bc303c4-FRA
x-amp-published: Fri, 15 Dec 2023 19:15:28 GMT

GET
H2 200 _HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_1-min
cdn.media.amplience.net/i/elfcosmetics/ 174 KB
174 KB 73ms
71ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_1-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a9a1afad5f8e15a666e1cd96b459cf9be51716d9cc3274ed17d244df516ba0

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 51989
x-amp-srv: CF
edge-cache-tag: 86l7K5lUc,l4p5bDg2e,R0jcZu2sc,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: liFITPcGrl
alt-svc: h3=":443"; ma=86400
content-length: 178052
x-xss-protection: 1; mode=block
x-amp-source-height: 840
last-modified: Mon, 18 Dec 2023 17:39:13 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 3200
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245b6bc903c4-FRA
x-amp-published: Fri, 27 Oct 2023 01:56:36 GMT

GET
H2 200 _HPTILE2_HOLIDAY_COLOR_D_HEADER-min
cdn.media.amplience.net/i/elfcosmetics/ 40 KB
41 KB 57ms
54ms Image
image/png 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_COLOR_D_HEADER-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62ecfac9be5d8026c245085929d25293b32182ca48b79a285fcf8078afa1057

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 46316
x-amp-srv: CF
edge-cache-tag: HX4FHXFVc,l4p5bDg2e,TMGw-mbYi,UyB2-aY-L
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: Rhw6Gh71ot
alt-svc: h3=":443"; ma=86400
content-length: 41413
x-xss-protection: 1; mode=block
x-amp-source-height: 350
last-modified: Mon, 18 Dec 2023 19:13:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-amp-source-width: 760
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245b6bca03c4-FRA
x-amp-published: Fri, 27 Oct 2023 01:56:36 GMT

GET
H2 200 _HPTILE1_HOLIDAY_COLOR_D_TILE_1-min
cdn.media.amplience.net/i/elfcosmetics/ 29 KB
29 KB 59ms
57ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE1_HOLIDAY_COLOR_D_TILE_1-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe5c43e74296f45dcd834dd01fdb27aad4ab4268b55e15bb122c0aa01a3cb05

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 46316
x-amp-srv: CF
edge-cache-tag: XBF0DroTX,l4p5bDg2e,dwCawszHi,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: xpHmltqlWU
alt-svc: h3=":443"; ma=86400
content-length: 29307
x-xss-protection: 1; mode=block
x-amp-source-height: 614
last-modified: Mon, 18 Dec 2023 19:13:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 614
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245b6bcc03c4-FRA
x-amp-published: Thu, 26 Oct 2023 23:27:20 GMT

GET
H2 200 _HPTILE1_HOLIDAY_COLOR_D_TILE_2-min
cdn.media.amplience.net/i/elfcosmetics/ 58 KB
58 KB 73ms
71ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE1_HOLIDAY_COLOR_D_TILE_2-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42aff953f53b31dfd383ca981773b66f8d5afa8f5a6a0ca8e2f4d5fa49f289fd

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 51989
x-amp-srv: CF
edge-cache-tag: zecGeD8kG,l4p5bDg2e,CdRYukmMh,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: u_R5ik8h53
alt-svc: h3=":443"; ma=86400
content-length: 59658
x-xss-protection: 1; mode=block
x-amp-source-height: 614
last-modified: Mon, 18 Dec 2023 17:39:13 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 614
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245b6bd003c4-FRA
x-amp-published: Thu, 26 Oct 2023 23:27:20 GMT

GET
H2 200 _HPTILE1_HOLIDAY_COLOR_D_TILE_5-min
cdn.media.amplience.net/i/elfcosmetics/ 48 KB
48 KB 99ms
98ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE1_HOLIDAY_COLOR_D_TILE_5-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f1fbaa21c7059013bd12b13d5514363d360c37f4aa1f4cb73e0210b66ac29e2

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: EXPIRED
x-amp-srv: CF
edge-cache-tag: qjljhw-SP,l4p5bDg2e,7NTjbBNxB,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: oB4OvCmJiu
alt-svc: h3=":443"; ma=86400
content-length: 48706
x-xss-protection: 1; mode=block
x-amp-source-height: 614
last-modified: Mon, 18 Dec 2023 06:41:32 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 614
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac1003c4-FRA
x-amp-published: Thu, 26 Oct 2023 23:27:20 GMT

GET
H2 200 _HPTILE1_HOLIDAY_COLOR_D_TILE_6-min
cdn.media.amplience.net/i/elfcosmetics/ 36 KB
36 KB 108ms
107ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE1_HOLIDAY_COLOR_D_TILE_6-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

600bbb8b809adb7b5e217a26193ecd36e26e70d1531a8ab502ecb27217ffcb74

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 46316
x-amp-srv: CF
edge-cache-tag: -EGrjCWgo,l4p5bDg2e,pRoShZm_s,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: 4N3or-_AJD
alt-svc: h3=":443"; ma=86400
content-length: 37009
x-xss-protection: 1; mode=block
x-amp-source-height: 614
last-modified: Mon, 18 Dec 2023 19:13:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 614
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac0e03c4-FRA
x-amp-published: Thu, 26 Oct 2023 23:27:20 GMT

GET
H2 200 _HPTILE2_HOLIDAY_GIFTSETS_D_BACKGROUND_1-min
cdn.media.amplience.net/i/elfcosmetics/ 172 KB
172 KB 107ms
105ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_GIFTSETS_D_BACKGROUND_1-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51df0d98b0f0e8c2cac95487e6689ca1364f2730305054cb1136fb76bef0fad4

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 2166
x-amp-srv: CF
edge-cache-tag: wOE3LflQh,l4p5bDg2e,M1N6G4Ik-,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: fP_QQIbl4d
alt-svc: h3=":443"; ma=86400
content-length: 176179
x-xss-protection: 1; mode=block
x-amp-source-height: 840
last-modified: Tue, 19 Dec 2023 07:29:36 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 3200
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac1103c4-FRA
x-amp-published: Fri, 27 Oct 2023 03:07:38 GMT

GET
H2 200 _HPTILE2_HOLIDAY_GIFTSETS_D_HEADER-min
cdn.media.amplience.net/i/elfcosmetics/ 41 KB
41 KB 111ms
110ms Image
image/png 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_GIFTSETS_D_HEADER-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d94a521fbcd54759eb00ca491c7a73140f5fca871780d6ae4fa500ecc900b1f

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 79641
x-amp-srv: CF
edge-cache-tag: IOBfCU6iV,l4p5bDg2e,r-FW6ES3i,UyB2-aY-L
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: ETFI-3w57h
alt-svc: h3=":443"; ma=86400
content-length: 41762
x-xss-protection: 1; mode=block
x-amp-source-height: 298
last-modified: Mon, 18 Dec 2023 09:58:21 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-amp-source-width: 1049
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac1303c4-FRA
x-amp-published: Fri, 27 Oct 2023 03:07:38 GMT

GET
H2 200 062623_SL_SnowGlobeKit_FocusStacks-2_IGF-min
cdn.media.amplience.net/i/elfcosmetics/ 294 KB
295 KB 106ms
106ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/062623_SL_SnowGlobeKit_FocusStacks-2_IGF-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca8eca92fa9d540f2a3e4d29b789f660e7dcf9f4558213cdfa3169050b876ad4

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 59644
x-amp-srv: CF
edge-cache-tag: TFKq4gBp_,l4p5bDg2e,hDYs7A1VK,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: _01dFgX_Jt
alt-svc: h3=":443"; ma=86400
content-length: 301302
x-xss-protection: 1; mode=block
x-amp-source-height: 2000
last-modified: Mon, 18 Dec 2023 15:31:38 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 2000
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac1603c4-FRA
x-amp-published: Mon, 30 Oct 2023 22:14:41 GMT

GET
H2 200 062722_SL_RadiantBrush_741_IGF-min
cdn.media.amplience.net/i/elfcosmetics/ 464 KB
465 KB 98ms
97ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/062722_SL_RadiantBrush_741_IGF-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e03b05f73692277e95913a7a211c7bd2aadd55c713d981e00f2be57de92fb09

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 69249
x-amp-srv: CF
edge-cache-tag: 0WTflTbV4,l4p5bDg2e,95Ri31E2P,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: jYYggfZEXr
alt-svc: h3=":443"; ma=86400
content-length: 475461
x-xss-protection: 1; mode=block
x-amp-source-height: 2000
last-modified: Mon, 18 Dec 2023 12:51:33 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 2000
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac1703c4-FRA
x-amp-published: Wed, 01 Nov 2023 18:39:26 GMT

GET
H2 200 _HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_2-min
cdn.media.amplience.net/i/elfcosmetics/ 219 KB
219 KB 106ms
106ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_2-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9741cbf3afc0b4d9c236d8e2de6aafa7db8f463060fc76fc4ba0b4e7a44bb5a7

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 51989
x-amp-srv: CF
edge-cache-tag: MTzktH6P2,l4p5bDg2e,_nzmSMoZp,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: NDgJi8lXJ2
alt-svc: h3=":443"; ma=86400
content-length: 223962
x-xss-protection: 1; mode=block
x-amp-source-height: 840
last-modified: Mon, 18 Dec 2023 17:39:13 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 3200
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac1803c4-FRA
x-amp-published: Fri, 27 Oct 2023 01:56:36 GMT

GET
H2 200 _HPTILE2_HOLIDAY_GIFTSETS_D_BACKGROUND_2-min
cdn.media.amplience.net/i/elfcosmetics/ 232 KB
233 KB 109ms
109ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_GIFTSETS_D_BACKGROUND_2-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bcb05241dd20b750dde4659a28dbf9e347274015d349db9b7573b0217f3048d

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
cf-cache-status: HIT
age: 23042
x-amp-srv: CF
edge-cache-tag: bddtb0bRk,l4p5bDg2e,3yg5_eglf,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: oWT0G3LDOT
alt-svc: h3=":443"; ma=86400
content-length: 238022
x-xss-protection: 1; mode=block
x-amp-source-height: 840
last-modified: Tue, 19 Dec 2023 01:41:40 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 3200
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e245bac1903c4-FRA
x-amp-published: Fri, 27 Oct 2023 03:07:38 GMT

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 540 B
787 B 157ms
64ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: fefb33be06f1fbc165a780669fe623867eb865ac7f66c1b555f50e21df9fb309

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Dec 2023 08:05:41 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 1 MB
152 KB 142ms
61ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 51887
content-md5: 3CHjrTrl4YSKzn90GsMA3A==
content-length: 154812
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 13:08:00 GMT
server: cloudflare
etag: 0x8DBD9493E0E92B7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f8fafcb2-f01e-003b-4c0e-177c27000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e245fec2365c0-FRA
expires: Wed, 20 Dec 2023 08:05:43 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 134ms
54ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5rel+BW+cbOCNkEJ4C4NBQ==
age: 23554
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Mon, 18 Dec 2023 02:57:57 GMT
server: cloudflare
etag: 0x8DBFF75237D5424
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d3c88c81-001e-00a9-0c5f-31f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e245fec2265c0-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 428 KB
121 KB 171ms
85ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aef09c7f6e83ea86380a571a2b8022013124a10daeb65c884e8d8facb9a93cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123532
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 08:05:43 GMT

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 324 KB
38 KB 572ms
437ms Script
application/javascript 2600:9000:2315:f400:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:f400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 883e7b5ce15510cdbf863fcef5d7c8c0d6b6cf430118c4c91a60acdda6766ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 18:15:55 GMT
server: DYCDN
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
etag: W/"ab8805b2ad028cc00a41ec8eb3c4c44c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: u2ogrOPDpoJDl0g7ahFwXaZuWCXlwAOIARQh2VrCDaAorFHw5uITHQ==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 385 KB
111 KB 184ms
49ms Script
application/javascript 2600:9000:2315:f400:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:f400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 2c8574ba42424a1dcf02c58fda5e3482e2262e0b0dddd09e5935bd94e5eba03e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 06:36:33 GMT
content-encoding: gzip
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 18:15:56 GMT
server: DYCDN
age: 5635
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
etag: W/"81d82ff6d3b7239a1cfc7723116ee4aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: ftXxaDbAAOpu2h54W0B3rJBKRQ0zzCNNvIGVNaS75EhCyg60tMSgvg==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 21 B
221 B 531ms
174ms XHR
application/json 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: c8569d70e399e53a5390312dc85f31c52866df7209e3bc1415b3166395358b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Dec 2023 08:05:43 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

GET
H/1.1 200
OK / Show response
api.ipify.org/ 21 B
221 B 554ms
183ms XHR
application/json 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: c8569d70e399e53a5390312dc85f31c52866df7209e3bc1415b3166395358b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Dec 2023 08:05:43 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

GET
H2

200

callback
www.elfcosmetics.com/
Redirect Chain

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
https://www.elfcosmetics.com/callback?usid=72ff787d-1784-4912-8b77-0b13f4b76959&code=b1eTtTCKbrA8B4XJdFbbQ-_znSNAHRBOc9JaDrpmkTc

0
0

316ms
316ms

Fetch
application/json

204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/callback?usid=72ff787d-1784-4912-8b77-0b13f4b76959&code=b1eTtTCKbrA8B4XJdFbbQ-_znSNAHRBOc9JaDrpmkTc
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
via: 1.1 7f2634ab02503490a050083667b6ffd4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 0
x-amz-cf-pop: ORD53-C3
age: 0
x-amzn-remapped-connection: close
x-amzn-requestid: a6b75066-1fce-4652-9703-b23bac2e8de4
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655601 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlBvGVmCYcEPxQ=
content-length: 0
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65814ed7-26fbb4fd07c98fcc598904c5;Sampled=0;lineage=2b75b0e9:0
content-type: application/json
cache-control: public, max-age=604800
x-yottaa-os: 200
x-yottaa-metrics: 2621cc02832c/[186,177,-] 26D1cc023015/[-,188.359]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:43 GMT
x-amz-cf-id: rhDKO07pB0R31KgMtEzXt1ZNLe60-klmS5vS4saoP6dSC25DaQsvPg==

Redirect headers

date: Tue, 19 Dec 2023 08:05:43 GMT
x-correlation-id: 837e24624b460384
via: 1.1 793fe6e7136ec1b3f695dedeee2049f8.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD52-C3
age: 0
x-yottaa-optimizations: ob/0 si/26D1cc023015-1702588992-3672655597 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
content-length: 0
pragma: no-cache
x-ratelimit-1m-remaining: 23286, 1967069
x-ratelimit-1m-reset: 16564, 16563
x-ratelimit-1m-limit: 24000, 2000000
vary: Accept-Encoding
location: https://www.elfcosmetics.com/callback?usid=72ff787d-1784-4912-8b77-0b13f4b76959&code=b1eTtTCKbrA8B4XJdFbbQ-_znSNAHRBOc9JaDrpmkTc
cache-control: no-store
x-yottaa-os: 303
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=Bv7wz5w2QKlqEAV5tKbnD0NE710OhpzX8iN1mDV22XA
x-yottaa-metrics: 2621cc02832f/[116,113,-] 26D1cc023015/[-,119.232]
cf-ray: 837e24624b460384-ORD
x-amz-cf-id: M4daeNrXFMtiVoTq7Tz1ahW4ZaH_LFjSvanpUU8qu5mGuYfysKLgIQ==

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 323 B
454 B 174ms
174ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a09824b6d7bbd0f5e82a23d14da408abfba60d02f5bdb48309d3ab6ca61bb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: c4cff346-a86e-4459-95aa-b7d5c7367bc1
x-served-by: cache-fra-etou8220052-FRA
x-runtime: 0.043304
etag: W/"1a09824b6d7bbd0f5e82a23d14da408a"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 509ms
407ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220052-FRA

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 5 KB
2 KB 141ms
62ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 51775
content-md5: 4swZDWVp4C0QChiGUbrcTg==
content-length: 1746
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 15:26:04 GMT
server: cloudflare
etag: 0x8DBE5260423F079
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b26488eb-901e-0084-770e-174b82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e24619cbe1c17-FRA
expires: Wed, 20 Dec 2023 08:05:43 GMT

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 600 B
655 B 89ms
89ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 9cb982ee022f56467725ed9a10ea3bdb3d47fa91fcb4f08ae3d3e67d952abb4d

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Dec 2023 08:05:42 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 07:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1049
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Dec 2023 09:48:14 GMT

GET activityi;src=9231397;type=retarget;cat=globa0;ord=2761379703427;auiddc=229840579.1702973143;u6=%2F;u10=undefined;u12=undefined;u8=undefined;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma...
9231397.fls.doubleclick.net/ Frame 4D15 0
0

GET activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=3062632826788;auiddc=229840579.1702973143;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa...
10742279.fls.doubleclick.net/ Frame B519 0
0

GET
H2 200 cnxtag-min.js Show response
js.cnnx.link/roi/ 2 KB
1 KB 155ms
44ms Script
text/javascript 2600:9000:2156:4800:11:85b0:d600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:03:44 GMT
via: 1.1 google, 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
age: 118
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: max-age=600
x-amz-cf-id: cikPewWEvFzaWevPV67olIN8vrq7GGi9_YGXRRnzJ4Spm3F6fevwWA==

GET
H2

200

activityi;dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua... Show response
10265292.fls.doubleclick.net/ Frame FE15
Redirect Chain

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=...
https://10265292.fls.doubleclick.net/activityi;dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l...

499 B
636 B

81ms
81ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10265292.fls.doubleclick.net/activityi;dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

71921c08d23b38e51e058eada807118e283f186dc2d0774c007ca949d72d8b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 08:05:43 GMT
expires: Tue, 19 Dec 2023 08:05:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 08:05:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10265292.fls.doubleclick.net/activityi;dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=2046950376976;auiddc=229840579.1702973143;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa...
10742279.fls.doubleclick.net/ Frame 4FEC 0
0

GET
H2

200

/
www.google.de/pagead/1p-user-list/698270988/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1702973143355&cv=11&fst=1702973143355&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cp...
https://www.google.com/pagead/1p-user-list/698270988/?random=1702973143355&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elf...
https://www.google.de/pagead/1p-user-list/698270988/?random=1702973143355&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfc...

