www.elfcosmetics.com Open in urlscan Pro
204.2.49.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.elfcosmetics.com/
Effective URL:
https://www.elfcosmetics.com/
Submission: On February 06 via api (February 6th 2024, 5:35:35 pm UTC) from US — Scanned from DE

Summary HTTP 287 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 65 IPs in 4 countries across 46 domains to perform 287 HTTP transactions. The main IP is 204.2.49.170, located in United States and belongs to YOTTAA-AS-1, US. The main domain is www.elfcosmetics.com. The Cisco Umbrella rank of the primary domain is 88499.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 25th 2023. Valid for: a year.

This is the only time www.elfcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.2.49.172 204.2.49.172	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1 101	204.2.49.170 204.2.49.170	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	2a02:26f0:350... 2a02:26f0:3500:14::1724:a258	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	2a02:26f0:350... 2a02:26f0:3500:14::1724:a24a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
4	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2251:4000:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.237.62.212 104.237.62.212	18450 (WEBNX) (WEBNX)
4	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:8e00:11:85b0:d600:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:1000:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	18.66.112.72 18.66.112.72	16509 (AMAZON-02) (AMAZON-02)
1	140.174.14.83 140.174.14.83	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	23.197.142.200 23.197.142.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1491	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:236... 2600:9000:236e:a600:13:d6f4:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:880::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
6	2.16.1.185 2.16.1.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:206... 2600:9000:206f:5600:a:7914:b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	34.49.124.132 34.49.124.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.51.70.67 52.51.70.67	16509 (AMAZON-02) (AMAZON-02)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:710... 2a02:26f0:7100::687e:24f3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.157.236.34 18.157.236.34	16509 (AMAZON-02) (AMAZON-02)
2	52.30.246.4 52.30.246.4	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
4	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	104.77.153.43 104.77.153.43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.177.128 34.149.177.128	15169 (GOOGLE) (GOOGLE)
1	34.98.88.136 34.98.88.136	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.95.121.138 34.95.121.138	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	34.241.27.113 34.241.27.113	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.54 18.66.122.54	16509 (AMAZON-02) (AMAZON-02)
12	91.235.133.113 91.235.133.113	30286 (THM) (THM)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	2600:1901:0:5... 2600:1901:0:56e0::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
287	65

1 204.2.49.172 (United States) 1 redirects

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

101 204.2.49.170 (United States) 1 redirects

ASN393259 (YOTTAA-AS-1, US)

www.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:14::1724:a258 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.c1.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:26f0:3500:14::1724:a24a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.media.amplience.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn-fsly.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxxt4gy2ig.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:4000:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.237.62.212 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:8e00:11:85b0:d600:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.cnnx.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

10265292.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:1000:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-72.fra56.r.cloudfront.net

async-px.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.174.14.83 (Frankfurt am Main, Germany)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.142.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-142-200.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1491 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:a600:13:d6f4:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:880::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.1.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-185.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:5600:a:7914:b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.49.124.132 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.124.49.34.bc.googleusercontent.com

sgtm.elfcosmetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.70.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-70-67.eu-west-1.compute.amazonaws.com

api.usehero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:7100::687e:24f3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

elfcosmetics.a.bigcontent.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.236.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-236-34.eu-central-1.compute.amazonaws.com

external-api.jebbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.246.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-4.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

conversions-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.77.153.43 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-77-153-43.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.177.128 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 128.177.149.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.88.136 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 136.88.98.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.121.138 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 138.121.95.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.27.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-27-113.eu-west-1.compute.amazonaws.com

srm.ba.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-54.fra60.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.235.133.113 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