42 B
455 B

137ms
51ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698270988/?random=1702973143355&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&cid=CAQSGwAvHhf_-tA48AKKTAqo32CFwalvtX0B2eLIjQ&random=921758498&ipr=y

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/698270988/?random=1702973143355&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&is_vtc=1&cid=CAQSGwAvHhf_-tA48AKKTAqo32CFwalvtX0B2eLIjQ&random=921758498&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
148 B 174ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET kpi
pixel.pointmediatracker.com/ 0
0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 172ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
148 B 173ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 142ms
61ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 837e2462cf0435f9-FRA
access-control-allow-headers: Content-Type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 46ms
46ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=797470596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=1368428511&gjid=1996473361&cid=1982958955.1702973143&tid=UA-432816-1&_gid=465487227.1702973143&_r=1&_slc=1&gtm=45He3bt0n81WL3STMXv896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1964115023

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 114 KB
10 KB 253ms
143ms Script
text/javascript 2600:9000:2250:6400:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=emwfnf2ooun697emq1roq1cdfbfky29s&ref=&scriptVersion=1.213.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6400:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1f47efd947dd0389c786ba03dddd75b159d9c3cf82ccb9c7906f5068fd98c9a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: SJWh3jijY4pMPK2ZSmi7Bxz_Vf1nYb5DBlCE6_xupg4d7EwQm64dmQ==
expires: Tue, 19 Dec 2023 08:05:42 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/ 404 KB
98 KB 49ms
49ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XJk1ZZTljtwHFT3qcIJg+w==
age: 22494
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99599
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:36 GMT
server: cloudflare
etag: 0x8DB82A15D413626
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e2463882765c0-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 144ms
48ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-432816-1&cid=1982958955.1702973143&jid=1368428511&gjid=1996473361&_gid=465487227.1702973143&_u=YEBAAEAAAAAAACgAI~&z=2042145213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 08:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=*;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
adservice.google.com/ddm/fls/z/ Frame FE15 42 B
401 B 171ms
78ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=*;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: 10265292.fls.doubleclick.net
URL: https://10265292.fls.doubleclick.net/activityi;dc_pre=CIGEoKqFm4MDFQgLogMdqncHhQ;src=10265292;type=conte0;cat=homep0;ord=1447761793257;auiddc=229840579.1702973143;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10265292.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b3580e16-19d9-4554-ba1a-ac19abea14a3/ 199 KB
36 KB 57ms
57ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b3580e16-19d9-4554-ba1a-ac19abea14a3/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1df881dfa3c790fb46a3ab0d0edd13cfaf25c0c369cca89ec8115cfdf338236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 72004
content-md5: bM5EAFhwhSHsrqZI9IpFVg==
content-length: 36174
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 15:26:18 GMT
server: cloudflare
etag: 0x8DBE5260C9926DA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 63afb5f1-f01e-003b-3c81-227c27000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e2463ef271c17-FRA
expires: Wed, 20 Dec 2023 08:05:43 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 13 KB
3 KB 48ms
48ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5mNZducabMgxSDzBo+ZI8w==
age: 78085
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:30 GMT
server: cloudflare
etag: 0x8DB82A159AF8EA6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0c718e4e-201e-0081-6f27-129959000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e24645fc51c17-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 61 KB
12 KB 50ms
50ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sXFDxCJwbPEMIT/8f5Prwg==
age: 81401
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:33 GMT
server: cloudflare
etag: 0x8DB82A15AFF8646
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 99943331-001e-00a9-52a5-21f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e24645fc71c17-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 5 KB
2 KB 49ms
49ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: v0pzgeeelPwcAOki15i3HA==
age: 81357
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:32 GMT
server: cloudflare
etag: 0x8DB82A15AB9FB83
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cd67b2fb-901e-0094-1c03-248eea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e24645fca1c17-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 21 KB
4 KB 50ms
50ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 81357
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b54dfe3f-901e-004f-6264-2348d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 837e24645fcb1c17-FRA

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 756 B
691 B 560ms
560ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

972bde91336d3016691b2c0a7344b98e75832bd548766325965a91857b9253f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json
BRAZE-SYNC-RETRY-COUNT: 0
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: 4792857c-b59e-4b2f-9fcc-52f2023cc528
x-served-by: cache-fra-etou8220052-FRA
x-runtime: 0.430752
etag: W/"972bde91336d3016691b2c0a7344b98e"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 147ms
147ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220052-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=1982958955.1702973143&jid=1368428511&_u=YEBAAEAAAAAAACgAI~&z=1858261442

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 122ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=1982958955.1702973143&jid=1368428511&_u=YEBAAEAAAAAAACgAI~&z=1858261442

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 51ms
51ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 11069
x-ms-lease-status: unlocked
last-modified: Tue, 19 Dec 2023 03:17:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 15e07b06-e01e-0037-6f37-32eb2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 837e2464c92465c0-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
538 B 48ms
48ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 85739
x-ms-lease-status: unlocked
last-modified: Mon, 18 Dec 2023 02:58:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d413cb6b-001e-00a9-1676-31f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 837e2464c84a1c17-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 55ms
54ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 47567
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Mon, 18 Dec 2023 02:58:04 GMT
server: cloudflare
etag: 0x8DBFF7527B5033D
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6a8eb54f-101e-0051-5989-31a40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 837e2464e94965c0-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 51ms
51ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 4733
x-ms-lease-status: unlocked
last-modified: Tue, 19 Dec 2023 03:17:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3c45a86b-e01e-0008-4d2f-32238c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 837e2464e94a65c0-FRA

GET
H3 200 2023-12-blush-tile1-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 49 KB
50 KB 57ms
57ms Image
image/webp 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-blush-tile1-image-2_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4df03c8820c08fb3cad1c9deae2b4518b016884c76a5ff944562dee27143bce6

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
cf-cache-status: HIT
age: 84579
x-amp-srv: CF
edge-cache-tag: DSWtqEctL,l4p5bDg2e,X9PFD2Hfh,Cqm_p3RsQ,DtzGFM5oJ
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: oj_1MT_kE0
alt-svc: h3=":443"; ma=86400
content-length: 50408
x-xss-protection: 1; mode=block
x-amp-source-height: 1200
last-modified: Mon, 18 Dec 2023 08:36:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/webp
access-control-allow-origin: *
x-amp-source-width: 1600
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e2464ee0e5c62-FRA
x-amp-published: Fri, 15 Dec 2023 17:00:10 GMT

GET
H3 200 2023-12-blush-tile1-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 80 KB
81 KB 135ms
135ms Image
image/webp 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-blush-tile1-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a58db0c994eaa767dcae71119d117fa216ff7848bfa70409236ffd8ad5bc09

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
cf-cache-status: HIT
age: 84579
x-amp-srv: CF
edge-cache-tag: C1qaNC35d,l4p5bDg2e,1J-JcJj3g,Cqm_p3RsQ,DtzGFM5oJ
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: v5TkZrh7cY
alt-svc: h3=":443"; ma=86400
content-length: 82416
x-xss-protection: 1; mode=block
x-amp-source-height: 1200
last-modified: Mon, 18 Dec 2023 08:36:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/webp
access-control-allow-origin: *
x-amp-source-width: 1600
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e2464ee0f5c62-FRA
x-amp-published: Fri, 15 Dec 2023 17:38:15 GMT

GET
H3 200 _HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_3-min
cdn.media.amplience.net/i/elfcosmetics/ 165 KB
165 KB 174ms
173ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_3-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5789f9b6e09d2d09751f44ca96e5ccec48a87b4fb900a1b4584ffd7f55f4ac7a

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
cf-cache-status: HIT
age: 50576
x-amp-srv: CF
edge-cache-tag: aMQCiZ-iP,l4p5bDg2e,B80gUvEra,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: iti2er8KvT
alt-svc: h3=":443"; ma=86400
content-length: 168480
x-xss-protection: 1; mode=block
x-amp-source-height: 840
last-modified: Mon, 18 Dec 2023 18:02:47 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 3200
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e2464ee115c62-FRA
x-amp-published: Fri, 27 Oct 2023 01:56:36 GMT

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/1.213.0/ 199 KB
62 KB 46ms
45ms Script
application/javascript 2600:9000:2315:f400:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:f400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 19b9a6628fa003af26766ce1578420be5068227a572c78f0e20b53e2f2fc1886

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:00:40 GMT
content-encoding: gzip
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 07:23:37 GMT
server: DYCDN
age: 637504
x-amz-cf-pop: DUS51-P2
etag: W/"b587b1ed184fe1cb6e2ea31f12e547c2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: YseJ14zYWVHbbK72EtuB0ymyXmt-vQla3aZhOkS9LXGPJ_uqJdp3Zg==

POST
H2 200 token Show response
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 2 KB
2 KB 243ms
243ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

c84b22a82e355aed366691443f458b30c1bd96a12654a3890ee5de452b932134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-correlation-id: 837e2465fb6c6181
cf-cache-status: DYNAMIC
via: 1.1 86d459f5880d6293425a222fb32d5cb4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD52-C3
age: 0
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655603 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
pragma: no-cache
x-ratelimit-1m-remaining: 23282, 1966662
x-ratelimit-1m-reset: 15976, 15975
vary: Accept-Encoding, User-Agent
x-ratelimit-1m-limit: 24000, 2000000
content-type: application/json
cache-control: no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics: 2621cc02836b/[112,110,-] 26D1cc023015/[-,114.562]
cf-ray: 837e2465fb6c6181-ORD
x-amz-cf-id: Z6NlTCmqPAK9Gqt0Mrb1uofKSt_KWAvDfljRJDuC17lKwxE-M7MbRg==

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 242ms
138ms Fetch 18.173.233.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=877587&uid=90072234768551639&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=4aa6bb88a81f20b72f290729f1c25674&expSes=24531&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-5495092734338257699&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1702973143946&rri=4750263
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-26.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 0baf1ead12437b81a88e40a9597ce61a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: OYCBNTLO9K8HAk9QQEIO8_EiWdosdzmvP98rw6VtXc6fdtolPqjcEQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 242ms
138ms Fetch 18.173.233.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=408652&uid=90072234768551639&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=4aa6bb88a81f20b72f290729f1c25674&expSes=24531&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-5495092734938515081&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1702973143947&rri=1609668
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-26.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 0baf1ead12437b81a88e40a9597ce61a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: LCqw-uMNuA5ZwneeEwy0mQ7-MUEzJEpOu0C9YGvrN8EXLPqoX8zTjg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 241ms
138ms Fetch 18.173.233.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=73055&uid=90072234768551639&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=4aa6bb88a81f20b72f290729f1c25674&expSes=24531&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-5495092734450374751&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1702973143947&rri=6547496
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-26.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 0baf1ead12437b81a88e40a9597ce61a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: -RZa7wX_RSRML4hdzEIKJX93rOLLGDMxMhK3BjHwPStFPsHq6AuNtg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 241ms
139ms Fetch 18.173.233.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=765545&uid=90072234768551639&sec=8772046&t=ri&e=1575901&p=1&ve=12692962&va=%5B28207095%5D&ses=4aa6bb88a81f20b72f290729f1c25674&expSes=24531&aud=1092373.1167402.1232212.1324059.1426804.1443347.1846919.884367.884385.884387.998337.1182144.799438.799440&expVisitId=-5495092735377115662&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1702973143948&rri=6813133
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-26.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 0baf1ead12437b81a88e40a9597ce61a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: LqJsoygtxmtLiW2z3QNPXiint9b3c0sNvA1d-SuG5U4D6id8ne-QeQ==
expires: 0

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
383 B 239ms
137ms XHR
text/plain 18.173.233.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1702973143949
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-26.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 0baf1ead12437b81a88e40a9597ce61a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: NbIaXJM4Y3C2xHPcsyg8vcaP3hDQKHjDyokmvQHMsoRvz_dSsV3YRQ==
expires: 0

POST
H2 200 batch
async-px.dynamicyield.com/ 0
385 B 222ms
138ms Ping
text/plain 18.173.233.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1702973144030_867691
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-26.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 2e24611fddbdff423496835dad3bf4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: X6uGyWcOLezB6AjVkmeAI4zpXL2AxioHEbz8dS5MVCzuAMCKNtY4jw==
expires: 0

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 142ms
142ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ca0a766a064104105db7a847ffd8d594fb8556d364f724916f30a3e45a1ebab4

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Dec 2023 08:05:43 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

POST
H2 200 clog Show response
px.dynamicyield.com/ 0
228 B 369ms
118ms XHR
text/plain 34.197.232.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.dynamicyield.com/clog
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/1.213.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.232.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-232-195.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

POST
H2 204 sessions Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 0
1 KB 233ms
233ms XHR
text/plain 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 df7b78bddb1d881ad1b83a6b09b25e56.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ORD52-C3
age: 0
x-yottaa-optimizations: ob/0 si/26D1cc023015-1702588992-3672655606 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: deprecated
x-cache: Miss from cloudfront
pragma: no-cache
allow: OPTIONS,POST
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 2621cc02836a/[100,97,-] 26D1cc023015/[-,103.003]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges: bytes
cf-ray: 837e24678a7661a2-ORD
x-dw-request-base-id: khlTVthOgWUBAAB_
x-amz-cf-id: OMVsZNnnWJLBAGP9vYu3YKG4YNJXnEdlIbPtnwPOACR4TGaL1N3L2g==
x-yottaa-os: 204
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 shoppercontext Show response
www.elfcosmetics.com/api/v1/ 114 B
786 B 538ms
537ms XHR
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 b57909894838e27c3bff2a0828c2639c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 114
x-amz-cf-pop: ORD53-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655607 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 5ef8f746-7875-4d6c-8359-fc35ce0875ca
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlB1FkPiYcEn7w=
content-length: 108
etag: W/"72-HgdmTgyCF/DQfqnMU3u+4UstAzI"
x-amzn-trace-id: Root=1-65814ed8-6ffe96bc14c7a44045d542e8;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc028369/[406,403,-] 26D1cc023015/[-,408.416]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:44 GMT
x-amz-cf-id: C-kAx0U_HXrCbFB8fsnm3oSAFXYiOf3VrCGKznC_c5u01REOlPj2kA==

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 179 B
849 B 352ms
352ms XHR
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.106

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 4d5a0f70d1ac913d9a695c407458cff6.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 0
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655609 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: deprecated
x-cache: Miss from cloudfront
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.106
x-yottaa-metrics: 2621cc028364/[218,217,-] 26D1cc023015/[-,221.265]
cf-ray: 837e24680d722321-ORD
x-dw-request-base-id: SZhZA9hOgWUBAAB_
x-amz-cf-id: UF5zZrPAeMkv1MHsjaP4b9eRRbzQ6-RoaXZhWCOkjPvF8hWhBZ6FlA==

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 179 B
846 B 374ms
373ms XHR
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.106

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 a497b0eefe66dc6fa9e24b5f51d2ab42.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 0
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655614 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: deprecated
x-cache: Miss from cloudfront
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.106
x-yottaa-metrics: 2621cc028335/[207,205,-] 26D1cc023015/[-,210.123]
cf-ray: 837e246848480297-ORD
x-dw-request-base-id: 22TqsNhOgWUBAAB_
x-amz-cf-id: 10BSPsFNHH8tcjCb2zRikf4Puzjn87-xh_VrI7Jas7hiFf6-vsiC1g==

GET
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/ablXhKxHA2l0oRkrA2laYYmrcW/ 11 B
824 B 714ms
714ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/ablXhKxHA2l0oRkrA2laYYmrcW/baskets?siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
x-correlation-id: 837e24684cd329a5
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 ca8bc68230969c1b2dd0011a22c5f440.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
age: 0
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655610 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding: gzip
x-cache: Miss from cloudfront
content-length: 37
allow: GET,HEAD,OPTIONS
x-ratelimit-remaining: 999
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
sfdc_load: 1
cache-control: max-age=0,no-cache,no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/ablXhKxHA2l0oRkrA2laYYmrcW/baskets?siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24684cd329a5-ORD
x-amz-cf-id: vLNNl7E3tevT8jhuVPDRZJy35gWkTWRLHZVemqFlYvd-tVn8heJOhg==
x-yottaa-metrics: 2621cc028365/[234,232,-] 26D1cc023015/[-,236.300]

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 941ms
941ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24684f7483c9
via: 1.1 ba5515a76a9c65c7528f5a1a19aadbc6.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655611 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=40
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24684f7483c9-ORD
x-amz-cf-id: t8Mkw7cRBlrIgg_1svXTg1lmG_tcTgKaD5ZM7QRvee7oRND_wlqAkA==
x-yottaa-metrics: 2621cc028362/[483,479,-] 26D1cc023015/[-,485.858]

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 463ms
463ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24681d44233b
via: 1.1 8750e421872660ea93b3b21c913caba8.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655612 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=26
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24681d44233b-ORD
x-amz-cf-id: NYD6DqF5PoL2SMJJPOZJGtBJ1Ci5fRF0SauCodFGKnw7q55ndQI-tw==
x-yottaa-metrics: 2621cc028363/[196,193,-] 26D1cc023015/[-,198.704]

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 756 B
666 B 258ms
258ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6622880ea066233fd39f4cb50877f2b7c15e3ed9f1bb474f082edf0a1c43215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json
BRAZE-SYNC-RETRY-COUNT: 0
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: e9e826b3-06b9-488d-93ba-48229ec65e26
x-served-by: cache-fra-etou8220052-FRA
x-runtime: 0.119928
etag: W/"e6622880ea066233fd39f4cb50877f2b"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 419ms
418ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220052-FRA

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 462ms
462ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24682b4b5077
via: 1.1 df7b78bddb1d881ad1b83a6b09b25e56.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655613 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=26
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24682b4b5077-ORD
x-amz-cf-id: 973cDBUeAy9gceI9VA1KqnPhUUabDERA_T5_w3mZUhpwzPA14AbzWg==
x-yottaa-metrics: 2621cc02834a/[200,198,-] 26D1cc023015/[-,201.084]

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 220ms
78ms Ping
text/json 140.174.14.81
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 140.174.14.81 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 08:05:44 GMT
access-control-expose-headers: X-Results-Data-Source
access-control-allow-credentials: true
cache-control: no-cache
timing-allow-origin: *
content-type: text/json

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 272 KB
57 KB 185ms
44ms Script
text/javascript 104.102.49.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.49.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-49-120.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8dea6b2240fed7b9dccb7a71b05a27a2b41908306b12c498c2c718856568a3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Date: Tue, 19 Dec 2023 08:05:44 GMT
Last-Modified: Mon, 22 May 2023 13:58:04 GMT
Server: Apache
ETag: "22004f-4412b-5fc48a8e49847"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57612
Expires: Tue, 19 Dec 2023 08:20:44 GMT

GET
H2 200 110221.ct.js Show response
tag.rmp.rakuten.com/ 47 KB
15 KB 152ms
56ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/110221.ct.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Dec 2023 08:05:44 GMT
x-cache: hit
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.paypal.com/sdk/ 405 KB
113 KB 141ms
45ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34bc60d7275469472c12501ced1e1f2425cd1142891b6a44be31c0cc8ea8de39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 19 Dec 2023 08:05:44 GMT
age: 4974
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f8866071565dd
server-timing: "traceparent;desc="00-0000000000000000000f8866071565dd-9510ae3968edf014-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 113486
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220023-FRA, cache-fra-etou8220023-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f8866071565dd-5ff6b14e7d0a78fb-01
x-timer: S1702973144.367237,VS0,VE6
etag: W/"1bb4e-7bOdSPtp6utoms3gI6i64RvFmjE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 150ms
45ms Script
application/javascript 2a02:26f0:3500:11::215:14ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 08:05:44 GMT
Content-Encoding: gzip
x-amz-request-id: 2YBFDHXY2BG0X743
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3052
Accept-Ranges: bytes
X-DataStream-Cache-Status: 2
Expires: Tue, 19 Dec 2023 08:56:36 GMT

GET
H2 200 loader.js Show response
cdn.usehero.com/ 98 KB
28 KB 163ms
45ms Script
application/javascript 2600:9000:2240:ca00:13:d6f4:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usehero.com/loader.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ca00:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:55:42 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 07:56:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 2323
x-amz-server-side-encryption: AES256
etag: W/"fbf714a58cbac38c0deea519667d9044"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 95SUPsyTEuW-WJXvucyvEI7VeBz5l9NAYYYJGTbagVuluvfXdIPRGg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/ 3 KB
1 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/?random=1702973143346&cv=11&fst=1702973143346&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&auid=229840579.1702973143&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c545904502fadb03eaa05ac75bfc0fb7cdb688e0ac87f5b5523227ec9c162a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/698270988/ 3 KB
2 KB 164ms
79ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/698270988/?random=1702973143348&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&bttype=purchase&auid=229840579.1702973143&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2ec449e2cd9bb534011999e5a7eeb555f56a4b9a6b9ab2bbf1d63c88fb5d643b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1674
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/ 3 KB
1 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/?random=1702973143355&cv=11&fst=1702973143355&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&auid=229840579.1702973143&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67de408751cb51c1212f834c6a1acbccc5b75a4c9077b3a6ef9dc3b921976946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 157ms
69ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: ab12e815caea6aba8fe2da60e7d298cccb649166f81926ff64e5dc56ea526522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17610
x-amz-cf-id: GJjsgXk14Hyt3nRSHcoyzMTKMcs4o_CPIkGdcH_1o1ctwHQm2gbQyQ==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 183ms
40ms Script
application/javascript 2a02:26f0:480:5af::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:5af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1793

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 120ms
39ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 08:05:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: A2KEhLVOPXnxbJkJTaKV+X9+tYO3xYmA+rYjtSp6JoLRcvXzMus+2Kh8rGgX7Z8Q656JP2+DnXrQ7a5CiGNshQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 26 KB
9 KB 183ms
56ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 39657f7f198608406cab1de96720a22549e6b6d918db8dfdd0f5ef9ab84ef17c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 12 Dec 2023 19:56:38 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "ead4fccfb1bebd02138cf2dcadd7dcba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8123

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 218ms
139ms Script
application/javascript 184.86.103.223
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-223.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3aab86e942e1129d6a4b085559f443e439951fb4f2b9b436cf2bc6b89e4576f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: ca830c62.42b691f7
date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231219080544E70E57CF3B585267F18C-6BA4F6528F40AB79-00
x-cache: TCP_MISS from a184-86-102-223.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 94,184.86.102.223
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=4
content-length: 1741
pragma: no-cache
server: nginx
x-tt-logid: 20231219080544E70E57CF3B585267F18C
x-cache-remote: TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.48.100.71
x-tt-trace-host: 01ff8104f873b85e6e5a256da5af691defe37f5b57e22e827201a056968a8a2d70ea23184ac00b78ecba1fd482e9bf0c50df8b7e7d9cef6bea4f191b13d473bba6937f2fbd842265eeb5e7d52f4832a58bf78b803e561f33c0c53a26a9f5b6e7ad89331b1df06a45f6b3525d457c0beecd
expires: Tue, 19 Dec 2023 08:05:44 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10812184462/ 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10812184462/?random=1702973143346&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_9V0qEv_RAVF-dAln-tl2yuWZ0wrsvTqiRSYsocMDoF8OA7NR&random=3982920167&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10812184462/ 42 B
108 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10812184462/?random=1702973143346&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_9V0qEv_RAVF-dAln-tl2yuWZ0wrsvTqiRSYsocMDoF8OA7NR&random=3982920167&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.js Show response
js.jebbit.com/companion/v1/ 44 KB
44 KB 168ms
50ms Script
text/javascript 2600:9000:2440:bc00:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:bc00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05e8557d6c14eb7f8be444f62079a61bd76decf9dec4d7c08a99e0cdf7614bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: qrl98ZUNSLbT863DuqDPbNPISJohfpzg
date: Tue, 19 Dec 2023 07:17:51 GMT
via: 1.1 7aeb9f6264b63b6db1402e3d82775cf2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:06:25 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
age: 2973
x-amz-server-side-encryption: AES256
etag: "b813f6a1292d73986c2f1369c7fd4d72"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 44929
x-amz-cf-id: yT0s63Q_Scj-Ym_-24ETaBROEbYU913GVhxKAWOmVbUhJQFDvniopw==