w2txo5aaoeoayg7qbizfu2xazffllap2al7ehn5oe6755a978d8a9ab1am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	elfcosmetics.com 2 redirects www.elfcosmetics.com — Cisco Umbrella Rank: 88499 sgtm.elfcosmetics.com	526 KB
22	amplience.net cdn.c1.amplience.net — Cisco Umbrella Rank: 57643 cdn.media.amplience.net — Cisco Umbrella Rank: 14699	2 MB
14	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8946 imgs.signifyd.com — Cisco Umbrella Rank: 7684	95 KB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	323 KB
11	paypal.com www.paypal.com — Cisco Umbrella Rank: 3015 t.paypal.com — Cisco Umbrella Rank: 3523	239 KB
10	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 8995 st.dynamicyield.com — Cisco Umbrella Rank: 8356 async-px.dynamicyield.com — Cisco Umbrella Rank: 8465	232 KB
9	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2171 api.bounceexchange.com — Cisco Umbrella Rank: 2497	166 KB
8	doubleclick.net 9231397.fls.doubleclick.net Failed 10742279.fls.doubleclick.net Failed 10265292.fls.doubleclick.net — Cisco Umbrella Rank: 728870 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	8 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	1 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	146 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6518	905 B
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	5 KB
4	bigcontent.io elfcosmetics.a.bigcontent.io — Cisco Umbrella Rank: 129492	9 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 922 tr6.snapchat.com — Cisco Umbrella Rank: 1368	711 B
4	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3681 c.contentsquare.net — Cisco Umbrella Rank: 4361 srm.ba.contentsquare.net — Cisco Umbrella Rank: 18558	70 KB
4	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3655	676 B
4	px-cloud.net collector-pxxt4gy2ig.px-cloud.net — Cisco Umbrella Rank: 268910	2 KB
4	yottaa.net cdn-fsly.yottaa.net — Cisco Umbrella Rank: 21801 Failed qoe-1.yottaa.net — Cisco Umbrella Rank: 9399	1 MB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 2734 w2txo5aaoeoayg7qbizfu2xazffllap2al7ehn5oe6755a978d8a9ab1am1.e.aa.online-metrix.net	16 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2611	33 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 4810 page.cdnbasket.net — Cisco Umbrella Rank: 4821 view.cdnbasket.net — Cisco Umbrella Rank: 4825	1014 B
3	jebbit.com js.jebbit.com — Cisco Umbrella Rank: 48268 external-api.jebbit.com — Cisco Umbrella Rank: 55964	61 KB
3	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 637	445 B
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3905 e.cdnwidget.com — Cisco Umbrella Rank: 15188	335 B
2	reddit.com conversions-config.reddit.com — Cisco Umbrella Rank: 673835 alb.reddit.com — Cisco Umbrella Rank: 1450	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	71 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 376	13 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	usehero.com cdn.usehero.com — Cisco Umbrella Rank: 50741 api.usehero.com — Cisco Umbrella Rank: 46701	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 2768	442 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	215 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2898	822 B
1	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 8108	405 B
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4513	6 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1335	9 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1260	18 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4670	12 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 7583	15 KB
1	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 28713	42 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	304 B
1	cnnx.link js.cnnx.link — Cisco Umbrella Rank: 9292	1 KB
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	pointmediatracker.com Failed pixel.pointmediatracker.com Failed
287	46