GET
H3 200 /
www.google.com/pagead/1p-user-list/865242110/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/865242110/?random=1702973143355&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_KDh5gOGVG8EPQvj6mDa_iLivU3jun1afYvb3ICcwSAg4z8UB&random=2789549779&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/865242110/ 42 B
108 B 52ms
52ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/865242110/?random=1702973143355&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_KDh5gOGVG8EPQvj6mDa_iLivU3jun1afYvb3ICcwSAg4z8UB&random=2789549779&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 148ms
68ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:43 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 825903BB4E1F49C9AD219870FD90E00F Ref B: FRA31EDGE0107 Ref C: 2023-12-19T08:05:44Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 1a8bfa042c9c5.js Show response
t.contentsquare.net/uxa/ 283 KB
68 KB 142ms
49ms Script
application/javascript 18.66.248.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-96.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de6bbc21b57cdc530709cee168201f839964ba952636947aa9f5b158301efd81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 14:10:12 GMT
content-encoding: br
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 69225
last-modified: Mon, 18 Dec 2023 14:08:14 GMT
server: AmazonS3
etag: "57df48afa62a9101af2867d9f1ce9d16"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rcXEN3Gzl2Unsd7d9Bpy3OYYCrfQjg8UDt1rWt5NF2VXNB4HRg8f9g==

GET
H2 200 display Show response
api.usehero.com/webplugin/ 189 B
1 KB 459ms
308ms XHR
application/json 52.19.250.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2F&state=untouched&outboundFeature=

Requested by

Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.250.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-250-192.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ed9cdc2234af19f448c0286d39c191c6d18f4d2074d9c73c2c27df4707d94682

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
klarna-correlation-id: 1404be00-6f86-4432-a220-1182773e531f
cross-origin-resource-policy: same-origin
x-geo-longitude: 13.38490
pragma: no-cache
referrer-policy: same-origin
etag: W/"bd-HpkGL/hVk2vmP7oFcUo93JYvG54"
x-frame-options: SAMEORIGIN
x-geo-zip: 10117
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude: 52.52030
x-accuracy: 1000
expires: 0
date: Tue, 19 Dec 2023 08:05:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
x-time-zone: Europe/Berlin
x-envoy-upstream-service-time: 14
content-length: 189
x-xss-protection: 0
x-request-id: 1404be00-6f86-4432-a220-1182773e531f
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-country: DE
x-geo-city: Berlin

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59dc04765d590977d90bd31313b88d1d06165763a8d4afcc253042d5af3da7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 08:05:44 GMT

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 689ms
689ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e2469da7f2a90
via: 1.1 d7ca253f1179d4dffe997de4273da3ae.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655615 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=40
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e2469da7f2a90-ORD
x-amz-cf-id: gp7WvBCRgz-CHMbqm7sOlXyqXq31t5aGmCnUEpA5T1B4nnx_d8aRgA==
x-yottaa-metrics: 2621cc028334/[181,177,-] 26D1cc023015/[-,213.372]

GET
H2 200 i.js Show response
tag.wknd.ai/4142/ 18 KB
6 KB 140ms
34ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4142/i.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 9a77cbb7b054563b83506932790e70186ba3a92e69a147216e3176337178adbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:04:41 GMT
content-encoding: gzip
via: 1.1 google
age: 63
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5754
server: istio-envoy
etag: 84d224ee45e478
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdf7bcd9a3771b6fbbffc10448c9c21877e8981258cd92fc9c9d927c5811fba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 08:05:44 GMT

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame CFAE 5 KB
3 KB 49ms
48ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.52.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

064dbd118f8b2a84c57b755bcc86b4b270eb37e6517fafd368717f577650416f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 35421
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1525
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 08:05:44 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-ImnRo6zJ8TiNzR1XF3Qd2UCBRUg"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f1960824e2db6
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f1960824e2db6-555fea9c523583ed-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f1960824e2db6-d5af7c70493895aa-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 6499, 0
x-served-by: cache-fra-etou8220023-FRA, cache-fra-etou8220023-FRA
x-timer: S1702973145.569047,VS0,VE8
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 45ms
44ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.415&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

92714e4244e5119fccd72504205204da807e7a285a74e1279928bf924213192f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-n/yyxKe0lu6clz/p87YC8yn3lzvEliolZJeFSWgkpWsOjaX7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-n/yyxKe0lu6clz/p87YC8yn3lzvEliolZJeFSWgkpWsOjaX7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22833
x-cache: HIT, MISS
paypal-debug-id: f1728733f7e4a
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4797
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220023-FRA, cache-fra-etou8220023-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f1728733f7e4a-1f2d5a48a6de4424-01
x-timer: S1702973145.569820,VS0,VE5
etag: W/"3692-T6J7zS2ujaG+Lkl3BYpkaazFfM4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/698270988/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
64 B

53ms
53ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&auid=229840579.1702973143&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVVBaUQwSi1VTU9OWnJnc0RVeWp1Q3J5Qnd0TUZiWWRGR3lBZUZMTFZQR09temd6VF9ZGlhDaEVJZ0p1RnJBWVF6S0RiczVXSXlmS3ZBUkl0QVBwQ2tTOHdJcy1jcXBpb2l2SjFYUEhUSGN2MnVuNHVLTEN4WTk0SlBZTHIyODhldmxJcE4wRHhrelFQIhMIsarWqoWbgwMV2sk7Ah1wMwAt&is_vtc=1&ocp_id=2E6BZbHeGNqT78EP8OaA6AI&cid=CAQSKQAvHhf_ciJ4JHhEt3clidaWyEUozcPYEZ7w3fV9-3K8P45I9tXSQ6Wy&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGfI8NNZg32Tf_sa8VN0HKghBEIWkRRD3Fo&random=2283654478&ipr=y

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/698270988/?random=100717994&cv=11&fst=1702973143348&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v896608294&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&auid=229840579.1702973143&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0p1RnJBWVFxczZHc04tS2g4dG9FaVVBaUQwSi1VTU9OWnJnc0RVeWp1Q3J5Qnd0TUZiWWRGR3lBZUZMTFZQR09temd6VF9ZGlhDaEVJZ0p1RnJBWVF6S0RiczVXSXlmS3ZBUkl0QVBwQ2tTOHdJcy1jcXBpb2l2SjFYUEhUSGN2MnVuNHVLTEN4WTk0SlBZTHIyODhldmxJcE4wRHhrelFQIhMIsarWqoWbgwMV2sk7Ah1wMwAt&is_vtc=1&ocp_id=2E6BZbHeGNqT78EP8OaA6AI&cid=CAQSKQAvHhf_ciJ4JHhEt3clidaWyEUozcPYEZ7w3fV9-3K8P45I9tXSQ6Wy&eitems=ChEIgJuFrAYQsaWC8uL41eLTARIdAOBcHGfI8NNZg32Tf_sa8VN0HKghBEIWkRRD3Fo&random=2283654478&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK en-us.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/ 61 KB
7 KB 42ms
42ms Script
text/javascript 104.102.49.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/vendors~offers/locale/en-us.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.49.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-49-120.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

dfc983293c9baf693a719da3c69be679cbe8aea18c8f35a7abfef41f14800e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Date: Tue, 19 Dec 2023 08:05:44 GMT
Last-Modified: Mon, 22 May 2023 13:58:04 GMT
Server: Apache
ETag: "200109-f346-5fc48a8d9f7d1"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6295
Expires: Tue, 19 Dec 2023 08:20:44 GMT

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 40ms
40ms Script
application/javascript 2a02:26f0:480:5af::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:5af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18895

GET
H2 200 1638306756445368 Show response
connect.facebook.net/signals/config/ 146 KB
37 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1638306756445368?v=2.9.138&r=stable&domain=www.elfcosmetics.com

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bab85eaa8d74cec964409d9e0a5c6d7ed0000b23b6400c562333c6483761ca2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 08:05:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37888
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8M4vSCppYJhkkpw01cnuFBGY1DZk+31kkhNUz0ErQYqFbmco9aSy9/3dP/Pty31gFBosrOanyaItZw6hC8/BVg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 288ms
209ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 19 Dec 2023 08:05:44 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f65411321ada5
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f65411321ada5-28834d101b7a6afd-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220062-FRA, cache-fra-etou8220062-FRA
x-timer: S1702973145.688412,VS0,VE170

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
895 B 306ms
305ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ced0fee074cf929b61105662cb0290fbe379b635618cddedf89670fb1f61d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f654113d6c30a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220062-FRA, cache-fra-etou8220062-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f654113d6c30a-98d863780298fb95-01
x-timer: S1702973145.898651,VS0,VE167
etag: W/"3f8-+wovmzKHwUK6FPfUz0FpbJ5nJ38"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 p
tr.snapchat.com/ 68 B
446 B 215ms
51ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&ev=PAGE_VIEW&intg=gtm&pids=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_c1=cf5546ea-04fd-4914-9e80-716da6062ac8&u_sclid=da39234b-c7f4-4db1-995a-8a31b98a7614&u_scsid=955d7053-1265-4a80-8a1d-a227069791ca&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=2234&m_fcps=2023&m_pi=2233&m_pl=3993&m_pv=2&m_rd=4541&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.elfcosmetics.com%2F&trackId=3a0ac943-52f5-40ca-b993-9794fe245ff8&ts=1702973144593&v=3.7.3-2312182359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 172ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je3bt0v879088318z8896608294&_p=1702973142926&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1982958955.1702973143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=IA&_s=1&sid=1702973144&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&en=view_promotion&_fv=1&_ss=1&ep.promotions=%5Bobject%20Object%5D&ep.promotion_name=2023-04%20Evergreen%20Beauty%20Squad%20HP%20%E2%80%93%20Image%20Banner&ep.promotion_id=99e14684-7449-477a-85cb-bdea31a4da5e&ep.creative_name=Image%20Banner&tfd=4581
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 48ms
48ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZLYXLXNDL8&cid=1982958955.1702973143&gtm=45je3bt0v879088318z8896608294&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZLYXLXNDL8&cid=1982958955.1702973143&gtm=45je3bt0v879088318z8896608294&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=372812359

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 151ms
39ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1702973144646&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=78de7ebe-68e4-4e29-af1b-a015e10d3914&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_3549b422&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame CFAE 405 KB
112 KB 45ms
45ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.52.0&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34bc60d7275469472c12501ced1e1f2425cd1142891b6a44be31c0cc8ea8de39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.52.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ug4NKBs9Gp++rzyT3hECjiD0COiJDmD7FjCO0G6lsCmFyvfn' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 19 Dec 2023 08:05:44 GMT
age: 4974
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f8866071565dd
server-timing: "traceparent;desc="00-0000000000000000000f8866071565dd-9510ae3968edf014-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 113486
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220023-FRA, cache-fra-etou8220023-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f8866071565dd-5ff6b14e7d0a78fb-01
x-timer: S1702973145.666534,VS0,VE3
etag: W/"1bb4e-7bOdSPtp6utoms3gI6i64RvFmjE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 281ms
182ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1702973144664&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 19 Dec 2023 08:05:44 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: bf8159e123af9
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: bf8159e123af9
traceparent: 00-0000000000000000000bf8159e123af9-3d20c005956a4ad0-01
x-timer: S1702973145.781752,VS0,VE144
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 08:05:44 GMT

GET
H2 200 widget.css
js.jebbit.com/companion/v1/ 15 KB
16 KB 48ms
47ms Stylesheet
text/css 2600:9000:2440:bc00:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.css
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2440:bc00:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a1fe89f11a11d89299028b565a99569e2aa5df3055ce514ba4dec2a8f0fe4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:01:55 GMT
x-amz-version-id: cp6fXo1xh1VI6O9usE7_xManGeUI7aZZ
via: 1.1 7aeb9f6264b63b6db1402e3d82775cf2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:06:25 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
age: 43430
etag: "8e754beaa7f32e405c184f00c12cece1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 15502
x-amz-cf-id: Z1THH8K2FnxcX0gBeMjnmB0tdvsXoEEwFp84L-Ef-0Ppmd6VsxNS1Q==

GET
H2 200 launcher_configs Show response
external-api.jebbit.com/moments/v2/ 2 B
448 B 175ms
48ms XHR
application/json 52.58.17.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRg==&completedLightboxCampaigns=W10=&jebbitCookies=

Requested by

Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.17.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-17-145.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170164
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 560ms
559ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246b1a7249f1
via: 1.1 5d7fa168c29a6f16a8c659b5e9ede8a6.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655619 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=40
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246b1a7249f1-ORD
x-amz-cf-id: X_j5CCDTO7HCXoVkJ_uni4WoDPMq3zexo_d102y7qoDiGl7kadHInQ==
x-yottaa-metrics: 2621cc0283f2/[186,185,-] 26D1cc023015/[-,189.068]

GET
H2 200 main.MTdjYzNiZDU2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 417 KB
108 KB 42ms
42ms Script
application/javascript 184.86.103.223
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-223.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 42b69491
date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073139979A123B9F38C400AA53
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-223.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ad0fe3057a39a866654985d069e849f52f8394dafdcda3b3c4b02d7f31534a256a855557a0739b4dd04a5e76c4da83bf9d193103726555131a597c9f51b76036d324f01d60a22d460afd88e6308fab03f7ea9ea0be8b1666c9a9b270d5ca1bc3
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 110292

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
620 B 157ms
67ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1702973144734&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1592874947880698
content-length: 172
pin-unauth: dWlkPU9XTTVPV0U0TnpBdE5UUTJaQzAwTWpsbUxUZ3lPV1V0WlRNM1lqSXpNakJpWldZeQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5013978.js Show response
bat.bing.com/p/action/ 0
118 B 64ms
64ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5013978.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 19 Dec 2023 08:05:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FC342C5B9E448CDBB488271334BF6DD Ref B: FRA31EDGE0107 Ref C: 2023-12-19T08:05:44Z
x-cache: CONFIG_NOCACHE

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 124ms
41ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&rl=&if=false&ts=1702973144750&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1702973144746.1717534148&ic=fbpixel&ler=empty&it=1702973144588&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 19 Dec 2023 08:05:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
185 B 117ms
68ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1702973144775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:44 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1729246255437551
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 450ms
450ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246bcca52cf5
via: 1.1 d93812e02e5e29b7a264644d549cc0c0.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655620 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=40
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246bcca52cf5-ORD
x-amz-cf-id: Y_2ZGzdvjIVOynxkmJwH_gx0qNULTBiHRsMbf92OMsHi7CONHYpIhw==
x-yottaa-metrics: 2621cc0283f1/[186,183,-] 26D1cc023015/[-,189.322]

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 388ms
54ms Image
text/plain 52.19.184.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=1926&uu=1b6dd0c6-97c5-aee3-dc26-a1f9793b11c1&sn=1&hd=1702973144&pn=1&dw=1600&dh=5023&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&uc=0&la=en-US&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&v=13.76.0&pvt=n&ex=&r=261076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.184.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-184-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:45 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 2c97337b-024b-4fbb-a417-5fad32f76a16
https://www.elfcosmetics.com/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elfcosmetics.com/2c97337b-024b-4fbb-a417-5fad32f76a16
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a19915f513441bab259dbf5472a9501139e4eda8d1891ca5a0bd4efd6d60dd4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
405 B 381ms
54ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

76675c18234268d2b80fd89fb5ccfa002faee403145d6d4414dcb509d2fb8318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Tue, 19 Dec 2023 08:05:45 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-samesite: secure

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame CFAE 40 B
2 KB 309ms
309ms Fetch
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_5cd0761b65_mdg6mdu6ndq&disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

07db4ac1f0efab00657070a16444c3e26a7ff82ead6d8d394d6690bc0c5b20f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.52.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 19 Dec 2023 08:05:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
edge-cache-tag: up-treatments-hash
x-cache: MISS, MISS
paypal-debug-id: f6541135379b6
server-timing: "traceparent;desc="00-0000000000000000000f6541135379b6-94ab828fa4d2ad15-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 57
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220023-FRA, cache-fra-etou8220023-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6541135379b6-5900dbb7480b26b6-01
x-timer: S1702973145.895438,VS0,VE181
etag: W/"28-exw5SIvTtyrhed2gnxjZ2DwJ7+I"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: s-maxage=86400, max-age=0
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 263ms
263ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:44 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170165
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 5 KB
6 KB 324ms
50ms Image
image/png 2a02:26f0:3100::210:6e29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::210:6e29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 19 Dec 2023 08:05:45 GMT
server: Unknown
x-amz-server-side-encryption: AES256
x-amp-srv: A
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 5378

GET
H2 200 icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
1 KB 325ms
51ms Image
image/svg+xml 2a02:26f0:3100::210:6e29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::210:6e29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:45 GMT
server: Unknown
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
x-amp-srv: A
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 996

GET
H2 200 icon-noun-snowflake-1044022
elfcosmetics.a.bigcontent.io/v1/static/ 3 KB
2 KB 324ms
50ms Image
image/svg+xml 2a02:26f0:3100::210:6e29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-snowflake-1044022?%24Desktop%24=&fmt=auto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::210:6e29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 30766af54516bbc623c690d7506f7d86b6c987acbcc1229debb7dff8f463459b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:45 GMT
server: Unknown
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
x-amp-srv: A
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 1418

GET
H2 200 icon-noun-shipping-5965850-resized
elfcosmetics.a.bigcontent.io/v1/static/ 1 KB
843 B 326ms
52ms Image
image/svg+xml 2a02:26f0:3100::210:6e29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-shipping-5965850-resized?%24Desktop%24=&fmt=auto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::210:6e29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: ecd1fb7d50ee35ca25a2f9a2a0f3792e45652d1fc5b114d1145bc60ab52484d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Tue, 19 Dec 2023 08:05:45 GMT
server: Unknown
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
x-amp-srv: A
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 559

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 675ms
674ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246ddab029a9
via: 1.1 ae37f7b1a8338019f64f54b95bc40ede.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655622 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=40
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246ddab029a9-ORD
x-amz-cf-id: X4rTstCEYhA31RiPffvaAHqhmQwu6rqi1y6w7m_b31K63PjvaitUbA==
x-yottaa-metrics: 2621cc0283f0/[201,197,-] 26D1cc023015/[-,203.639]

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 243ms
54ms Image
text/plain 52.19.184.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.76.0&pid=1926&pn=1&sn=1&uu=1b6dd0c6-97c5-aee3-dc26-a1f9793b11c1&dv=H4sIAAAAAAAAA0WMsQrCUAxFfyVkdnHtpq0VwVEKnUraBgnERF6DWor%2F7hOUjvdwzl1wt%2B%2Bqtjuq96RQukVyhQtPgQVWs9FNBmiFdYTD685J2AaecPPrVgbbHDSUhELc8vorZ3%2FCyYLt%2B1i6KvWesvRgqEUj53bF9wcxTAoRiQAAAA%3D%3D&ct=2&r=732583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.184.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-184-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:45 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 124ms
124ms Script
application/javascript 184.86.103.223
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-223.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 42b699a7
date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073134C5E8A01497578CF78242
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-223.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011f45ff8dacec6c1718e025f9ab6953549d76c6566c838906835a80ea08a84d13ae36cd6cfc72682c6e53053a106593b54114139b82a52860c456fdee9d99d595f6a60b163c55e1e19e9525769c0587b3ca6df4c0230b5bd69e913881dd40a0b0
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 36081

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
974 B 362ms
221ms Ping
text/plain 184.86.251.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15e4bd6b.26b5d7a4
date: Tue, 19 Dec 2023 08:05:45 GMT
x-bytefaas-request-id: 20231219080545EAD7E8EB5D57B958382F
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231219080545EAD7E8EB5D57B958382F-08D3F3EBCCBF7F10-00
x-cache: TCP_MISS from a184-84-216-219.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time: 181,184.84.216.219
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=98, inner; dur=95
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231219080545EAD7E8EB5D57B958382F
x-cache-remote: TCP_MISS from a23-218-219-53.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 93.75
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01ff8104f873b85e6e5a256da5af691def91a5242fd31cb71ae23f67edb7e037bfd2b34cc52315ad980d0890ab4c0143a8c5f4b902a11bfac1bec34f0615bf5a63dac7cb0f46ca5d39825b970c05065723b1a3a3fc02014f255a752002e9e9367e7344d6db5adb151e7226ae55f99898d6
x-origin-response-time: 98,23.218.219.53
access-control-allow-headers: *
expires: Tue, 19 Dec 2023 08:05:45 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
703 B 228ms
228ms Ping
text/plain 184.86.103.223
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-223.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 42b699b6
date: Tue, 19 Dec 2023 08:05:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-23121908054592A5D96AC607EE567FC7-6B77BAD77332CF46-00
x-cache: TCP_MISS from a184-86-102-223.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=4, origin; dur=125
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121908054592A5D96AC607EE567FC7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 125,184.86.102.223
x-tt-trace-host: 01ff8104f873b85e6e5a256da5af691def36c8ed0876f43271329f991320a5bdd2283b3791a8efd73cb7354e9e8a8a97742ae78b05c7f45250208d50d18767f6770e3cfeffae5a6ef21b333d6ff78df19ae1dd21e6fd295c771562d0c40916730e
access-control-allow-headers: Authorization,*
expires: Tue, 19 Dec 2023 08:05:45 GMT