	Domain	Requested by
102	www.elfcosmetics.com	2 redirects www.elfcosmetics.com cdn-fsly.yottaa.net
21	cdn.media.amplience.net	www.elfcosmetics.com
13	cdn.cookielaw.org	cdn-fsly.yottaa.net cdn.cookielaw.org www.elfcosmetics.com
12	imgs.signifyd.com	www.elfcosmetics.com imgs.signifyd.com
9	www.paypal.com	www.elfcosmetics.com www.paypal.com www.paypalobjects.com
8	assets.bounceexchange.com	www.elfcosmetics.com
6	analytics.tiktok.com	www.elfcosmetics.com analytics.tiktok.com
6	async-px.dynamicyield.com	cdn.dynamicyield.com
6	www.google.de	www.elfcosmetics.com
5	www.google.com	1 redirects www.elfcosmetics.com
4	ct.pinterest.com	s.pinimg.com www.elfcosmetics.com
4	elfcosmetics.a.bigcontent.io
4	googleads.g.doubleclick.net	1 redirects www.elfcosmetics.com
4	sdk.iad-05.braze.com	cdn-fsly.yottaa.net
4	collector-pxxt4gy2ig.px-cloud.net	www.elfcosmetics.com
3	www.paypalobjects.com	www.elfcosmetics.com www.paypalobjects.com
3	tr.snapchat.com	www.elfcosmetics.com sc-static.net
3	insight.adsrvr.org	www.elfcosmetics.com
3	cdn.dynamicyield.com	www.elfcosmetics.com
3	cdn-fsly.yottaa.net	www.elfcosmetics.com
2	h.online-metrix.net	imgs.signifyd.com
2	cdn-scripts.signifyd.com	www.elfcosmetics.com
2	t.paypal.com
2	c.contentsquare.net
2	sgtm.elfcosmetics.com	www.googletagmanager.com
2	connect.facebook.net	www.elfcosmetics.com
2	bat.bing.com	www.elfcosmetics.com
2	js.jebbit.com	www.elfcosmetics.com
2	s.pinimg.com	www.elfcosmetics.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	10265292.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.elfcosmetics.com www.google-analytics.com
2	api.ipify.org	cdn-fsly.yottaa.net
2	www.googletagmanager.com	www.elfcosmetics.com
1	e.cdnwidget.com
1	api.bounceexchange.com	www.elfcosmetics.com
1	ids.cdnwidget.com	analytics.tiktok.com
1	w2txo5aaoeoayg7qbizfu2xazffllap2al7ehn5oe6755a978d8a9ab1am1.e.aa.online-metrix.net
1	srm.ba.contentsquare.net	analytics.tiktok.com
1	view.cdnbasket.net	analytics.tiktok.com
1	page.cdnbasket.net	analytics.tiktok.com
1	data.cdnbasket.net	analytics.tiktok.com
1	tr6.snapchat.com	sc-static.net
1	www.facebook.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	alb.reddit.com
1	conversions-config.reddit.com	www.redditstatic.com
1	external-api.jebbit.com	js.jebbit.com
1	ut.rd.linksynergy.com	www.elfcosmetics.com
1	region1.analytics.google.com	www.googletagmanager.com
1	api.usehero.com	cdn.usehero.com
1	tag.wknd.ai	www.elfcosmetics.com
1	t.contentsquare.net	www.elfcosmetics.com
1	www.redditstatic.com	www.elfcosmetics.com
1	sc-static.net	www.elfcosmetics.com
1	www.googleadservices.com	www.elfcosmetics.com
1	cdn.usehero.com	www.elfcosmetics.com
1	websdk.appsflyer.com	www.elfcosmetics.com
1	tag.rmp.rakuten.com	www.elfcosmetics.com
1	static.ordergroove.com	www.elfcosmetics.com
1	qoe-1.yottaa.net	www.elfcosmetics.com
1	adservice.google.com	10265292.fls.doubleclick.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	st.dynamicyield.com	www.elfcosmetics.com
1	js.cnnx.link	www.googletagmanager.com
1	cdn.c1.amplience.net	www.elfcosmetics.com
0	idsync.rlcdn.com Failed
0	pixel.pointmediatracker.com Failed	www.elfcosmetics.com
0	10742279.fls.doubleclick.net Failed	www.googletagmanager.com
0	9231397.fls.doubleclick.net Failed	www.googletagmanager.com
287	70

This site contains links to these domains. Also see Links.