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 554ms
554ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246ddc7413eb
via: 1.1 ca8bc68230969c1b2dd0011a22c5f440.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655624 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=40
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246ddc7413eb-ORD
x-amz-cf-id: lYqH2ZGKX4SJ4vD_mv-6Ai4fM3vIQfOr71wqK1KyIeCSOX5-qyd_hQ==
x-yottaa-metrics: 2621cc8d586b/[203,199,-] 26D1cc023015/[-,205.911]

GET
H3 200 c69c204f-fba0-4685-aea8-ad32f799fa5d.js Show response
tr.snapchat.com/config/com/ 178 B
197 B 108ms
50ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/c69c204f-fba0-4685-aea8-ad32f799fa5d.js?v=3.7.3-2312182359

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

8b21dc24e4a1a9e9b757a870579764f00de1978c59283d8ad57578fe7b23c612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.elfcosmetics.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178

POST logger
www.paypal.com/xoplatform/logger/api/ Frame CFAE 0
0

GET i
tr.snapchat.com/cm/ Frame 593C 0
0

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
2 KB 513ms
513ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246deffd638d
via: 1.1 f08da6278cf291c16594239d7051f060.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655625 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=56
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246deffd638d-ORD
x-amz-cf-id: 1fI4TVh3rslKvZ2CB_rOeJMPNaHq_28ygNwhnjonBmFXcIXzWCmyIA==
x-yottaa-metrics: 2621cc8d586d/[187,184,-] 26D1cc023015/[-,190.145]

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 172ms
40ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: fc009b2426187
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-0000000000000000000fc009b2426187-0aec90db1e70da30-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 19 Dec 2023 09:05:45 GMT

POST
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 3 KB
2 KB 424ms
424ms XHR
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

93247c5460fc5b964990554c3832ffac8784758c74c9c579c2afdab819bf7523

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
via: 1.1 71a526986d4783c392830d78e04e3446.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 0
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655623 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: deprecated
x-cache: Miss from cloudfront
content-length: 1044
pragma: no-cache
etag: 49e933a2c44d5a783e7ee1487c283c47645493b4e9a41edb4211a20e30ce10d1
allow: OPTIONS,POST
content-type: application/json;charset=UTF-8
x-dw-resource-state: 49e933a2c44d5a783e7ee1487c283c47645493b4e9a41edb4211a20e30ce10d1
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 2621cc8d586c/[290,285,-] 26D1cc023015/[-,295.090]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges: bytes
cf-ray: 837e246e099d2321-ORD
x-dw-request-base-id: SZh1A9lOgWUBAAB_
x-amz-cf-id: 9moJPrvZj8fS7wjWq0F13M151aF4foQXQRaIUUjI-KTsf7ZvHkMGkA==
x-yottaa-os: 200
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 172ms
40ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:52:50 GMT
content-encoding: br
age: 1167175
x-guploader-uploadid: ABPtcPrRJGAl4jZY8HSoEqDkbgDvgQ9Z_M7B-4dXtig0fubXh3SNwymUrApyvOj-JMXmJY_pdYs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1317
last-modified: Mon, 04 Dec 2023 15:20:19 GMT
server: UploadServer
etag: "dbc90523c425a5d782995c1a39051881"
x-goog-generation: 1701703219846953
x-goog-hash: crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1317
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
2 KB 495ms
494ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246eace41133
via: 1.1 9438c20f9b656323513bc0a829ee284a.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655626 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=56
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246eace41133-ORD
x-amz-cf-id: 6N7B4vvSrZulfSZYtu1gLRcioDCPq7rbD9DFcMiQCQm-8kSau8Fy2Q==
x-yottaa-metrics: 2621cc8d5883/[189,187,-] 26D1cc023015/[-,192.006]

GET
H3 200 _HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_4-min
cdn.media.amplience.net/i/elfcosmetics/ 212 KB
213 KB 56ms
56ms Image
image/jpeg 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/_HPTILE2_HOLIDAY_COLOR_D_BACKGROUND_4-min

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7779966748e61159baa9833b73760bf5a9e9e9608dfa9da8b6a695d1bb7f74e0

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
cf-cache-status: HIT
age: 50578
x-amp-srv: CF
edge-cache-tag: 1C9eBTXtm,l4p5bDg2e,C7YHJyb2q,k4NPUWi7z
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: J9fMQZLp6a
alt-svc: h3=":443"; ma=86400
content-length: 217417
x-xss-protection: 1; mode=block
x-amp-source-height: 840
last-modified: Mon, 18 Dec 2023 18:02:47 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
x-amp-source-width: 3200
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e246e3db35c62-FRA
x-amp-published: Fri, 27 Oct 2023 01:56:36 GMT

GET
H3 200 2023-12-blush-tile1-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 80 KB
81 KB 82ms
82ms Image
image/webp 2606:4700:4400::ac40:9ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/2023-12-blush-tile1-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a58db0c994eaa767dcae71119d117fa216ff7848bfa70409236ffd8ad5bc09

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
cf-cache-status: HIT
age: 84581
x-amp-srv: CF
edge-cache-tag: C1qaNC35d,l4p5bDg2e,1J-JcJj3g,Cqm_p3RsQ,DtzGFM5oJ
x-amp-cf-worker: true
edge-control: max-age=86400
x-req-id: v5TkZrh7cY
alt-svc: h3=":443"; ma=86400
content-length: 82416
x-xss-protection: 1; mode=block
x-amp-source-height: 1200
last-modified: Mon, 18 Dec 2023 08:36:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/webp
access-control-allow-origin: *
x-amp-source-width: 1600
cache-control: s-maxage=86400, max-age=1800
accept-ranges: bytes
cf-ray: 837e246e5dd05c62-FRA
x-amp-published: Fri, 15 Dec 2023 17:38:15 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
702 B 165ms
165ms Ping
text/plain 184.86.103.223
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-223.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 42b69b5d
date: Tue, 19 Dec 2023 08:05:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-231219080545C6BC4597B49919B213CD-35FC1E1A944B11A3-00
x-cache: TCP_MISS from a184-86-102-223.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=27, cdn-cache; desc=MISS, edge; dur=7, origin; dur=115
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231219080545C6BC4597B49919B213CD
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 116,184.86.102.223
x-tt-trace-host: 01ff8104f873b85e6e5a256da5af691def36c8ed0876f43271329f991320a5bdd2acda2aac1edf5ece3a311b4968968999f46e3d63e85a11dd560c1a044a62aec376d2cd90391a08f9c03ce16d12abef3920fb8a144b81a6a6cb08efc8e545e0bb
access-control-allow-headers: Authorization,*
expires: Tue, 19 Dec 2023 08:05:45 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 1BEB 55 KB
17 KB 40ms
39ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Tue, 19 Dec 2023 08:05:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Tue, 19 Dec 2023 09:05:45 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 90235ec5e1923
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000090235ec5e1923-b4a426767fb6b321-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 1BEB 18 B
210 B 206ms
205ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D8C) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 73a4174105181
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D8C)
traceparent: 00-000000000000000000073a4174105181-1f5fb2dd79982b50-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 19 Dec 2023 08:05:44 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
44 B 88ms
49ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ts
t.paypal.com/ 42 B
211 B 182ms
182ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1702973145398&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 19 Dec 2023 08:05:45 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 7faf6a58e0a26
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: 7faf6a58e0a26
traceparent: 00-00000000000000000007faf6a58e0a26-0f21b87a28fbc70a-01
x-timer: S1702973145.417397,VS0,VE143
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 08:05:45 GMT

GET
H2 200 main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 452 KB
101 KB 40ms
40ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_8aebf97cc6bdaca1cfc56940afdbc7d5.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 828011e932c7f65177e00c50ef88564628178b9d3190845404b02e3132a14c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:29:15 GMT
content-encoding: br
age: 473790
x-guploader-uploadid: ABPtcPqZKkDLycZlBYoDwX7m5CixbWaNqvXD7Y8VWwBYoh-YVeIUg4tV59351qZekMZt1GQ0iQ4eOnBM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103229
last-modified: Wed, 13 Dec 2023 20:29:02 GMT
server: UploadServer
etag: "2404e3009bfbe89e5d2c7f7b24179df7"
x-goog-generation: 1702499342060242
x-goog-hash: crc32c=kCJJLw==, md5=JATjAJv76J5dLH97JBed9w==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 103229
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_1e55b565811f11b08485230cf1d150d6.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
16 KB 126ms
126ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:23:24 GMT
content-encoding: gzip
age: 488541
x-guploader-uploadid: ABPtcPou4DjSi1rn9533dUYPOaCEyqKoqFHywfnrs0_Q7LnWnV8zMLm9z0S4AMxYh76TdKQJGmM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15751
last-modified: Wed, 13 Dec 2023 16:23:11 GMT
server: UploadServer
etag: "d7dc7d7ebcc4f5af5fc2d4804e7ec737"
x-goog-generation: 1702484591435387
x-goog-hash: crc32c=3TW0yQ==, md5=19x9frzE9a9fwtSATn7HNw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15751
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
2 KB 497ms
497ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246f6a1e1247
via: 1.1 dad289b00682a96e4153dd7ef9e7def2.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655628 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=56
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246f6a1e1247-ORD
x-amz-cf-id: B-IrTR6cVjw1Mm50hVvyswWjZ9vRkEmKFHJcJOSfxZNvW4Lc3kUUJQ==
x-yottaa-metrics: 2621cc8d586f/[128,125,-] 26D1cc023015/[-,130.793]

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
2 KB 479ms
479ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e246f9f91630e
via: 1.1 4d8fb668652ab3e226314572d782218e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655629 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=55
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e246f9f91630e-ORD
x-amz-cf-id: 0lPRydYh5jd2K5cCZ_xYz1hRRFPrFz8__rGWfakpV3OMU9TcuGCVIw==
x-yottaa-metrics: 2621cc8d5870/[169,166,-] 26D1cc023015/[-,171.920]

POST
H2 200 exist Show response
srm.ba.contentsquare.net/ 2 B
94 B 178ms
57ms Fetch
application/json 52.51.202.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srm.ba.contentsquare.net/exist?v=13.76.0&pid=1926&pn=1&sn=1&uu=1b6dd0c6-97c5-aee3-dc26-a1f9793b11c1
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.202.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-202-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 08:05:45 GMT
content-length: 2
content-type: application/json

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 1261 565 B
428 B 66ms
65ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 08:05:45 GMT
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1202655580187631

GET
H3 200 inbox-v2_48b3046e5658d067d380731acb25edd9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 42ms
42ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_48b3046e5658d067d380731acb25edd9.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:11:01 GMT
content-encoding: br
age: 791684
x-guploader-uploadid: ABPtcPoRRYfUR8x9jRi96abWM0-qx4DSWkIlEIYXEFvVCehUwCo0cy1LTB4c60Ye-xORwrmfm6bS0BfIQg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4862
last-modified: Thu, 07 Dec 2023 16:30:37 GMT
server: UploadServer
etag: "e08d76c0eee63d930afa55862092fe13"
x-goog-generation: 1698960924312628
x-goog-hash: crc32c=om6Z6Q==, md5=4I12wO7mPZMK+lWGIJL+Ew==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4862
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 sms-v2_59133b5ff2491255abf0da3a6c439b40.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
1 KB 43ms
43ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_59133b5ff2491255abf0da3a6c439b40.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7d6b2e34f8baa2cbb0d0352ba4401894ca78bd0e98a8f0259798be00d3f9f4ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:31 GMT
content-encoding: br
age: 1541834
x-guploader-uploadid: ABPtcPrPiS1a10qCp_wtIuCGuAayGCkcftWHMt4NhXDFjlt2zkGdoDqNShFC5mQ4xcQYvALEjZw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1301
last-modified: Thu, 30 Nov 2023 22:45:20 GMT
server: UploadServer
etag: "fc8b1adafd5fdfc3a8542a947659bc4f"
x-goog-generation: 1701384320777424
x-goog-hash: crc32c=pCs8WQ==, md5=/Isa2v1f38OoVCqUdlm8Tw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1301
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_5631bf90701659009118a89f964ae570.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 44ms
44ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:27 GMT
content-encoding: br
age: 1243338
x-guploader-uploadid: ABPtcPq4H2Y2ES3ysQab0w356yLs5BBgzwMN3a6qnoQROc6WxrmeY99rD0G6eeRa48YYLHlDt9gl_HcyFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4962
last-modified: Mon, 04 Dec 2023 15:20:09 GMT
server: UploadServer
etag: "801d41813e7b11c4986b4ca00307283b"
x-goog-generation: 1701703209164802
x-goog-hash: crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4962
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
2 KB 358ms
358ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24705ae4e268
via: 1.1 41e3e9b71ac696c1f057fb711a33338e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655631 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=55
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24705ae4e268-ORD
x-amz-cf-id: Ubi0fy_eyh_hROrUIP68IByksSLZCqXYm1YW-9LmoAsfUzVLnFjKhw==
x-yottaa-metrics: 2621cc8d5872/[128,126,-] 26D1cc023015/[-,130.911]

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 663ms
149ms XHR
application/json 34.149.175.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.175.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.175.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c5f8728e05c4ddcb70ac83be78fed829d61607d2e0aaef5956c0f199c05101e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:46 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 662ms
150ms XHR
application/json 34.117.200.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.200.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.200.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 42be273cdb44ad97e3d92990191e0d9cd584596b5d2bad27bc4268ddf04b81aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:46 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 769ms
150ms XHR
application/json 34.149.118.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.118.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.118.149.34.bc.googleusercontent.com
Software: /
Resource Hash: d72f9c903649c61403074b89f5a3e131c7c8cec04792e7407d30b0a2f4ae72bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:46 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 PWA-UpdateSession Show response
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/ 56 B
1 KB 520ms
519ms XHR
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
via: 1.1 ccb1167ba723c47886b4c0f66a00184e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ORD53-C3
age: 0
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655632 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
pragma: no-cache
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-yottaa-metrics: 2621cc8d5873/[383,379,-] 26D1cc023015/[-,389.334]
cf-ray: 837e24708fca2c60-ORD
x-dw-request-base-id: 22QJsdpOgWUBAAB_
x-amz-cf-id: tLOd8HJRSwTvVOzUtaShGQpmkgPoRrOMx1syGKI4PCzU7_wsXcCK9g==
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 50ms
50ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.elfcosmetics.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 jquery-3.5.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 87 KB
31 KB 40ms
40ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:16 GMT
content-encoding: br
age: 1243349
x-guploader-uploadid: ABPtcPo-ARLNJ2Bn5DfdFRuhM5EXFQ9fSam_Z--DNVfsysHLpabGCE39SmFXCKPkBWWPHZkC2g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31574
last-modified: Mon, 04 Dec 2023 15:19:33 GMT
server: UploadServer
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-goog-generation: 1701703173399258
x-goog-hash: crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 89476
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 8B44 2 KB
969 B 42ms
41ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 336701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Fri, 15 Dec 2023 10:34:04 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Wed, 13 Dec 2023 20:28:30 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1702499310379960
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPoPQtFeShb0_phssqmsSk2eJ2KE0hJKYHkizqXUn25lSte6AZrN2srPz4gMdV58Efc_9ro

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 1BEB 435 B
1 KB 284ms
284ms Fetch
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edb62b71a7155d8632d9681adb60e9fe5ef4410bd93b21a8b9766bfe089ada26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-lcbGkznthbqvTLS7KEB1C8RRYxex8n5i5K0Ttu53diGT1/bP' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-lcbGkznthbqvTLS7KEB1C8RRYxex8n5i5K0Ttu53diGT1/bP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 19 Dec 2023 08:05:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f522140af7ee0
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220023-FRA, cache-fra-etou8220023-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f522140af7ee0-a700d0713b4e4889-01
x-timer: S1702973146.833908,VS0,VE243
etag: W/"1b3-FcOZGAeUw8QIfuvNJO9+KU1/2HE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 204ms
204ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 19 Dec 2023 08:05:45 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f52214038da7f
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f52214038da7f-b490f35bed09a6ac-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220062-FRA, cache-fra-etou8220062-FRA
x-timer: S1702973146.629195,VS0,VE165

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
2 KB 274ms
274ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24711da52c30
via: 1.1 86d459f5880d6293425a222fb32d5cb4.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655633 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=55
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24711da52c30-ORD
x-amz-cf-id: kHPCW85Lv2NJx05dx_oBNyygJzRYjJvePZ690G39PjYW96lak1MGzQ==
x-yottaa-metrics: 2621cc8d5874/[143,140,-] 26D1cc023015/[-,145.666]

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
2 KB 304ms
303ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e2471cbd56321
via: 1.1 edfd10c592a6866f13503e27961f8302.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655634 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=55
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2023-12-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e2471cbd56321-ORD
x-amz-cf-id: 29BimCwtrzU0Nc-h7zUYTLZwH9T9aBPEh5ZcgaJGWK5t684-6f5uOA==
x-yottaa-metrics: 2621cc8d5875/[172,169,-] 26D1cc023015/[-,175.160]

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170166
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
851 B 605ms
605ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 57827d2e1d333a2c5c0e53aa1e31a894.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655638 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 92629c67-048e-4661-8dd7-ade157d73b48
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCHHiHiYcEM9Q=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-1bdbb6cb3fa9219b224bafc0;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc8d5878/[471,468,-] 26D1cc023015/[-,474.850]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: 1j_eqiCKjjH9aQEKADELaY4ugtc39INa1R9EZtEw8Z2PWKeOAx4j0g==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 324ms
324ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e2472fbb5119b
via: 1.1 ca8bc68230969c1b2dd0011a22c5f440.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655639 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e2472fbb5119b-ORD
x-amz-cf-id: em_yCtaz2wyMgDVrd5ecZD_z0nJ4VydEkYyjc9M1qeS68JQmH12m3g==
x-yottaa-metrics: 2621cc8d5879/[184,181,-] 26D1cc023015/[-,186.684]

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
852 B 793ms
793ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 a497b0eefe66dc6fa9e24b5f51d2ab42.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655640 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 67974b85-5d02-43b5-9114-436e5c991951
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCIFxSiYcEhHQ=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-79e86b2b4a68cf9a63d308c8;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc8d5881/[597,594,-] 26D1cc023015/[-,600.008]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: MUoRKcWbKL9QsJhXLWDVFY20sOwsSU7gGYL3-Df5bKdEaK3aLky4rA==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
850 B 708ms
708ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 c2a7c1fdba61399cba39dd64969701d2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655642 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 33a5edb9-608b-4a20-aa85-b02f5e3e6361
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCJGxiCYcELIQ=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-6b11c7102f0a91cb150c2f23;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc028330/[514,513,-] 26D1cc023015/[-,516.062]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: IcxwLPNyb3ohlx13oFNmaxKRNsEoAgfueh_81HYzuKl-s5E0P-OdcA==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 307ms
307ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24735e1b8743
via: 1.1 ae37f7b1a8338019f64f54b95bc40ede.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655641 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24735e1b8743-ORD
x-amz-cf-id: UTDnw7QzbbnguE4-SkghVuGit3LCZ39OYub6FiXMqreygSEfjclPRA==
x-yottaa-metrics: 2621cc8d587d/[173,170,-] 26D1cc023015/[-,176.377]

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
851 B 687ms
686ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 92d95cda7eaeed8a1f0f8b1603cfc362.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD53-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655643 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 2093a7e5-91bf-49ce-9ffb-c015c715dc78
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCJHqrCYcErxw=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-320031e25bdc73cf737df97f;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc028332/[532,531,-] 26D1cc023015/[-,534.459]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: ZgG_cZ0Nj6fIoaL3zdeBHgx4UlYR0dF40KtIYUvT7rX3M30XPTj58w==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
851 B 601ms
600ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 df7b78bddb1d881ad1b83a6b09b25e56.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655645 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 8f373a59-2e61-4f09-9816-0d1503db6be5
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCJGNfiYcEllA=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-0a5a895d5144a3aa5ca1330a;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc8d587a/[468,467,-] 26D1cc023015/[-,470.150]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: 9ecvkhQUIrVRCWUSnir6CBoxOFuD3D8zWPCSAz5xtT3P_pJCMvrg5g==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 346ms
345ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e2473dc172dba
via: 1.1 fee2e0fc8d516ec2db8a330862bc0b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655644 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e2473dc172dba-ORD
x-amz-cf-id: uXKZyccy1fHe0u-kstfYf6orsZXIl1oVZvdzi2eNTkiX9pWNjx8gEg==
x-yottaa-metrics: 2621cc028308/[206,205,-] 26D1cc023015/[-,207.523]

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 137ms
137ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170166
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
852 B 684ms
683ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 76e1a4070013561cfdd22379ffc472d2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655648 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 7a0d0fcc-7c60-4aca-98d8-937dfbc09bd4
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCKE8tiYcEtLA=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-5685d4b670cc7faa73a139cb;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc8d5880/[489,486,-] 26D1cc023015/[-,493.766]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: WJyJibwWL_hRlpEJxo4XYFGdtJXDlNqyWssCNaucehesJCA3G4tnOw==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 404ms
403ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e247409e00380
via: 1.1 5d7fa168c29a6f16a8c659b5e9ede8a6.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655647 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e247409e00380-ORD
x-amz-cf-id: lxb-34y50uTSPk9ChOSuVZQjU8dmtcYPUtPa1UlJuspk38WUOQiJIA==
x-yottaa-metrics: 2621cc8d587b/[190,186,-] 26D1cc023015/[-,192.339]

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
850 B 567ms
566ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 ae37f7b1a8338019f64f54b95bc40ede.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655651 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: d52a3917-6e84-40c2-aed5-dcbbe5ca4020
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCKFBpCYcEgnw=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-3df75c462251d0b150f8d36b;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc8d5882/[409,406,-] 26D1cc023015/[-,412.935]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: cHBbbDACYsoLTYEjlmfr-NXIs6l1Xt4L24eyM9glTnrC_nPQIsp02w==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 413ms
412ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24744f302a90
via: 1.1 b57909894838e27c3bff2a0828c2639c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655649 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24744f302a90-ORD
x-amz-cf-id: De9-9jRmIEI0IVFDqamFOHJToVAhwu1x1rMtANA6lY2RLMjoku6lcA==
x-yottaa-metrics: 2621cc8d587c/[173,169,-] 26D1cc023015/[-,176.632]

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 492ms
492ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24744a5b8720
via: 1.1 820cbbdab21a9987bdc9e4354fb7442e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655650 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24744a5b8720-ORD
x-amz-cf-id: 33GDTMnrbA6YRMi0sR5oZU5znFwjJMzYPmad_7jBDonoSOEBvooHfg==
x-yottaa-metrics: 2621cc8d587e/[188,185,-] 26D1cc023015/[-,190.647]

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
852 B 580ms
580ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 702877149e1cd7ac6989f8956c31e220.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD53-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655652 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: be2af9d1-164d-4db3-bef5-059caa3c4699
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCKHuQCYcEDYA=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-77388bd84995bc5f290340ee;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc028352/[447,445,-] 26D1cc023015/[-,451.541]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: 9JSflOpGBH9gnAOU6paebVJ0WC_ll_yEN79OWNnpWuhJnUlGPZ1EoA==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 448ms
448ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24748d45e268
via: 1.1 67fba912e2b8351608a28af96abf1d1a.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655653 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24748d45e268-ORD
x-amz-cf-id: Lc9N3OazoeV7vFLVfQF1BKvDaf18GWY7-jHCZgqL5LUGhRcwPdidOg==
x-yottaa-metrics: 2621cc02835b/[191,187,-] 26D1cc023015/[-,193.547]

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170166
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 1 MB
65 KB 531ms
531ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e2474dacb113b
via: 1.1 ae37f7b1a8338019f64f54b95bc40ede.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655655 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=39
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300235%2C300166%2C300216%2C300152%2C300176%2C84819&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e2474dacb113b-ORD
x-amz-cf-id: fHS_8XSIw54gm0XIr6b4L_xqhHziRGWj73tm4xhyT6IjwiSrc0yS3w==
x-yottaa-metrics: 2621cc02835c/[188,183,-] 26D1cc023015/[-,193.129]

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
852 B 614ms
613ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
via: 1.1 57827d2e1d333a2c5c0e53aa1e31a894.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655656 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: de3abf02-2a4f-4f3e-88e2-0ce52b8859c4
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCLF6QCYcEBiw=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-625559db69f621e42e3fe515;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc02835d/[479,476,-] 26D1cc023015/[-,482.911]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: iSxsCWCHPCfXAhtnlXBYGgkVTe3UI-_5yMBW_zldggmsSgagjUxB9Q==

GET 458359.gif
idsync.rlcdn.com/ 0
0

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
852 B 677ms
676ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 d7ca253f1179d4dffe997de4273da3ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD52-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655657 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 08a3792d-e5c3-48c7-b4ad-8e0defc5c1d5
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCMGarCYcEJQw=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-698f9094430089332b9e6755;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc02835e/[543,540,-] 26D1cc023015/[-,547.402]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-cf-id: KzwNOzoseSZnYXXX4gNR_N2Nl3BACh478JqW7szlL2Ip3Q2eoFkcsQ==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 391 B
850 B 634ms
634ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 6f118d3c15df75b5c24f41588d371920.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 391
x-amz-cf-pop: ORD53-C3
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655658 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: a0677610-7aaa-407d-a92d-bb64076c3cf6
x-cache: Miss from cloudfront
x-amz-apigw-id: QLlCNHZnCYcEX2w=
content-length: 173
etag: W/"187-Y/siy/aUN1Ai3r44Syc3deRjz5c"
x-amzn-trace-id: Root=1-65814eda-00ea2fc360a9a8ff4fb3023a;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 2621cc02835f/[501,498,-] 26D1cc023015/[-,504.892]
x-amzn-remapped-date: Tue, 19 Dec 2023 08:05:47 GMT
x-amz-cf-id: tc46ROUpb4nvodmiOU4gAvBPCkp6KAF6jBooCPwoabAQunwgr4X97w==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 128ms
128ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:46 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170166
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 82421 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 73 KB
7 KB 261ms
260ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82421?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

fa27517558920a5fd9635a5b2fac5e518e17df8581608eb2be189291b2ef2fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24796cb21090
via: 1.1 6b70d5a6288c39a626d8919a4f5ebd5c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655660 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=45
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82421?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24796cb21090-ORD
x-amz-cf-id: iyLeMZjmi2y4Ujj0yfFv_5cBi6RPwrhD9-V6op9qDxQrib6J-fvP6w==
x-yottaa-metrics: 2621cc028361/[125,121,-] 26D1cc023015/[-,128.469]

GET
H2 200 84775 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 285 KB
14 KB 413ms
412ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84775?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

ce86bf37c65e05b60c7c2f04f8fcd5b11cd4f467ac76c9ea03f949ba7daf2b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24798968111f
via: 1.1 642d6c61e3fb5d29e49992176628bf94.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655661 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=45
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84775?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24798968111f-ORD
x-amz-cf-id: u5gyTKvALLWP6PdoGHh1FIZA7pRYJgglTxKH0eldL0TPbiGUKi1QVQ==
x-yottaa-metrics: 2621cc028360/[268,264,-] 26D1cc023015/[-,270.401]

GET
H2 200 84823 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 221 KB
12 KB 299ms
298ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84823?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

85f59d703d0b1d725164e6c05afc445733c53a43d2f9bc0ccc3663992cee50a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24796fbc618e
via: 1.1 a4393bad716bd416c78e90ee9f01518e.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655662 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 1
cache-control: private,max-age=45
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84823?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24796fbc618e-ORD
x-amz-cf-id: MlAetOQusJawjmL34R4NWcI8StrFJmj-SNtU7Zr_pg3WEq4-Swi4-Q==
x-yottaa-metrics: 2621cc02836d/[141,138,-] 26D1cc023015/[-,144.255]

GET
H2 200 84860 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 59 KB
7 KB 386ms
385ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84860?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

f940649197820a283c1c29819c9cb412f28ce7e9eec5317d6c0cdfab0f58d9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24799c4f1263
via: 1.1 ca8bc68230969c1b2dd0011a22c5f440.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655663 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=45
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84860?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24799c4f1263-ORD
x-amz-cf-id: W2dVRPzgLX4qqikz05RAKN1d9OyF482b4pGobY3f29rnHaroKArqHw==
x-yottaa-metrics: 2621cc02836f/[198,195,-] 26D1cc023015/[-,201.190]

GET
H2 200 85844 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 203 KB
12 KB 298ms
298ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/85844?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

ccf13d8d8e03517db0b94a7cf7e957cd76b9a5385ef2f0e5b8e8b46038dc6a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24796d94e13b
via: 1.1 bd0af4745add78d15027ed10674cbbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655664 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=45
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/85844?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24796d94e13b-ORD
x-amz-cf-id: 5jfrH4b1EJPSpLciAcA2W25QXbwpMwCRqdAH1EyR-NYvjwwHLCcf4Q==
x-yottaa-metrics: 2621cc023033/[134,132,-] 26D1cc023015/[-,135.974]

GET
H2 200 82862 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 278 KB
15 KB 287ms
286ms Fetch
application/json 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82862?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

5b5708cc5b8b314dd2557eda786034a5ff82371793183507a9e2aecdfaa2a5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 837e24797e0a2986
via: 1.1 86d459f5880d6293425a222fb32d5cb4.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD52-C3
x-yottaa-optimizations: ob/1000 si/26D1cc023015-1702588992-3672655665 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
sfdc_load: 2
cache-control: private,max-age=45
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82862?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 837e24797e0a2986-ORD
x-amz-cf-id: MdNyYpKW_I5RRnSOWb-JpBz8tV6J0b2aQnCxe-yhHaiL13Bsj5Z3Tg==
x-yottaa-metrics: 2621cc023042/[127,126,-] 26D1cc023015/[-,132.843]

GET
H2 200 82421_8a1227_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5b6d6050/2023/CamoLiquidBlush/ 317 B
907 B 143ms
132ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5b6d6050/2023/CamoLiquidBlush/82421_8a1227_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e44d9f1131ad40d59d181647ff28fe44048f8634d9edc98434d20eb0c486103b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 85484bc93a3bf518807a3ced5b71f7de.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671766213 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 317
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d587b/[6,-,1702871509785] 26D1cc023015/[hit]
cf-ray: 837473180e95e10c-ORD
x-amz-cf-id: 6tIblbjBQbJ-kHCUG_Fj3CEqkNlOBT7y57q6Z65bP0jPjssVdl722A==

GET
H2 200 82415_ed9170_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw50c1d8e1/2023/CamoLiquidBlush/ 297 B
888 B 143ms
133ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw50c1d8e1/2023/CamoLiquidBlush/82415_ed9170_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 668aa9986154c66db7b479ade413370fec61bdc181337553f80f5fdc01990c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 17d327aff2e081d9a192b3e9f19a7904.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671766214 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 297
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[6,-,1702871509930] 26D1cc023015/[hit]
cf-ray: 83747318e993298c-ORD
x-amz-cf-id: w-JULpos0SjHnu8SFz-wJxcH65q7hpWrikQgN4SvwSaYrqHmOjuQLw==

GET
H2 200 82416_c97261_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73f9861a/2023/CamoLiquidBlush/ 304 B
895 B 144ms
135ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73f9861a/2023/CamoLiquidBlush/82416_c97261_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6b02f9e36822c74ddfebf00ddefddc4e0de3eccf0561ee9957f66e6db9b189d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 119a6678daa8460130f2575d73df9ee6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671766220 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 304
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d587c/[6,-,1702871509953] 26D1cc023015/[hit]
cf-ray: 83747318dde513a5-ORD
x-amz-cf-id: 6OJuyGa4odsbMlwS_gkNLKjG__8jC9UXhTIOSuTlO-C0Y13VK4RTBQ==

GET
H2 200 82417_934848_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2eb56abe/2023/CamoLiquidBlush/ 314 B
903 B 145ms
136ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2eb56abe/2023/CamoLiquidBlush/82417_934848_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 53a267fda006f16d6fdb54ee764922a3fe61a8b6ef2972ae8c60d93e306bb1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 3360a945c61b7fb2873cf9e28623c2ac.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671766218 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 314
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d5880/[5,-,1702871509811] 26D1cc023015/[hit]
cf-ray: 837473181cae10b2-ORD
x-amz-cf-id: rY2aW3OAf0eDODJ8iSa8DeQ63gPzwDo6fRkR8FSlqamu73Q7ok_lEw==

GET
H2 200 82418_ea5d4e_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2947a163/2023/CamoLiquidBlush/ 306 B
896 B 146ms
137ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2947a163/2023/CamoLiquidBlush/82418_ea5d4e_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: be26eb3fda8ce26fcf39cabb2d7d4f56a8524e31a343f6db6b1c4e255c4c89d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 e5ab459dee592201d36b1e9eea4f7328.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671766217 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 306
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d5882/[6,-,1702871509923] 26D1cc023015/[hit]
cf-ray: 83747318dc991197-ORD
x-amz-cf-id: zAiUMgTVhTMnqtPB60_RUDDom2PGFlxidDJHpAsu8x_aQAIkSgpVMw==

GET
H2 200 82419_d8295f_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbf823553/2023/CamoLiquidBlush/ 307 B
899 B 278ms
269ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbf823553/2023/CamoLiquidBlush/82419_d8295f_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 55245d1dbef4c5307f1e4b89913f51d27a2bd76d9d4130bcfc48c1438ce27232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 06388d8aa1fcdc8ac88535f3432f5dfe.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1702588992-3671766216 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 307
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d587e/[4,-,1702871509931] 26D1cc023015/[hit]
cf-ray: 83747318e85f86f3-ORD
x-amz-cf-id: JoVNKIEzGWR5qsK8rbrPPP7lgaY9KPeZzQMS93G-yqSrl8z3axCE_w==

GET
H2 200 82420_d52e1c_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0bcb7171/2023/CamoLiquidBlush/ 313 B
904 B 280ms
271ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0bcb7171/2023/CamoLiquidBlush/82420_d52e1c_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4358d95ed843273750f6301a75ad4282b7f32fbf25d9bfc0d7c1ed220f526673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 9c62e91def9b53326c9958038d1d1806.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671766219 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 313
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02835b/[7,-,1702871509802] 26D1cc023015/[hit]
cf-ray: 83747318181d61bb-ORD
x-amz-cf-id: csgS18tPGT8SSXNgB0mlszZDFyK7pBzHAI-SYW2w8TD8KEDQ0CHvcA==

GET
H2 200 82422_81382b_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd690c536/2023/CamoLiquidBlush/ 314 B
904 B 281ms
272ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd690c536/2023/CamoLiquidBlush/82422_81382b_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 57b5fadea258092c47cb3ad1f5ca816ed7a03c194c96b14a59e3bd606284616a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 06388d8aa1fcdc8ac88535f3432f5dfe.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671766221 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 98194
content-length: 314
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02835d/[6,-,1702871509931] 26D1cc023015/[hit]
cf-ray: 83747318e8842da6-ORD
x-amz-cf-id: stTdMWzpLA4M6_S5xz53zrNJM0cjvy2SR7sYpChZfl5Vl_975_BAPQ==

GET
H2 200 84775_cda287_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw62ae8ea4/2023/CamoHydratingCCCreamUS/ 298 B
889 B 284ms
275ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw62ae8ea4/2023/CamoHydratingCCCreamUS/84775_cda287_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 94042480248a965c3a5ac3d06cfd09ed636d65bc95ef9191fd42c8e03dcf8356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 5838e45b12e9f614d10d25d52f72cdaa.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671842366 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
age: 85559
content-length: 298
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028366/[6,-,1702886480412] 26D1cc023015/[hit]
cf-ray: 8375e095ecd88123-ORD
x-amz-cf-id: 1fEjvtw17EBfaERdgPidJ2UydLPwC6Op7zVwTEY_op1HRtI6XdybrA==

GET
H2 200 84770_abbab0_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2a89f070/2023/CamoHydratingCCCreamUS/ 292 B
883 B 282ms
273ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2a89f070/2023/CamoHydratingCCCreamUS/84770_abbab0_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9dce54df0bff5560ae9ccdce2979cb5df5239a2e5c13757c2d79d4ba8a933800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 17d327aff2e081d9a192b3e9f19a7904.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671842368 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
age: 85559
content-length: 292
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028363/[5,-,1702886480438] 26D1cc023015/[hit]
cf-ray: 8375e095e9158702-ORD
x-amz-cf-id: 79jS6RL32VnU9o25Uqq-U9TfTzjEXIs7qZUF2-O_XiLgumBskGer7w==

GET
H2 200 84771_f3c79b_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd6cdbf00/2023/CamoHydratingCCCreamUS/ 296 B
885 B 282ms
274ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd6cdbf00/2023/CamoHydratingCCCreamUS/84771_f3c79b_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4fc6b382f1e5cb36ebe064743297eb2a63a992880b4acef85cd010615f3ff203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 102c2ce84f6702e1add78e397cea7b84.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671842367 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
age: 85559
content-length: 296
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028364/[2,-,1702886480425] 26D1cc023015/[hit]
cf-ray: 8375e095fbcc10bb-ORD
x-amz-cf-id: wTXF2ES2sqIL0gAgjH8_2NLG9164GkRVREXHl095Hhumt_8AsB2foA==

GET
H2 200 84772_edc6a2_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5896b8a1/2023/CamoHydratingCCCreamUS/ 289 B
881 B 284ms
276ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5896b8a1/2023/CamoHydratingCCCreamUS/84772_edc6a2_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: c65c0caf9c1f9d66f98f5bdadfa4e428f4218a66d3ecc95452e5a7f3e8a193f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 85484bc93a3bf518807a3ced5b71f7de.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671842369 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
age: 85559
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028362/[6,-,1702886480437] 26D1cc023015/[hit]
cf-ray: 8375e095f98c6095-ORD
x-amz-cf-id: 9uMTC3YAzRN-57XaICsEN-20rCF2lcOCZqPd73pPPUX3O6m6CxM7xw==

GET
H2 200 84773_f5d098_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw57d1cafd/2023/CamoHydratingCCCreamUS/ 293 B
890 B 285ms
278ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw57d1cafd/2023/CamoHydratingCCCreamUS/84773_f5d098_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9045cfa088cf8ef1a5e30595ca007783ae735876179f0945cbf4acbfe2dca0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 9ac9ad92db3824c1d085819b5b8672ac.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ORD53-C1
age: 86073
x-amzn-requestid: 7bdbac32-c972-4069-b32a-c3ad21e5b99c
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671840051 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: QIRcnFcmIAMEDNA=
content-length: 293
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-657ffc50-5c8ffd5d48aeea32584865cf;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d587f/[4,-,1702886480593] 26D1cc023015/[hit]
cf-ray: 8375e096091322fe-ORD
x-amz-cf-id: B_0xIW-QwT-coK9d1lSOCN8g2oSqBRB-VA5MiVV3TDEBkRR3-clL5A==

GET
H2 200 84774_f2be92_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6ce71a9e/2023/CamoHydratingCCCreamUS/ 293 B
890 B 286ms
279ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6ce71a9e/2023/CamoHydratingCCCreamUS/84774_f2be92_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9625a08bb78a6f43c562c670311c9f1da09d44d574370bac0b3f235df7fafacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ORD53-C1
age: 86073
x-amzn-requestid: 32b8aa5d-f3c1-4d37-baa3-37d81c029e5b
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671840052 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: QIRcnG3aoAMEHaw=
content-length: 293
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-657ffc50-7b1897a1089610cc50f3aaed;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028307/[4,-,1702886480605] 26D1cc023015/[hit]
cf-ray: 8375e0960bab2c64-ORD
x-amz-cf-id: 9anrpw-NKYZ3jqQJjeLrgID275JrCxEzC_Qp5TmBvsQXxPy6XqqQAg==

GET
H2 200 84776_e1aa79_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd8c0d6ba/2023/CamoHydratingCCCreamUS/200s/ 298 B
896 B 287ms
280ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd8c0d6ba/2023/CamoHydratingCCCreamUS/200s/84776_e1aa79_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 2a049bbbfd32b5dcfd10c674a39c892840517b61b0d66379440ee6e0787087de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 c9119c9cbad606324b966549b1fefab8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ORD53-C1
age: 86073
x-amzn-requestid: 50153ffc-76f0-4252-9ffe-638127d22b39
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671840054 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: QIRcnFY3IAMEDvQ=
content-length: 298
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-657ffc50-49983ff52b6461cd63708984;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832e/[6,-,1702886480617] 26D1cc023015/[hit]
cf-ray: 8375e0961fe71124-ORD
x-amz-cf-id: ZoPRfsxATBJx2LnP69DJ-T1MyLY5RIpbqQZnlv_lUWVte_gR2oKWng==