Domain
cdn.dynamicyield.com
st.dynamicyield.com
rcom.dynamicyield.com
www.tiktok.com
www.instagram.com
www.pinterest.com
www.facebook.com
www.youtube.com
twitter.com
www.snapchat.com
www.linkedin.com
www.elfbeauty.com
elfcosmetics.onelink.me
preferences.elfcosmetics.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.elfcosmetics.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-25` - `2024-10-25`	a year	crt.sh
c1.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-06` - `2024-10-23`	a year	crt.sh
dm.amplience.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-20` - `2024-08-14`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2023-09-13` - `2024-10-14`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-09-13`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-09-03` - `2024-10-01`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.iad-05.braze.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-27` - `2024-08-27`	a year	crt.sh
js.cnnx.link Amazon RSA 2048 M02	`2023-07-11` - `2024-08-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2023-08-04` - `2024-08-17`	a year	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2024-01-31` - `2024-04-30`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-01-24` - `2024-08-21`	7 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.usehero.com Amazon RSA 2048 M02	`2023-08-28` - `2024-09-24`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.jebbit.com Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
tag.wknd.ai R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-15` - `2024-02-13`	3 months	crt.sh
sgtm.elfcosmetics.com GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
api.usehero.com Amazon RSA 2048 M03	`2024-01-06` - `2025-02-03`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.bigcontent.io GeoTrust TLS RSA CA G1	`2023-03-14` - `2024-04-13`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2024-01-23` - `2025-01-22`	a year	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M01	`2023-03-20` - `2024-04-17`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2024-01-19` - `2024-04-18`	3 months	crt.sh
data.cdnbasket.net GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2024-01-13` - `2024-04-12`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
srm.ba.contentsquare.net Amazon RSA 2048 M02	`2023-11-07` - `2024-12-06`	a year	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2023-10-20` - `2024-11-20`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh
ids.cdnwidget.com R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
*.wunderkind.co R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
e.cdnwidget.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.elfcosmetics.com/
Frame ID: 61678E015727F4BB211927348F79E406
Requests: 257 HTTP requests in this frame

Frame: https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5450069118511;npa=0;auiddc=1628542943.1707240924;u6=%2F;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: E27AF9401E5A06B549E1AB28E460D217
Requests: 1 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=5470722561064;npa=0;auiddc=1628542943.1707240924;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 8969ADCD87BE2F49A3B8A81AADCE57CA
Requests: 1 HTTP requests in this frame

Frame: https://10265292.fls.doubleclick.net/activityi;dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 701479F3FEBE13702D9DF2DE99503235
Requests: 2 HTTP requests in this frame

Frame: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=1841738940887;npa=0;auiddc=1628542943.1707240924;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F
Frame ID: 7D76A3A27810D40ACC8BCBDA25B15C1A
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK
Frame ID: D2690A604BCC43BA08C93F0C4C8A8F27
Requests: 4 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=3bc5ea08-49c2-40cc-98b5-a44865ed272e&u_sclid=a8df9178-2bdd-4c7c-8bd8-dbf906d10f8b
Frame ID: 4A7F1FFED066A0B245EBC7CD8858B84E
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 6A66524E6E4D3F90C4068E85E1A16007
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 5D01E8EF910C188DB7A8BFBFDE3E7A3B
Requests: 3 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: FC3A12B1557B63B72576AE192FB953F3
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/TIs4-R7BtNnBgoLR?4b5dc33db17dd2a2=Cf3DXDg4x6y9KpnY6BOObLN7pinPDVz0dSa57lSKohbg-nZDf-zbXO047Hc0lw_fLLumRsE_rRTmB549gQCeZ8dl3xJcYWLE-Nwf3_XreWl3lx8KlZM5-KAezolItFrdMD_IYIww_TaGl4OwF5M6qy5e4jByrUbOyS3oIUueSWz-K4EMKdtUf3uPXP_AuykSEYyoqwSyW83kfLEJ&jb=3d332e2c60736d7f35556b666e6f757b2e627b6f37556b666e6575712d30303b3b2e627b6a7f354962726d676d24687b683d41607a6765652f303239383b
Frame ID: DCD0992524763D6FCFEB0AD4619E3DCA
Requests: 9 HTTP requests in this frame