GET
H2 200 84777_eabb84_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw26d66088/2023/CamoHydratingCCCreamUS/200s/ 291 B
888 B 287ms
280ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw26d66088/2023/CamoHydratingCCCreamUS/200s/84777_eabb84_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 2825fb815f5d2d6dbecd08123f285baf2cc975a4e6081b83984eb21b12fdc15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 160fabe63b184f045d53075e6c659156.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: ORD53-C1
age: 86073
x-amzn-requestid: 7c95161c-3c17-4ed7-b1b1-128b49372b81
x-yottaa-optimizations: ob/101 si/26D1cc023015-1702588992-3671840055 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: QIRcnGf1IAMEpjA=
content-length: 291
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-657ffc50-114723ec53271fa122b5ddc0;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832d/[5,-,1702886480602] 26D1cc023015/[hit]
cf-ray: 8375e0962f8210d8-ORD
x-amz-cf-id: Z1IBV1FDaWFqWW5syQ3BZHseQ33dwZxJM3kOI53v9V0Mq955psARgw==

GET
H2 200 84823_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7793ee2e/2019/ 286 B
895 B 305ms
298ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7793ee2e/2019/84823_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 17667aa1c9106e83b4b37e812a1a38e3c0f8eab8af57d1692fcd1319b273cef3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 0632a2f05b5e673253cde126c6ed496e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209798 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 286
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02303c/[1,-,1701176397777] 26D1cc023015/[hit]
cf-ray: 82d2ca85f9a503bc-ORD
x-amz-cf-id: UtxGkBFCyh1KqRW2Uk9yyDWS-FLufvEKq2Z7h7opis2dbYFg3wwpGw==

GET
H2 200 84820_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1b1bd8ca/2019/ 286 B
892 B 399ms
267ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1b1bd8ca/2019/84820_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 45ac5ea85046c8347b4288337d031a9af9c711835f440479939352ef78880d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 8ec8e3fd6e66e1e022363066d11c6036.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209799 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 286
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02303d/[4,-,1701178768623] 26D1cc023015/[hit]
cf-ray: 82d30467cd241116-ORD
x-amz-cf-id: QHlEaNjx1byQd7ltaYh1Eu-xaWdvtTt5uwd41NB3v9Vs41G74XpUHg==

GET
H2 200 84821_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0f678dbc/2019/ 286 B
894 B 400ms
269ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0f678dbc/2019/84821_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 50b1bcbef31c67241e0c72b2cb88748d6fcf592934ac177ce50fff1adf0f8864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 286802fe2f64b7fd6134652749578f50.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209801 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 286
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028307/[4,-,1701154192222] 26D1cc023015/[hit]
cf-ray: 82d0ac653d55e21b-ORD
x-amz-cf-id: _PiK_btv26wxFCpXSPdCwIvHIp3ahP8OGZLiCOMUBLNBUMaZ44i4FA==

GET
H2 200 84822_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7793ee2e/2019/ 286 B
893 B 401ms
270ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7793ee2e/2019/84822_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 86c8f692dd1cfef71c154e81ee3214e5dd925faea5effd3c03d6ac23f7ae3811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 f36251c149c64539ed81c5e220e5e2b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209802 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 286
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832f/[3,-,1701195136287] 26D1cc023015/[hit]
cf-ray: 82d49401acf101ca-ORD
x-amz-cf-id: V1IPQ1BsyQnUOg8O4CkbXNzeHT54nER9vqpvakmjRewscjObjfqI6A==

GET
H2 200 84824_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdf7809c2/2019/ 287 B
896 B 403ms
272ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdf7809c2/2019/84824_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d499b3ff1407d606428473d286b43f199b24695f3278f4f18a0c4c3e9231ad66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 66048474d92f7513c54f0d11dd060004.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209803 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 287
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832e/[3,-,1701190743806] 26D1cc023015/[hit]
cf-ray: 82d428c4af936378-ORD
x-amz-cf-id: hO_lLiVAzMfbS-ZcpPNfZtOs6w_XZEAxYuxlSw8rVD9jMRr2Rn3X_w==

GET
H2 200 84825_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdf7809c2/2019/ 286 B
882 B 410ms
278ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdf7809c2/2019/84825_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 693981887c2367a3d5252369061d28104b3892620b29fc87835545930652dc5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 93de5e34e27bf5cda101effa5f910612.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209804 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 286
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028331/[4,-,1701184026094] 26D1cc023015/[hit]
cf-ray: 82d384c2efd92dbe-ORD
x-amz-cf-id: 95eWA61hii-53SXxzxswDKZD_R-QkZ4ygmW7DRan7XuO-KWheNQ5yw==

GET
H2 200 84826_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe25a7aab/2019/ 286 B
894 B 408ms
277ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe25a7aab/2019/84826_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 84b685793a964cff73c34f58e643b408a0fd3a0288587b286c9c363343de3fac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 dd91fb8402fa02639302e6c413fea662.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD53-C1
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209805 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 286
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832d/[2,-,1701173776455] 26D1cc023015/[hit]
cf-ray: 82d28a86bdde6398-ORD
x-amz-cf-id: dtd9r3YtWShjIiuIFC2kf7YyoUqxzzi4WcPFtC-EEOALdU2lnAVtYg==

GET
H2 200 84827_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe25a7aab/2019/ 286 B
894 B 408ms
277ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe25a7aab/2019/84827_Tile.jpg?sfrm=png&sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: fb079566c692c91b5461dfe62f2832be2b1779eb259a69aaeb21a5da533ec62a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 742fd95a67b644c7cd7f9d39f6e0f880.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD53-C1
x-amz-meta-cleanquerystring: sfrm=png&sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746209806 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777157
content-length: 286
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc02832c/[3,-,1701190804703] 26D1cc023015/[hit]
cf-ray: 82d42a413d6486f3-ORD
x-amz-cf-id: CUG0FGvxa3xZVARC0W9JFmw2LCG0xnFO0PI0xrK8sMLlCNS15wf5fg==

GET
H2 200 84860_4974de_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw63898ba2/2023/CamoColorCorrector/ 290 B
899 B 410ms
279ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw63898ba2/2023/CamoColorCorrector/84860_4974de_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 492089eb26d76de63f9a84fcaac2842118c9ada02469953265e4b6d13ae8da5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 f80960da16f5b10ab0cd9d0ff6bcb41a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
age: 1777242
x-amzn-requestid: 46edb18f-c8ce-492a-9bcd-5651d30b42db
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746208691 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: OJSfIGOeIAMEcVw=
content-length: 290
x-yottaa-forcecache: true
cf-bgj: h2pri
x-amzn-trace-id: Root=1-654d312d-0bb4bf76651147046d20018e;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d5871/[3,-,1701188041258] 26D1cc023015/[hit]
cf-ray: 82d3e6c9bf591249-ORD
x-amz-cf-id: yQdX44hj79tXNqpI-r6XYq1Nh3HY7ROw2Jkl5_NPTIUy6sgH4hZxyg==

GET
H2 200 84856_eed298_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw16fb611c/2023/CamoColorCorrector/ 290 B
896 B 410ms
280ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw16fb611c/2023/CamoColorCorrector/84856_eed298_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: fdcea4140994d001b48a9123d3a6072eba2711cfd4eaeda3778702a3c4af9ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 d9527af51976105c0da25999aac3d0e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
age: 1777242
x-amzn-requestid: ecd8e5d4-8a67-471d-b32e-4deb2e04d0a5
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746208688 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: OJSfIEm-oAMEDhg=
content-length: 290
x-yottaa-forcecache: true
cf-bgj: h2pri
x-amzn-trace-id: Root=1-654d312d-1e2f6f8d656720705366d743;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d586e/[4,-,1701187628496] 26D1cc023015/[hit]
cf-ray: 82d3dcb5fc12033f-ORD
x-amz-cf-id: qQXFskiz-CA6Edn0m52Nb0JsSvG47cEtY0GtqsEkF6jEJ1jFI0IedA==

GET
H2 200 84857_bbce8e_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw279e0f17/2023/CamoColorCorrector/ 290 B
898 B 411ms
281ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw279e0f17/2023/CamoColorCorrector/84857_bbce8e_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5170e41ae66e0b007c0e58dc16c1d484d0d5bc6efdac1b267a137451678cb0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 646f6a67f41f3b0c020687c94f9a2ffe.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
age: 1777242
x-amzn-requestid: 50242c8c-c66e-4cee-ae06-613617f631a6
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746208689 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: OJSfIEftIAMENkQ=
content-length: 290
x-yottaa-forcecache: true
cf-bgj: h2pri
x-amzn-trace-id: Root=1-654d312d-632392061857110f43b42a38;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d586f/[4,-,1701189332537] 26D1cc023015/[hit]
cf-ray: 82d4065029bf2931-ORD
x-amz-cf-id: JNLhRkGBremFuA-Mi1mgVGiECQZTGO7FZ2ONfDAqIeCFpGavWrc_DA==

GET
H2 200 84858_d8ab90_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3b6728e7/2023/CamoColorCorrector/ 289 B
897 B 413ms
283ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3b6728e7/2023/CamoColorCorrector/84858_d8ab90_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b2a10b85496fee0f9aecff53144f408afbefe7ddff9cd4562ecf2dde0015b74d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 89c3295a809f5ca6e38aa1d65eea341a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C3
age: 1777242
x-amzn-requestid: 45b44fdd-d515-42e3-9e4f-9565c7044257
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746208687 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: OJSfIHLUIAMEPoQ=
content-length: 289
x-yottaa-forcecache: true
cf-bgj: h2pri
x-amzn-trace-id: Root=1-654d312d-79c2d3d4285343e66d433881;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d5883/[4,-,1701192965122] 26D1cc023015/[hit]
cf-ray: 82d45effdb2e2a45-ORD
x-amz-cf-id: hBhAnCtFk0kDyv1Z0-RxgEozi6qCd_uY2A2pJyq_IFtDUaRZgjxjyg==

GET
H2 200 84859_c7714d_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw276f3ef7/2023/CamoColorCorrector/ 289 B
890 B 413ms
284ms Image
image/jpeg 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw276f3ef7/2023/CamoColorCorrector/84859_c7714d_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 2cbbbdb077714b1ae5c9c94c6b39f0ec38b2b197abab923f65da6096e29f38c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 ba9c4a15d904b10c426461fa8ff12178.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD53-C1
x-amz-meta-cleanquerystring: sw=16
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/26D1cc023015-1700755748-746208690 tts/1701195853463 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1777242
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: h2pri
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d5870/[4,-,1701190420919] 26D1cc023015/[hit]
cf-ray: 82d420e29c40813d-ORD
x-amz-cf-id: 1sy93Y-AIAmFTjdzeiPu9lfy6qB10EdrFdvMCVwfBXeTNJgHMAGHzg==

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 8 KB
3 KB 152ms
40ms Script
application/javascript 18.66.122.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613a0081b64a7df6a20f9ba46cd384e4061e288f439ba8755cd664fbad3177c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:54:20 GMT
content-encoding: gzip
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
last-modified: Wed, 13 Dec 2023 10:00:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 688
x-amz-server-side-encryption: AES256
etag: W/"615c232b2321c7908499921b3adc8138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: VCsrc2QeAyRH0OrrhuugyZRK2u5myFlPorWTDDIX2Ec9FwVrD5W3nA==

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
235 B 243ms
153ms XHR
application/json 2600:1901:0:56e0::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=034064204&GCS2=ZDg5ZGM5YmItMTFjMy00OWNkLTg1OGItMzlmZjdkZTdhZGUwLmxvY2Fs&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22i19L6tzWvlZL3YJ%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A3%2C%22IDStageStart%22%3A3%2C%22netComplete%22%3A127%2C%22obsReqpage%22%3A680%2C%22obsReqdata%22%3A680%2C%22obsReqview%22%3A775%2C%22IDStagePrefire%22%3A775%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%225954061435138743568%22%2C%22visitid%22%3A%221702973145647083%22%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 299ms
285ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170167
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 129ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170167
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
130ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:47 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170168
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 129ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:48 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170168
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:48 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170168
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 129ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:48 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170169
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
130ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:49 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170169
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 129ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:49 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170169
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:50 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170170
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:50 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170170
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
333 B 198ms
70ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=898&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAGAJgE5CBmfAVmIBZyHNgAvEKAWgDZjMA7gFMARjlTAhAfVQATKA3wNSmAE5CcIADZw0GAn2IAPfKWL91MIavWqo2AIZatqBAHMpcVVqgALYMAADjgApFQAgiGkAGJR0QIJAHRCWjBIIDgAtkJoSDiJ6ZlxmABuqOLAUukgANaoQlAhhABCUaRagW1hkaSk-kGhpLQRUbQxozEJAsmp6Vk5qHkFIEVD471RAMJtql0jGxuEACLYILX1jS1tsnJ7PUPktAzEPEpUtPhUAByEDO88Xy6pG2vTKsjuRDIlBoDFoPAYJC+VC2bRKdyarV6WhAbjcQlkMgQdxgThwQhRvSEJWsUmxuPxhOJpPJwLaSAcqkqAEdgABPO7ECmkdmcqQlJxwFmkbqC1m9HBwESZCSSAkYCpS7okrRkoV0vEE1wyWRCBBoGD1cEbCLa3Vy4Ucypk4BMnUskEOzmu3XHIWyNzRVCqHDAAAyIAcVulEWAqklTRO4uDAG19QzXABdWDM0ocnDJqk0tOGhBZ21CXMpkXcvlZ-hJ-PVsUSoR1yv5wKqEAEzuLVvZt3t5Od7tSBAObJlnMN5NGkMgJA1KeDmcKpUqhnqiT98tD6p1aSZbtOKSdjSm4DLslD4uE40X1AW-FXiszpvOl9DwKyQJSHA1OBPzfR0gLzYd1BKP8AKAk0YFTHEDUJGChDgpseV5NsSlg5Mm3FHR+3rbDbyNOQHyfWRkNQx0-xyT993qKRQBAWkOTxAdrxEQIoH4HIuOTAAiat+IAGkEhxJDcEBVF5ETBN8IRFxAXRZN8FYhFkkdZDgFBZLJDkkF8fiM0wQJgDwVTslOTJAhcBxkGkGAtAcNx7BKXwHCgIA
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Tue, 19 Dec 2023 08:05:50 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 15
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 240ms
151ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=4142&warpspeed=2%5EHIykD&loadID=i19L6tzWvlZL3YJ&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je3bt0v879088318z8896608294&_p=1702973142926&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1982958955.1702973143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1702973144&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_country=US&ep.page_language=EN&_et=2&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=10452
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:05:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
130ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:50 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170170
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 129ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:50 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170171
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 39ms
39ms Script
application/javascript 18.66.122.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:37:03 GMT
content-encoding: gzip
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1729
x-amz-server-side-encryption: AES256
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: lQwEyVA0uUzxerJucgwgzYlcV3Ped7ClvsepCPQBIJ_9V9S1qpqoRA==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 131ms
130ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:51 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170171
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 151ms
150ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:51 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170171
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:51 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170172
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/ 9 KB
1 KB 130ms
129ms Image
image/svg+xml 204.2.48.21
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10314/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10314/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.48.21 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:05:52 GMT
x-amz-version-id: 9zy6w68xzC0VtboioQSwQDLT607ezHMK
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ORD53-C3
age: 1170172
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/26D1cc023015-1701461948-2089235898 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 621192
content-length: 676
x-amz-meta-bundle: 10314
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc028352/[7,-,1701802950665] 26D1cc023015/[hit]
x-amz-cf-id: nTCfmdLhA7aiyTAxoymFW2jWYSc6sK2wntLjtB6__1Oe0bqfRo_unw==

GET
H/1.1 200
OK c9oz8nabheeycows.js Show response
imgs.signifyd.com/ 95 KB
13 KB 144ms
43ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/c9oz8nabheeycows.js?sp2bviwr41wai04i=w2txo5aa&fz6y8ym5dljwrp53=L2QyOWJhYmRlN2VlNjI3ZjU5OWQ0OTNiOGM3

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

83ee950a889fb1c7cb295ed82d8030ddba52675ba009d93ff25789a16c14b840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK -kyvpIk4Nf1k31lm Show response
imgs.signifyd.com/ Frame C1D8 272 KB
46 KB 50ms
49ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/-kyvpIk4Nf1k31lm?1295596c13cdd7fe=-KsW0VNS8BPeqDZtmea90o6KfmNh3lTNOEFowItM1uuhkiL_TRmfgXFai-ztNPIhwE3dWa9CD-CktB7Fk82IhUa6NJqAa-lg5T6z2fu1BBNiT49TvG5e0IzwA2S6qjBiQSJl8HC75MPsI4vsdZ4Qev7u4gcDSw-zqWKmArR8O3Hezz-a3L63KY2L2G71o3YOJJx0O7VfmznsjVqu&jb=3d3b262e6071657d355f6b666e6d757b2c607b6d375d696e6e6d77732f323a393b2462716a773d4b627065656d2e687b683f4160786565672f3830313832

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/c9oz8nabheeycows.js?sp2bviwr41wai04i=w2txo5aa&fz6y8ym5dljwrp53=L2QyOWJhYmRlN2VlNjI3ZjU5OWQ0OTNiOGM3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

d797643e0e0453bcade1546f7f875dfea3bc718c75b8dbec0a22a9aefed41979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: c235d1d61d73890c
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iKDftGMfiC8w9DW7
imgs.signifyd.com/ Frame C1D8 81 B
475 B 115ms
38ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/iKDftGMfiC8w9DW7?f0ae69ee909781da=fJc5yR9fQ_9upsb-PFkqJ1EV8xXG0UEwM3Xv0JoSYb4LKp4Ufulw40-I9PpgSF9Wcm4V5d8oqHiZu6_mV3D-7H1NVkqNAQ7Yy61qSTlDFUOojWnVXvEwpyyuaaqZhMGbA5_bo17Sf7Ue1Jh0TMDabOr_ZWGlRGKvZ2MTc2I

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1e2dpguoGXrD49Lr
imgs.signifyd.com/ Frame C1D8 81 B
475 B 121ms
40ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/1e2dpguoGXrD49Lr?3d47e8c0ebc7dd18=EVYyozTLcASw8lxeLqdz4fQhMhkm9XVwSkaPbi5lU3HHohOZLVuTEiKg-rn4EzApo443tHDqNXE6XAN0fJpwfJJYkwcz9v9MNdAD7aQ0lNbcmITbaQfIB6HHgaqdcqY0oZSGzO7C6g-ceYOqC9fPzRbiqnNzoUHIAQz1b8A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame C1D8 81 B
536 B 119ms
39ms XHR
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/-kyvpIk4Nf1k31lm?1295596c13cdd7fe=-KsW0VNS8BPeqDZtmea90o6KfmNh3lTNOEFowItM1uuhkiL_TRmfgXFai-ztNPIhwE3dWa9CD-CktB7Fk82IhUa6NJqAa-lg5T6z2fu1BBNiT49TvG5e0IzwA2S6qjBiQSJl8HC75MPsI4vsdZ4Qev7u4gcDSw-zqWKmArR8O3Hezz-a3L63KY2L2G71o3YOJJx0O7VfmznsjVqu&jb=3d3b262e6071657d355f6b666e6d757b2c607b6d375d696e6e6d77732f323a393b2462716a773d4b627065656d2e687b683f4160786565672f3830313832

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, w2txo5aa/c235d1d61d73890cl2qyowjhymrln2vlnji3zju5owq0otniogm3
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 19 Dec 2023 08:05:52 GMT
Server: Apache
Etag: 37215223f5094d7289eb446e5c7df4e0
Content-Type: image/png
Access-Control-Allow-Origin: https://www.elfcosmetics.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 17 Dec 2028 08:05:52 GMT

GET
H/1.1 200
OK wKdrMOHy1w59pb0b Show response
imgs.signifyd.com/ Frame A8F3 90 KB
14 KB 44ms
43ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/wKdrMOHy1w59pb0b?21ceb0f347bf369b=FA5CCK7HQ2i0N2DXleN5V-z-__qFPftFKw_ZSA9BIzR-YsbniCS9S0129xkJQAaFyiKMkj95hGO5kbFTDQB3kynC5WkODq6KUpy71ojtTjv23Av9ktDwhRcCOSHIWlPOvDQCIYE9ezvbiU-92SgiMLkvieLCPwRANRcBKZdZJBh7CT8BXcLVrbJhJ5mL4idqoS4uasI3t6PHGuYuG9Q

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a25a05e97f81ceb093ee6b7d2af870aa1b27a61f01055605194a6d8a2653ca21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 19 Dec 2023 08:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content 7XlScZyh-e1P_L9r Show response
imgs.signifyd.com/ Frame C1D8 0
387 B 44ms
39ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 0MzrdSEJZcGR6Zd4 Show response
h.online-metrix.net/ Frame 07C3 103 KB
15 KB 129ms
41ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/0MzrdSEJZcGR6Zd4?fded7f7dc9229b50=AcoQX5xFoj17wXTUO6SoOtNadntWLtdzZIsPuNpZl0C5dvK_ZGIX_SWPF7vKjaXgcydqcPchFX4ja5nHDSombB9BPZ4Z58SgpyGClSImHZUI97ps4H-cdrGihseM1SV6l_C7Ou_RiQs9KgRCSC6W_xK66osSFVZ-nhLyOBSeIRfaRXqBoWpc_zyVkOr5XE5HQpiKoapqrwqAzS4raj_C