Frame: https://imgs.signifyd.com/8ajWOt5dntxxobvm?57616578d3d0ac95=iWSk7AvZglpoeUILVmbNHQPZRtR7PolgnwzpLng8g_tDFO3ZlCpwrLRARRVQPh_X9v717J-Uvi0L_8RQdQ87K2FogeOJB0HCYt9HwWNvNDfJgmfzLO8n4It68LC5sFuGPMOguG0swbBGVO4nia_g1yr6jX8TvrFtM94cVqkT6lZXljMyqZjT6Mp8ic_FQrJv70Nt5ijEKgiF3Bm4Fqo
Frame ID: 8BED690B9549F2B9BF95F925A9CDC37E
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/1QjeEOC0_8kutSeO?1750b94c3c3228a2=hjCenkZeY0TGnsYkwd333y1WK85woUH6WmHws7o574rqNeygRyqYFCnDEWoPsC1QC1aOJnA3xRwIyUvuwqhsJ_YsA17OCBGTeIPxrHvu5vrnN-WHz3sHbs8UjjhbCfVoSKn1ofLSf7Ai6xh5R0PPunUR84JNOK02yjxl45vsoQqs0Pw4sc_ak-MM-T_3QffsisxXkQDSXWJx9TP7shJF
Frame ID: 3AA8A6B5ED37D64F2ECDC72622EDC93D
Requests: 2 HTTP requests in this frame

Frame: https://imgs.signifyd.com/yGIOFBdDIRrc5_lm?4f920e628e2c18c5=n7e4G522uZLdUSTJYAEJzTNVz6au6SlYxl72iXZJFKZO9eGliGAhHBarAYcDdDkh49u1jBrBx-Pi2hzNBqOUeqpcPzrXcSXy0K4GZ6CauCgCYU3gFd16E0TYJyh7VtIvvEH_fq8o5gvhPOjRpoaOWVfnkLgeydg-wAx4CH6n6hV-VrXWB6pfRT3JBIlmajonQCM5aFoABsdZe5FG-hYI
Frame ID: EE27BC372E0C9AF2D8E58F1BF720F7E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e.l.f. Cosmetics: Affordable Makeup & Skincare | Clean Beauty Products | e.l.f. CosmeticsBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://www.elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

287
Requests

96 %
HTTPS

38 %
IPv6

46
Domains

70
Subdomains

65
IPs

4
Countries

5349 kB
Transfer

16576 kB
Size

63
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://st.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://rcom.dynamicyield.com/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elfyeah/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elfcosmetics/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eyeslipsfacedotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/elfcosmetics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/e-l-f-beauty

Search URL Search Domain Scan URL

URL: https://www.elfbeauty.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://elfcosmetics.onelink.me/wTtZ/AcrossSiteCosmetics

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/dont_sell
Title: Do Not Sell My Personal Info/Opt Out of Targeted Ads

Search URL Search Domain Scan URL

URL: https://preferences.elfcosmetics.com/privacy
Title: Privacy Rights Request Form

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.elfcosmetics.com/ HTTP 301
https://www.elfcosmetics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=zlQllyCuiLkvUUf8zVx9YplJmQdo7D_CNwhb7JhSSac HTTP 303
https://www.elfcosmetics.com/callback?usid=78110194-a2d9-4afe-81cb-c8ac48fad6df&code=P-MLHieEr68M9Sgyg1Ev-zH5rjSaScUwwzSTPgmDL-0

Request Chain 32

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F HTTP 302
https://10265292.fls.doubleclick.net/activityi;dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Request Chain 106