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

05f4cea1873ba0ecda262bf496b7d9daf14d06014606a1ade187c49f74fd8d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 19 Dec 2023 08:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK VLPci3WhecpvP7qV Show response
imgs.signifyd.com/ Frame 78D8 90 KB
13 KB 48ms
43ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/VLPci3WhecpvP7qV?f9a0b4dd2e282c81=AxqC1bN2s8V_8YbDSx_TkPHunJj1vDgbIsZ8OV5nvut2cBvB3W7g8ZFYUXUgexIfCQZAbfrO7SPU7qP1tlxHWCaUWqdC_dxuDttoFuufvFysmOJR19TWFd8oUsWnNmu4R4zRw3gxb3pZnGPzSa4Wyjpdc57A7bYxOAEHiSkwMDAZdLDe_lx2XcxKRm5Kkn_tSN0374F-zoq3kmwPhGvb

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b1e08bd314da9953852a2bd25583e9060464b49c39157ff38569afffca94f8f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 19 Dec 2023 08:05:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 7XlScZyh-e1P_L9r Show response
imgs.signifyd.com/ Frame C1D8 0
218 B 72ms
39ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/7XlScZyh-e1P_L9r?67f07cb2a5fc7a19=3xI_JQ5yOKOt6IYfPBKiCHYjYmj8360DErpBduBtZHMsx1s2NqtOBA4DnyEaCgDyZ-b372ycz0w0Lk8I8EVfHeFVbChDD_BeUdBMErk20TZ0XW-yxCaW_WdCpFqYnS0TJ0TLXoaCRpbJsPuW3s1hSEPsIGY&ja=393a30302c2469353e3824723734322e6c3739343a3a7831383230266b6637393c32387a393030382c71727135387a382c66727a373b24333c3a302c3b30303026313c383a2e393038322c393c323a24393a3238263334383a2639303a3a2c302632266d7e3d6b30323069606b66633f3d666e6e6c6e3b6d6b3a36393b3e3f323c6839613d63266d643d3e2e79616c3f3a362664623f627c7c78712d3943273a4c2f3a447d7d772e6f6e66636573676d7e6b6b7126616f652f304c2e78643f3b2c726a353d326e30326b6136686166626f313b3b68353b3a3f6365386e31686c6a3a663c2c6a6a3538396e3b6c333431693b37653861696a3d673b326930336b3d34333b693d363b2c687167375d616c6e6577732f3030313b26607b683f4b6a7a6d6d6d2f303a393a382462796d77355d636666657d7326607162753743627a656f6d24666a63353e24646c65353a2e646f7678373a2e76706e3d457f706f706f25384e48677a6e616c26656b76627a353c32383966336b38686d613a386536696135363a30323a6b6639373d3630396c663e3d3030333c3b66346d6b6b3a366e6939346b6462643d323939393331346924647a376a7e7c787b273b4b27304e2f384e757d7d2e656664636f796d6f7c63617b2c6b6d6d2d38442c7835786e7d6d6b6c576c666971622f35456c636c736f217a647f65616c577569666e6d7d7b5765676c63635d78666b7167782f35456c636c736f217a647f65616c57636467686755696b7a6d6a6b76273d4f6c696e796f217066776769645f7b7d63616376616f652d3f476c69647b67297a6e776f636457716265636b7d6376652f354f6e6b6e7b6729726c7d6d6b64577a6d63647a6e63716f782d374f6c616c7967217066756d61645d7e6e6b5d70646b7b6f7a2d3d476e6b6e716d2b7a64776d636e5f6e6776616676782d3f476e63647165297a6e7f6f61665d7b7c655d7e636f7f67782f35456c636c736f217a647f65616c5768617e6b273f4d6e696e7b6f246564556935756f68676c5d676247462538383b2c38273a3228477a67644f442d30384f51273a3a3826322f38304362706f6d637567215d676a45442732384d4e59442d3a324d592730383b243827383a284f7a676e47462538384f512d3038454c5b462738384d5b273a3a332c382f38384162786f6d63776d295d65684363765f676a49697c2f303a5f6d6a45444b4c45444f55616c797e616e6967645f6b72786973712d314a2732384f5a5e576a6467666e5d6f616467697a2f394225383245585e5f6967666d7a5d6a77666e6f705560696464576c6e6d697e2f3b402f38304552565f66666f6b7c556064676666253b482738384d5056576c70636f556e6d727e622533482732304f585e57796a69666d705f7c6f7a7e7d7a6d5d646566273b482f3a324f52545f7e6778747f726f57696d65727a67737b636d64576a78766b2f31402d383a4d5a5e557465727675726f5f696767727a677b716967645d786f7c6b273b482730384f525c5d7e6f78747f70655f6c69667c6f705763666b73677e706578616b273b482730384f525c5d795847422f3142253830454d595d6d6e6d6f65667e5d63666c6d7a577f6b6c7c2f394a27383a4f45595d6662655f786d64666d70576f697867637a2d3b4a273a3a4d475b55797c63646e61726e5d646578697c697e6b7e677b27334a2f303a474d5b5d7c6f7a767d786f5764666561742f3142253830454d595d7c677076757a6f5d6c6467697657666b6c6d6b782d31482f32304547535f7e65727c7f706d5d60636c6e55646667697c273b48273038454f5b5d7e6f78747f70655f6261666e5564646d69765f64636c6f697a2d314a2f3032474f5957746f787465725d617278617357656062676b76253b482738385f4d404f465d616766657a5d687f66666f705f66666f6b7c2f314a273a32574d484546576b676f787867717b6f6e57766f72747578675f617974692d39402d303855454a4d4e556b6765727a6f71716d6e557c67727e75726f5d65746925394a2f3038554d40474455616565787a677b796766577e6f70767f78655f6f7663312f33482d38325f474a454c57696d67787a6d717b6f665d7c6f727c77786f5f733976632539422f3a3a554d404f4e5f6b656f7a7a6d7b716d6e5d766d727e7d706f5573337e615f737867682d39402d303855454a4d4e556c6d6a776f557067666e6f7a677855696e6c6d2533482538385d474a45445d646d7a7662577c6d7a7c7f70672d39482d303a5d45424d4e5f6478617d5768776e646d70732d39402f3a385f474a4d4e5d6465796d5d69656e746f7a742539422f3a3a554d404f4e5f657f6e7e61576c70697d33342e6d66576a373966663f6666663e373e386e666b363835653e38606f386d3f366c3837373c3c3b38366e3e3235332477676676374164766d6e2d3030416461242e7f6f6e7a374b6c7c6f662d303a4372697927323045706f664d4e2d3038476e6f636c6f2e6b6b66353a&jb=3937352e6673374567726b646663273a4c3f26322f3830285d6b6e646577792d383246562d3030393a2c3a2d3b4a273a3a556b663c3e2d31482f3230723434292f323a497a7264675f67624363762f3a4e3d313f2431342d383a2049425e4d4c2f3043253830666161672d303845656b616d232d3a384160786d6f6d2f384e33383a2e3024343039332e3b3833273a325b636669786b2f3a4e3d313f243134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK 7MdX9NwuB8qp_3CW
w2txo5aahbvg2igr5hyaxrzo3bwyy2tod6kexbczc235d1d61d73890cam1.e.aa.online-metrix.net/ Frame C1D8 81 B
438 B 150ms
41ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aahbvg2igr5hyaxrzo3bwyy2tod6kexbczc235d1d61d73890cam1.e.aa.online-metrix.net/7MdX9NwuB8qp_3CW?6809c9b904815e49=KehVXsMqiWhRTrOJmmUAiCMLtV8jWeL7VOTBOwvNyMzOxFTNC0HPvOZ-PqbjKTZro698Dxv673xsJH1KFZ5L85-l02Z1z39CQaAA22y7GOJKKXKaDQ2EJG-bEbALJI-vKhzlTcYilNf2nH6oLf7l1Re0babn2BkDSQAK

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content 9vXqHTcop7RRNLU- Show response
imgs.signifyd.com/ Frame A8F3 0
387 B 42ms
41ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/9vXqHTcop7RRNLU-?695718593546d4cb=vlBVUGj0DHxPmn622-qqC8MhmOkuCU9pwRQNjZIkDUYwbkhKRFwunfraP1wMjG9n1BId59DvvAfhaPmYmVRTBwFyUDwDxu3YZxVjhWSr8HdgNtftEwIoRQq8VQJXnztQISaETVWVNGtO1bzcIjXCQX4ZagQ&jf=3b3426647960376b3a3e343f6e30353e6e6f6d36336938393a3b37346f313c3f696669303d3464

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/wKdrMOHy1w59pb0b?21ceb0f347bf369b=FA5CCK7HQ2i0N2DXleN5V-z-__qFPftFKw_ZSA9BIzR-YsbniCS9S0129xkJQAaFyiKMkj95hGO5kbFTDQB3kynC5WkODq6KUpy71ojtTjv23Av9ktDwhRcCOSHIWlPOvDQCIYE9ezvbiU-92SgiMLkvieLCPwRANRcBKZdZJBh7CT8BXcLVrbJhJ5mL4idqoS4uasI3t6PHGuYuG9Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgs.signifyd.com/wKdrMOHy1w59pb0b?21ceb0f347bf369b=FA5CCK7HQ2i0N2DXleN5V-z-__qFPftFKw_ZSA9BIzR-YsbniCS9S0129xkJQAaFyiKMkj95hGO5kbFTDQB3kynC5WkODq6KUpy71ojtTjv23Av9ktDwhRcCOSHIWlPOvDQCIYE9ezvbiU-92SgiMLkvieLCPwRANRcBKZdZJBh7CT8BXcLVrbJhJ5mL4idqoS4uasI3t6PHGuYuG9Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 hk-odqK5f-XqWUfA
imgs.signifyd.com/ Frame C1D8 0
401 B 46ms
43ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/hk-odqK5f-XqWUfA?3931cbdadab09deb=5fgvQTRo00FREEPxmrIyhKW25RdAY_1n80HA5GmsedR29EQu7Z67Qs05yH7_cXaStdGcP39rbsHoa8Oe6Hx3H1sYP3XDqiJjMrFvwWRzSH64McRCmic-PiM4v1fw3zkwBy3OMqHizezJ56yT4-2nv2p_fOzE8Ohe-W17ClckjAVxWKf39-FGIENjR5Zhsm9wOAmFLvuN7wB9Se2VmnE&jf=3c33362e796b6e577a6666357e6670574e7c43403f60556c696054336d743e462c7161665766617c6f3f3b3f383a3b3f3933373a2c796166557e79706f3f7765683a6f6b6e7169247b6b6457616773353b3837313932333b3a3c3835386b38363e3a636539643a3a3a333834383a326932343e306b6d316c3a3132393a3d38313e3830303a36303438636c696f6030643830366c3e333f3d386c646d3c3a3a3f68686d66393b38623a3b37313c306f3939366c636e36356969356b6d6b3b3a6d3f66346c39683c3b336864626e6336653930386e69666a66383136696e643d6b3f3f3339696366393d6e39363a32633838346135683669393e616e366c30313e3d673f6c3d3a247b63665d7b636d35313a3e3530383031303a653c6e69323f643032346c3d373e6b3d6d323e693b3738326e3d306c3c63343f6034653a383f6d3a333831303538393e31393039393b316c643a6b3d3a6a3a3a3a32323a3463396c336e6e32616a636e3b626d683a683f3a3160303d32646a333839333f386138686635623b383c3d3d353b366b3237693e616c31393b33696e3a603e6c2c7b6b6c783d30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 YHVPhsFuqSSXr1QT
h.online-metrix.net/ Frame 07C3 0
400 B 43ms
42ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/YHVPhsFuqSSXr1QT?14472866cbec8c29=XFZ8tjN7z9QVWfaOEL0vUEngQpiK-EfNn-MMFocp0QS4puAjIHq5q9R9NU0V1tNDRsseVwmZsBFewgJEXLeGQCg89Mk1rnIOSYnCYkxQcNZyZM5EVZNIuhHlUL3yLsThbCa5bZhVlAEwlYZa9R4KsZIQ1EMSbJP7FKO_iFvKxyH20JxzQzKLphEAYT2qM8Yy3HiBUFy9_PfCJ3zjJFg&jf=3c33362e796b6e577a6666357e667057527f6d684562637a704342394c73435d2c7161665766617c6f3f3b3f383a3b3f3933373a2c796166557e79706f3f7765683a6f6b6e7169247b6b6457616773353b3837313932333b3a3c3835386b38363e3a636539643a3a3a333834383a326932343e306b6d316c3a3132393a3d38313e3830303a36316233373d3869323d356a31636e6933383e6b6e336e3b63676e39326a643e6e65393d3362666c386e39323a6c323d37346d39663c3b6a69613f3960676b3a3c3035693238343d66306468653c3e68646d353831643933376f6c3a6e323132313a3039326a636c6e37353b3565643e346b6c3a3331326d35383f3e673f3f3d3a247b63665d7b636d35313a3e3530383030356f386f383b633861383b356a3d64686b39313b3e3261643a38393a3b336e6332383b383368643e3e3d366c3a6e36333038303a6b3131376a39663b3c6b3e6d32383831303a3b383168666f6b39633c666c6634693e3b6f316c3c646c3c34646a3a3a6c3a3f3e35663e3b37666e373a3e3f606c613f66666c39356f3e3a6c3b693b3a316b6b2c7b6b6c783d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/0MzrdSEJZcGR6Zd4?fded7f7dc9229b50=AcoQX5xFoj17wXTUO6SoOtNadntWLtdzZIsPuNpZl0C5dvK_ZGIX_SWPF7vKjaXgcydqcPchFX4ja5nHDSombB9BPZ4Z58SgpyGClSImHZUI97ps4H-cdrGihseM1SV6l_C7Ou_RiQs9KgRCSC6W_xK66osSFVZ-nhLyOBSeIRfaRXqBoWpc_zyVkOr5XE5HQpiKoapqrwqAzS4raj_C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content 7XlScZyh-e1P_L9r Show response
imgs.signifyd.com/ Frame C1D8 0
387 B 39ms
39ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:05:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 log Show response
www.paypal.com/credit-presentment/ 0
953 B 212ms
212ms XHR
text/plain 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log?disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Tue, 19 Dec 2023 08:05:54 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f463706dbefde
server-timing: "traceparent;desc="00-0000000000000000000f463706dbefde-f84250579deff25e-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220023-FRA, cache-fra-etou8220023-FRA
paypal-related-debug-ids
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f463706dbefde-2a8483d490da887f-01
x-timer: S1702973155.798598,VS0,VE173
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 log
www.paypal.com/credit-presentment/ Frame 0
0 216ms
216ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log?disableSetCookie=true&features=disable-set-cookie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: Server-Timing
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 19 Dec 2023 08:05:54 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f463706e1b556
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f463706e1b556-01d155dd12c96944-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f463706e1b556-ea6169df50b8ebc3-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220062-FRA, cache-fra-etou8220062-FRA
x-timer: S1702973155.582313,VS0,VE177

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/

Domain: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=2761379703427;auiddc=229840579.1702973143;u6=%2F;u10=undefined;u12=undefined;u8=undefined;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=3062632826788;auiddc=229840579.1702973143;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=2046950376976;auiddc=229840579.1702973143;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;gtm=45He3bt0v896608294;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: pixel.pointmediatracker.com
URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=10837bb1-a5fc-4169-904d-48bd73223fdc&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1587114265

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=955d7053-1265-4a80-8a1d-a227069791ca&u_sclid=da39234b-c7f4-4db1-995a-8a31b98a7614

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/458359.gif?partner_uid=9695f742-a5fd-4ec5-b871-4ce29e801585

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:04:19	Name: X-AB Value: b0abdf9f9dff4cfeb2717a9960d575ec
.elfcosmetics.com/	1970-01-21 01:48:29	Name: _pxvid Value: 67b0d12b-9e45-11ee-b349-a3518f9006d1
.elfcosmetics.com/	1969-12-31 23:59:59	Name: pxcts Value: 67b0deef-9e45-11ee-b349-477f34c2a80d
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: initAuthComplete Value: true
.elfcosmetics.com/	1970-01-21 02:38:53	Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%22fc8c80d5-2c8e-2bbe-f8ab-6a5191b17c8b%22%2C%22e%22%3A1702974942934%2C%22c%22%3A1702973142934%2C%22l%22%3A1702973142934%7D
.elfcosmetics.com/	1970-01-21 02:38:53	Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%22c4902f5b-1cd5-3a93-4c4a-eb28613ccc63%22%2C%22c%22%3A1702973142935%2C%22l%22%3A1702973142935%7D
.elfcosmetics.com/	1970-01-20 19:12:29	Name: _gcl_au Value: 1.1.229840579.1702973143
www.elfcosmetics.com/	1970-01-20 17:12:57	Name: FPC Value: 10837bb1-a5fc-4169-904d-48bd73223fdc
.elfcosmetics.com/	1970-01-20 17:02:53	Name: _px3 Value: 94b439427a1f11199091d6fe3d5aa42c537afa7dfcbcb25faa03d521f7c74461:njP4DoOgQa8uxhUyXd8LCS2cfJ66UY0hW5VrYXCCh51wCVpdwrB5EgcSW9+a6mt1Z/4YIHkjztT0adykw6XdJw==:1000:in6WyP66Z5o9eKQSogPnjT2mNRl/yuhdU4wyTYS9LF1HoSj2QiQAoq9rurlljwsBmTkkmYtuHIP5eSl1SFUTC49GFUn2/X0Ehtlm78bZHz0RXchvmIL91974Se3iE0bBHkZ86i8V2TM/nVBDwpJ3qAMBEzNDZ5o+/1O4hXLTHzEuC8dFjTNwVSnvLVPUIyh84NdLsAO4Wms1Fwzqvxf6buXYBP0BCtgZeG311L5lXZ4=
.elfcosmetics.com/	1970-01-20 17:04:19	Name: _gid Value: GA1.2.465487227.1702973143
.elfcosmetics.com/	1970-01-20 17:02:53	Name: _gat_UA-432816-1 Value: 1
.elfcosmetics.com/	1970-01-20 17:02:54	Name: _dyjsession Value: emwfnf2ooun697emq1roq1cdfbfky29s
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.elfcosmetics.com
.elfcosmetics.com/	1970-01-20 17:02:55	Name: _dy_csc_ses Value: emwfnf2ooun697emq1roq1cdfbfky29s
.elfcosmetics.com/	1970-01-20 17:46:05	Name: _dy_c_exps Value:
.elfcosmetics.com/	1970-01-21 01:48:29	Name: _dy_soct Value: 647796.1248068.1702973143.emwfnf2ooun697emq1roq1cdfbfky29s836603.1652212.1702973143837245.1654610.1702973143*861617.1750272.1702973143
.doubleclick.net/	1970-01-21 02:24:29	Name: IDE Value: AHWqTUnSy45zeB5mqBM3k4KnqOBEKjXZLh9IDf2LYUdjgtpxO8ciN7DAELH5PfKy7Hg
.elfcosmetics.com/	1970-01-21 01:48:29	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Dec+19+2023+09%3A05%3A43+GMT%2B0100+(Central+European+Standard+Time)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=b4da2556-4ab9-4c89-80b2-c5f11df0e85b&interactionCount=0&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.dynamicyield.com/	1970-01-21 01:49:55	Name: DYID Value: 90072234768551639
.elfcosmetics.com/	1970-01-20 17:46:05	Name: _dycnst Value: dg
.elfcosmetics.com/	1970-01-20 17:46:05	Name: _dyid Value: 90072234768551639
.elfcosmetics.com/	1969-12-31 23:59:59	Name: _dyfs Value: 1702973143916
.elfcosmetics.com/	1970-01-20 17:46:05	Name: _dycst Value: dk.w.c.ws.
.elfcosmetics.com/	1970-01-20 17:46:05	Name: _dy_geo Value: DE.EU.DE_.DE__
.elfcosmetics.com/	1970-01-20 17:46:05	Name: _dy_df_geo Value: Germany..
.elfcosmetics.com/	1970-01-20 17:46:05	Name: _dy_toffset Value: 0
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: scapi Value: prd:72ff787d-1784-4912-8b77-0b13f4b76959:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiJmODQ1NDdkOS03YjE0LTRkMDItYjkxMC1iODM1OTAxNWE1MzEiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjcyZmY3ODdkLTE3ODQtNDkxMi04Yjc3LTBiMTNmNGI3Njk1OSIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwMjk3MzExNCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YWJsWGhLeEhBMmwwb1JrckEybGFZWW1yY1c6OmNoaWQ6ICIsImV4cCI6MTcwMjk3NDk0NCwiaWF0IjoxNzAyOTczMTQ0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM0MTE3MzcwOTQxMzcyOTMzIn0.RlKJMib8utP8FS03G_v-V-9kohxfmXmFafvweJLZISXc2GKznSFw3GPzsAxTsV_UusjwjrZct_8HTPoERFDqGA
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: xR9tkwBTMZMDMr8FTp1Vw4GDYDATVzN5qVS6KC2zkSyeHUhoov9Kczi69s-OZeZczxcZmlOyBV2Jcd5D5AIu6A==
www.elfcosmetics.com/	1970-01-20 21:22:05	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: ablXhKxHA2l0oRkrA2laYYmrcW
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
.elfcosmetics.com/	1970-01-20 17:46:05	Name: rmStore Value: dmid:9097
.elfcosmetics.com/	1970-01-21 01:48:29	Name: og_session_id Value: 1e72a9589c4f11e9a62ebc764e10b970.380927.1702973145
.elfcosmetics.com/	1970-01-21 02:32:39	Name: _scid Value: cf5546ea-04fd-4914-9e80-716da6062ac8
.elfcosmetics.com/	1970-01-21 02:32:39	Name: _scid_r Value: cf5546ea-04fd-4914-9e80-716da6062ac8
.tiktok.com/	1970-01-21 02:24:29	Name: _ttp Value: 2ZkjoMf7E1hOhWWDYAKMIyzaCmo
.elfcosmetics.com/	1970-01-21 02:38:53	Name: _ga Value: GA1.1.1982958955.1702973143
.elfcosmetics.com/	1970-01-21 02:38:53	Name: _ga_ZLYXLXNDL8 Value: GS1.1.1702973144.1.1.1702973144.60.0.0
.elfcosmetics.com/	1970-01-20 19:12:29	Name: _rdt_uuid Value: 1702973144646.78de7ebe-68e4-4e29-af1b-a015e10d3914
.elfcosmetics.com/	1970-01-20 17:04:19	Name: _uetsid Value: 690c0e409e4511eea81c9f697680a0ce
.elfcosmetics.com/	1970-01-21 02:24:29	Name: _uetvid Value: 690c2f909e4511ee8b97d9a53db2c031
.elfcosmetics.com/	1970-01-20 19:12:29	Name: _fbp Value: fb.1.1702973144746.1717534148
.snapchat.com/	1970-01-21 02:24:29	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRUAIAQFwIm8F+HXOJKmMHx34mGnosgMQfqk6MRKqkQK6wV8djOGbExW7fEBlnWyETIAAAA=
.elfcosmetics.com/	1970-01-21 02:32:17	Name: _cs_c Value: 0
.elfcosmetics.com/	1970-01-21 02:32:17	Name: _cs_id Value: 1b6dd0c6-97c5-aee3-dc26-a1f9793b11c1.1702973144.1.1702973144.1702973144.1558384338.1737137144851
.pinterest.com/	1970-01-21 01:48:29	Name: ar_debug Value: 1
.elfcosmetics.com/	1970-01-21 01:48:29	Name: _pin_unauth Value: dWlkPU9XTTVPV0U0TnpBdE5UUTJaQzAwTWpsbUxUZ3lPV1V0WlRNM1lqSXpNakJpWldZeQ
.elfcosmetics.com/	1970-01-21 01:48:29	Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a Value: author=client&expires=1734509145026&visitor=38e0b7c2-c36f-4a60-9f24-d16e9a41f5bb
.elfcosmetics.com/	1970-01-21 02:24:29	Name: _tt_enable_cookie Value: 1
.elfcosmetics.com/	1970-01-21 02:24:29	Name: _ttp Value: yLL-vHNgBIyH9MMTqPT104WDZk5
.linksynergy.com/	1970-01-21 01:48:29	Name: rmuid Value: 9695f742-a5fd-4ec5-b871-4ce29e801585
.elfcosmetics.com/	1970-01-20 17:02:54	Name: _cs_s Value: 1.5.0.1702974945357
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: WfqJrTzawteQj8p5Sbhg7R1mhA4v3sA9Ouk
www.elfcosmetics.com/	1970-01-21 01:48:50	Name: _dyid_server Value: 90072234768551639
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
www.elfcosmetics.com/	1970-01-20 17:04:19	Name: currentLocale Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: ablXhKxHA2l0oRkrA2laYYmrcW
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
imgs.signifyd.com/	1970-01-21 02:38:53	Name: thx_guid Value: 74558840bd26dbe1265f9ecc9983ebf8