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=3W3CZefAGIfJmLAPxpey0AQ&sscte=1&crd=CIK9sQI&eitems=ChEIgM6HrgYQj_7etOq_q7a6ARIdAPyKe1AeIIYikPfjZbNiqPkN7JxShJ3MvHM-JP0&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThPLW1ZSFo5cnlKbjVZakRucXdBQUpkbUQydXRCMjhQV05pRG5wQjlFdzktYlEaWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9la3FhNXF1S1lyaVZMZ3F2ZEhsTHdkYmFaZHk4T0lQZGdaQ3NhU2hyWUg1Z3BNYTNFdXlPc0Q3dyITCKejnoegl4QDFYckBgAdxosMSg HTTP 302
https://www.google.com/pagead/1p-conversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThPLW1ZSFo5cnlKbjVZakRucXdBQUpkbUQydXRCMjhQV05pRG5wQjlFdzktYlEaWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9la3FhNXF1S1lyaVZMZ3F2ZEhsTHdkYmFaZHk4T0lQZGdaQ3NhU2hyWUg1Z3BNYTNFdXlPc0Q3dyITCKejnoegl4QDFYckBgAdxosMSg&is_vtc=1&ocp_id=3W3CZefAGIfJmLAPxpey0AQ&cid=CAQSKQAvHhf_GXTuBwvtwTXMfLqRT8We4baFWH3Drv2uoQ2qXVayfZIYuJ5r&eitems=ChEIgM6HrgYQj_7etOq_q7a6ARIdAPyKe1DvrRGj0zPJVJgjyM38BjG_BA6tDdagjuQ&random=334346050 HTTP 302
https://www.google.de/pagead/1p-conversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThPLW1ZSFo5cnlKbjVZakRucXdBQUpkbUQydXRCMjhQV05pRG5wQjlFdzktYlEaWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9la3FhNXF1S1lyaVZMZ3F2ZEhsTHdkYmFaZHk4T0lQZGdaQ3NhU2hyWUg1Z3BNYTNFdXlPc0Q3dyITCKejnoegl4QDFYckBgAdxosMSg&is_vtc=1&ocp_id=3W3CZefAGIfJmLAPxpey0AQ&cid=CAQSKQAvHhf_GXTuBwvtwTXMfLqRT8We4baFWH3Drv2uoQ2qXVayfZIYuJ5r&eitems=ChEIgM6HrgYQj_7etOq_q7a6ARIdAPyKe1DvrRGj0zPJVJgjyM38BjG_BA6tDdagjuQ&random=334346050&ipr=y

287 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elfcosmetics.com/
Redirect Chain

http://www.elfcosmetics.com/
https://www.elfcosmetics.com/

897 KB
228 KB

737ms
497ms

Document
text/html

204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f99677540defa534f20356bd0f4f219782ef17f85b324230f4f88d67645f9170

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 454 454
cache-control: public, must-revalidate, s-maxage=900
content-encoding: gzip
content-length: 232285
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 17:35:21 GMT
etag: W/"c36ef-NfEoBt09RLlLvnkdJDpr80y3AsE"
vary: Accept-Encoding
via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
x-amz-apigw-id: SuXS8HZliYcELBg=
x-amz-cf-id: Lp6VLfz0xBsRAsAaD9eOugaHy1KBa6gsGu4TQATs8YMCMGLzGUMRNw==
x-amz-cf-pop: EWR50-C1
x-amzn-remapped-connection: close
x-amzn-remapped-content-length: 800495
x-amzn-remapped-date: Tue, 06 Feb 2024 17:27:47 GMT
x-amzn-requestid: cb5c15a9-3a7f-406c-8eff-01672969b01a
x-amzn-trace-id: Root=1-65c26c12-3934cc2b0899afff3f0363a1;Sampled=0;lineage=2b75b0e9:0
x-cache: Hit from cloudfront
x-yottaa-metrics: 3821cc02315d/[138,29,-] 38D1cc0231aa/[-,252.582]
x-yottaa-optimizations: ob/1000000100001000 si/38D1cc0231aa-1707237389-1660580319 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-yottaa-os: 200