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.elfcosmetics.com/(Line 362) Message: Access to image at 'https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_' from origin 'https://www.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=10837bb1-a5fc-4169-904d-48bd73223fdc&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1587114265 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://connect.facebook.net/signals/config/1638306756445368?v=2.9.138&r=stable&domain=www.elfcosmetics.com(Line 146) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10265292.fls.doubleclick.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
adservice.google.com
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
api.bounceexchange.com
api.ipify.org
api.usehero.com
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
c.contentsquare.net
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.usehero.com
collector-pxxt4gy2ig.px-cloud.net
connect.facebook.net
ct.pinterest.com
data.cdnbasket.net
e.cdnwidget.com
elfcosmetics.a.bigcontent.io
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
h.online-metrix.net
ids.cdnwidget.com
idsync.rlcdn.com
imgs.signifyd.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
page.cdnbasket.net
pixel.pointmediatracker.com
px.dynamicyield.com
qoe-1.yottaa.net
region1.analytics.google.com
s.pinimg.com
sc-static.net
sdk.iad-05.braze.com
srm.ba.contentsquare.net
st.dynamicyield.com
static.ordergroove.com
stats.g.doubleclick.net
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tag.wknd.ai
tr.snapchat.com
tr6.snapchat.com
ut.rd.linksynergy.com
view.cdnbasket.net
w2txo5aahbvg2igr5hyaxrzo3bwyy2tod6kexbczc235d1d61d73890cam1.e.aa.online-metrix.net
websdk.appsflyer.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
cdn-fsly.yottaa.net
idsync.rlcdn.com
pixel.pointmediatracker.com
tr.snapchat.com
www.paypal.com
104.102.49.120
104.237.62.212
140.174.14.81
142.250.185.226
143.204.207.250
151.101.129.21
151.101.130.133
151.101.192.84
151.101.193.140
151.101.65.35
18.173.233.26
18.66.122.16
18.66.248.96
184.86.103.223
184.86.251.219
192.229.221.25
2001:4860:4802:34::36
204.2.48.21
204.2.48.27
216.58.206.38
2600:1901:0:56e0::
2600:9000:2156:4800:11:85b0:d600:93a1
2600:9000:2240:ca00:13:d6f4:3240:93a1
2600:9000:2250:6400:15:ad21:c740:93a1
2600:9000:2315:f400:a:b89d:a6c0:93a1
2600:9000:2440:bc00:a:7914:b00:93a1
2606:4700:4400::ac40:9b77
2606:4700:4400::ac40:9ba6
2606:4700::6812:82ec
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a02:26f0:3100::210:6e29
2a02:26f0:3500:11::215:14ca
2a02:26f0:480:1a::5f65:6fb0
2a02:26f0:480:5af::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::396
34.102.147.248
34.102.193.48
34.111.8.32
34.117.200.186
34.120.253.250
34.149.118.76
34.149.175.90
34.197.232.195
34.98.67.3
34.98.72.95
35.190.10.96
35.190.43.134
35.71.131.137
52.19.184.255
52.19.250.192
52.51.202.206
52.58.17.145
91.235.132.130
91.235.133.113
91.235.134.131
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
05e8557d6c14eb7f8be444f62079a61bd76decf9dec4d7c08a99e0cdf7614bef
05f4cea1873ba0ecda262bf496b7d9daf14d06014606a1ade187c49f74fd8d77
064dbd118f8b2a84c57b755bcc86b4b270eb37e6517fafd368717f577650416f
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07db4ac1f0efab00657070a16444c3e26a7ff82ead6d8d394d6690bc0c5b20f8
0f0f6bc09ddb2d0086746dc057765e688f7d6f5757bc4005b851a65844c0228d
17667aa1c9106e83b4b37e812a1a38e3c0f8eab8af57d1692fcd1319b273cef3
19b9a6628fa003af26766ce1578420be5068227a572c78f0e20b53e2f2fc1886
1a09824b6d7bbd0f5e82a23d14da408abfba60d02f5bdb48309d3ab6ca61bb1f
1a1fe89f11a11d89299028b565a99569e2aa5df3055ce514ba4dec2a8f0fe4fa
1aa7589d86d72080b48af1c61f8c80d85bdac1ef35dba805a6a774f3fddd353c
1f47efd947dd0389c786ba03dddd75b159d9c3cf82ccb9c7906f5068fd98c9a4
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23a58db0c994eaa767dcae71119d117fa216ff7848bfa70409236ffd8ad5bc09
2825fb815f5d2d6dbecd08123f285baf2cc975a4e6081b83984eb21b12fdc15d
2a049bbbfd32b5dcfd10c674a39c892840517b61b0d66379440ee6e0787087de
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c8574ba42424a1dcf02c58fda5e3482e2262e0b0dddd09e5935bd94e5eba03e
2cbbbdb077714b1ae5c9c94c6b39f0ec38b2b197abab923f65da6096e29f38c7
2e03b05f73692277e95913a7a211c7bd2aadd55c713d981e00f2be57de92fb09
2ec449e2cd9bb534011999e5a7eeb555f56a4b9a6b9ab2bbf1d63c88fb5d643b
305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c
30766af54516bbc623c690d7506f7d86b6c987acbcc1229debb7dff8f463459b
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
34bc60d7275469472c12501ced1e1f2425cd1142891b6a44be31c0cc8ea8de39
351305d07b471b867709d3dfcab307b35d599a45c0af889f9cd49d215ea940c0
35a9a1afad5f8e15a666e1cd96b459cf9be51716d9cc3274ed17d244df516ba0
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39657f7f198608406cab1de96720a22549e6b6d918db8dfdd0f5ef9ab84ef17c
3a2b3b5ecaa7d5c67e5e28f9712ebcf28a592c7191e24bcde25cc5bb374cbf7b
3aab86e942e1129d6a4b085559f443e439951fb4f2b9b436cf2bc6b89e4576f3
3aef09c7f6e83ea86380a571a2b8022013124a10daeb65c884e8d8facb9a93cf
3bcb05241dd20b750dde4659a28dbf9e347274015d349db9b7573b0217f3048d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
42abcbe91cd43f8ba5d6b6e52b21c570a830ad4bbf5d3dcd05725c8c4c189d30
42aff953f53b31dfd383ca981773b66f8d5afa8f5a6a0ca8e2f4d5fa49f289fd
42be273cdb44ad97e3d92990191e0d9cd584596b5d2bad27bc4268ddf04b81aa
4358d95ed843273750f6301a75ad4282b7f32fbf25d9bfc0d7c1ed220f526673
45ac5ea85046c8347b4288337d031a9af9c711835f440479939352ef78880d06
492089eb26d76de63f9a84fcaac2842118c9ada02469953265e4b6d13ae8da5a
4a8475011dd2c6d590b134ba595ab49514a1b7972c13f1e78eec218ad3fd8e5b
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4ced0fee074cf929b61105662cb0290fbe379b635618cddedf89670fb1f61d3c
4dcdfd275696be50bb9d6a6c242f3920901deeddd0376957438fd3d6d13bac60
4df03c8820c08fb3cad1c9deae2b4518b016884c76a5ff944562dee27143bce6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f770b32793546ad41060cc03c06e4a744b10e9ae4af0b2b0522cfcf1fb33285
4fc6b382f1e5cb36ebe064743297eb2a63a992880b4acef85cd010615f3ff203
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
50b1bcbef31c67241e0c72b2cb88748d6fcf592934ac177ce50fff1adf0f8864
5170e41ae66e0b007c0e58dc16c1d484d0d5bc6efdac1b267a137451678cb0e9
51df0d98b0f0e8c2cac95487e6689ca1364f2730305054cb1136fb76bef0fad4
53a267fda006f16d6fdb54ee764922a3fe61a8b6ef2972ae8c60d93e306bb1eb
55245d1dbef4c5307f1e4b89913f51d27a2bd76d9d4130bcfc48c1438ce27232
5789f9b6e09d2d09751f44ca96e5ccec48a87b4fb900a1b4584ffd7f55f4ac7a
57b5fadea258092c47cb3ad1f5ca816ed7a03c194c96b14a59e3bd606284616a
57e461c9b78558e62478cca713658387eaf54afe6ae0a8128ee38e5846b4d6d8
59dc04765d590977d90bd31313b88d1d06165763a8d4afcc253042d5af3da7aa
5b5708cc5b8b314dd2557eda786034a5ff82371793183507a9e2aecdfaa2a5ad
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
600bbb8b809adb7b5e217a26193ecd36e26e70d1531a8ab502ecb27217ffcb74
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
613a0081b64a7df6a20f9ba46cd384e4061e288f439ba8755cd664fbad3177c8
668aa9986154c66db7b479ade413370fec61bdc181337553f80f5fdc01990c4f
67de408751cb51c1212f834c6a1acbccc5b75a4c9077b3a6ef9dc3b921976946
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6926f603f29d573e290bafb91f5935a70081ea3ade2e6c21550fe8f1f0eb5cb1
693981887c2367a3d5252369061d28104b3892620b29fc87835545930652dc5e
6b02f9e36822c74ddfebf00ddefddc4e0de3eccf0561ee9957f66e6db9b189d0
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6d94a521fbcd54759eb00ca491c7a73140f5fca871780d6ae4fa500ecc900b1f
6f1fbaa21c7059013bd12b13d5514363d360c37f4aa1f4cb73e0210b66ac29e2
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
71921c08d23b38e51e058eada807118e283f186dc2d0774c007ca949d72d8b2d
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
76675c18234268d2b80fd89fb5ccfa002faee403145d6d4414dcb509d2fb8318
7779966748e61159baa9833b73760bf5a9e9e9608dfa9da8b6a695d1bb7f74e0
7bab85eaa8d74cec964409d9e0a5c6d7ed0000b23b6400c562333c6483761ca2
7d6b2e34f8baa2cbb0d0352ba4401894ca78bd0e98a8f0259798be00d3f9f4ec
828011e932c7f65177e00c50ef88564628178b9d3190845404b02e3132a14c90
83ee950a889fb1c7cb295ed82d8030ddba52675ba009d93ff25789a16c14b840
84b685793a964cff73c34f58e643b408a0fd3a0288587b286c9c363343de3fac
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f59d703d0b1d725164e6c05afc445733c53a43d2f9bc0ccc3663992cee50a8
86c8f692dd1cfef71c154e81ee3214e5dd925faea5effd3c03d6ac23f7ae3811
883e7b5ce15510cdbf863fcef5d7c8c0d6b6cf430118c4c91a60acdda6766ed3
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
8aa6dcd76299abb9a120143e813174c9e867ff08f4881a039be575b263c443cb
8b21dc24e4a1a9e9b757a870579764f00de1978c59283d8ad57578fe7b23c612
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dea6b2240fed7b9dccb7a71b05a27a2b41908306b12c498c2c718856568a3cd
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9045cfa088cf8ef1a5e30595ca007783ae735876179f0945cbf4acbfe2dca0c2
92714e4244e5119fccd72504205204da807e7a285a74e1279928bf924213192f
93247c5460fc5b964990554c3832ffac8784758c74c9c579c2afdab819bf7523
94042480248a965c3a5ac3d06cfd09ed636d65bc95ef9191fd42c8e03dcf8356
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9625a08bb78a6f43c562c670311c9f1da09d44d574370bac0b3f235df7fafacc
972bde91336d3016691b2c0a7344b98e75832bd548766325965a91857b9253f6
9741cbf3afc0b4d9c236d8e2de6aafa7db8f463060fc76fc4ba0b4e7a44bb5a7
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77
9a77cbb7b054563b83506932790e70186ba3a92e69a147216e3176337178adbb
9cb982ee022f56467725ed9a10ea3bdb3d47fa91fcb4f08ae3d3e67d952abb4d
9dce54df0bff5560ae9ccdce2979cb5df5239a2e5c13757c2d79d4ba8a933800
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a19915f513441bab259dbf5472a9501139e4eda8d1891ca5a0bd4efd6d60dd4d
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a25a05e97f81ceb093ee6b7d2af870aa1b27a61f01055605194a6d8a2653ca21
a33177a1b1a44698bc85bc710dfd4a6aba8bbe329db64dbb0622c894a1c05cbd
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a62ecfac9be5d8026c245085929d25293b32182ca48b79a285fcf8078afa1057
ab12e815caea6aba8fe2da60e7d298cccb649166f81926ff64e5dc56ea526522
ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1e08bd314da9953852a2bd25583e9060464b49c39157ff38569afffca94f8f4
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b2a10b85496fee0f9aecff53144f408afbefe7ddff9cd4562ecf2dde0015b74d
b837967236555a4a648cae116e9145a08928bcee2bbe7da208d18ab261980491
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be26eb3fda8ce26fcf39cabb2d7d4f56a8524e31a343f6db6b1c4e255c4c89d2
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
c545904502fadb03eaa05ac75bfc0fb7cdb688e0ac87f5b5523227ec9c162a1a
c5f8728e05c4ddcb70ac83be78fed829d61607d2e0aaef5956c0f199c05101e5
c65c0caf9c1f9d66f98f5bdadfa4e428f4218a66d3ecc95452e5a7f3e8a193f6
c84b22a82e355aed366691443f458b30c1bd96a12654a3890ee5de452b932134
c8569d70e399e53a5390312dc85f31c52866df7209e3bc1415b3166395358b6f
ca0a766a064104105db7a847ffd8d594fb8556d364f724916f30a3e45a1ebab4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8eca92fa9d540f2a3e4d29b789f660e7dcf9f4558213cdfa3169050b876ad4
ccf13d8d8e03517db0b94a7cf7e957cd76b9a5385ef2f0e5b8e8b46038dc6a3d
cdf7bcd9a3771b6fbbffc10448c9c21877e8981258cd92fc9c9d927c5811fba2
ce86bf37c65e05b60c7c2f04f8fcd5b11cd4f467ac76c9ea03f949ba7daf2b7b
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872
d499b3ff1407d606428473d286b43f199b24695f3278f4f18a0c4c3e9231ad66
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d72f9c903649c61403074b89f5a3e131c7c8cec04792e7407d30b0a2f4ae72bd
d797643e0e0453bcade1546f7f875dfea3bc718c75b8dbec0a22a9aefed41979
d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3
dbe5c43e74296f45dcd834dd01fdb27aad4ab4268b55e15bb122c0aa01a3cb05
dcc30a9ae08d09e21d3a027af0b2a6e74c2c3edcfe70d8ce146443ffe9de4bee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6bbc21b57cdc530709cee168201f839964ba952636947aa9f5b158301efd81
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
dfc983293c9baf693a719da3c69be679cbe8aea18c8f35a7abfef41f14800e9c
e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17
e1df881dfa3c790fb46a3ab0d0edd13cfaf25c0c369cca89ec8115cfdf338236
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44d9f1131ad40d59d181647ff28fe44048f8634d9edc98434d20eb0c486103b
e6622880ea066233fd39f4cb50877f2b7c15e3ed9f1bb474f082edf0a1c43215
e8528d4cdd9a7b127f058fe8aef04b91b7f0d0eee2ea03131fdad36a2c6bfd67
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ecd1fb7d50ee35ca25a2f9a2a0f3792e45652d1fc5b114d1145bc60ab52484d2
ed9cdc2234af19f448c0286d39c191c6d18f4d2074d9c73c2c27df4707d94682
edb62b71a7155d8632d9681adb60e9fe5ef4410bd93b21a8b9766bfe089ada26
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f940649197820a283c1c29819c9cb412f28ce7e9eec5317d6c0cdfab0f58d9fe
fa27517558920a5fd9635a5b2fac5e518e17df8581608eb2be189291b2ef2fb5
fb079566c692c91b5461dfe62f2832be2b1779eb259a69aaeb21a5da533ec62a
fdcea4140994d001b48a9123d3a6072eba2711cfd4eaeda3778702a3c4af9ddf
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
fefb33be06f1fbc165a780669fe623867eb865ac7f66c1b555f50e21df9fb309
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

www.elfcosmetics.com Open in urlscan Pro 204.2.48.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

290 Requests

96 %HTTPS

39 %IPv6

46 Domains

69 Subdomains

64 IPs

4 Countries

7347 kBTransfer

35474 kBSize

61 Cookies

16 Outgoing links

Page URL History

Redirected requests

290 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.elfcosmetics.com Open in urlscan Pro
204.2.48.21 Public Scan

Screenshot
Live screenshot

Full Image

290
Requests

96 %
HTTPS

39 %
IPv6

46
Domains

69
Subdomains

64
IPs

4
Countries

7347 kB
Transfer

35474 kB
Size

61
Cookies

290 HTTP transactions
3 data transactions