Redirect headers

Age: 0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 125
Content-Type: text/html
Date: Tue, 06 Feb 2024 17:35:21 GMT
Location: https://www.elfcosmetics.com/
Via: 1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
X-Amz-Cf-Id: OER-Rh1JamjAZNAI65RBElUOQGoBHtxdsTy6kvgxK81LdisrIhWILQ==
X-Amz-Cf-Pop: EWR50-C1
X-Cache: Redirect from cloudfront
X-Yottaa-Metrics: 3821cc023150/[9,3,-] 38D1cc0231ac/[-,12.238]
X-Yottaa-OS: 301
X-Yottaa-Optimizations: ob/1000 si/38D1cc0231ac-1707237390-2775142561 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0

GET
H2 200 init.js Show response
www.elfcosmetics.com/XT4Gy2ig/ 167 KB
75 KB 422ms
422ms Script
application/javascript 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4a34ea8084149b5081263d59a21d11edb401403e914816f416048c28480413bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
content-encoding: gzip
etag: "29cf9-ScAEjVJimCOIFMAfjTl0kL5YQS0"
active-cdn: Akamai
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
x-yottaa-metrics: 38D1cc0231aa/[-,304.249]
x-px-hash: M2QwMDVmMDRlMzJlZjAwMjcwYTliZWEwMDEwY2M4ZWRkOWJlNTM1NzVkNDBhYjM5YjRkMzk0OGQzZTcyZDkxZQ==
x-yottaa-optimizations: ob/0 si/38D1cc0231aa-1707237389-1660580322 tts/1707240922593 ti/0 ai/5a0c9b7632f01c35d42101b2

GET /
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/ 0
0

GET
H2 200 custom-slider-0.0.15.min Show response
cdn.c1.amplience.net/c/elfcosmetics/ 2 KB
2 KB 207ms
39ms Script
application/javascript 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c1.amplience.net/c/elfcosmetics/custom-slider-0.0.15.min
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 17:35:22 GMT
cache-control: max-age=120, s-maxage=1800
accept-ranges: bytes
content-length: 1626
x-amp-srv: A
content-type: application/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac

Request headers

Referer
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 44 KB
44 KB 207ms
40ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-1_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

65222e7562d6a6d1c2c6e24c738db9114b1d36c64071a76efa2d7374a52242d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: SkzN6HvHh,l4p5bDg2e,9O3wdOit6,DtzGFM5oJ
x-req-id: Kj5IQEXWId
content-length: 44666
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:28 GMT

GET
H2 200 vendor.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/ 2 MB
621 KB 219ms
129ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70bdc4ce00b2eb00c1a727f997e22289fe153af79db01d1fe41c9ddf93baea68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: rgMOMBtRIVnroG3EFvD3VQajPfLGk.CL
via: 1.1 771067dca4682f83a6c9963c412d66cc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:22 GMT
x-amz-cf-pop: DFW57-P1
age: 946908
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/3211a5fec6ec-1699966125-950262108 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 655743
content-length: 635265
x-amz-meta-bundle: 10520
x-served-by: cache-fra-etou8220062-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1707240923.672935,VS0,VE3
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec611/[125,47,-] 3211a5fec6ec/[-,476.338]
accept-ranges: bytes
x-amz-cf-id: zW6qb6p-L6UISOT-UwfU09mQAGeDnV-0gXNByFZDnwaf__NlGsEiXA==
x-cache-hits: 1

GET
H2 200 main.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/ 2 MB
465 KB 130ms
41ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1011c3fa4c2e065daf205546023d4ed8bef850c1c6ca5dab2cfb9773011cc0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: ZgDCU8kWsvQvcn1jJg.KQVz1Qq0EvJRU
via: 1.1 2fc202a09b4bdc2667eb43b2de8be750.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:22 GMT
x-amz-cf-pop: ORD52-C3
age: 946908
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/2611cc028372-1705519396-1683738102 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 655743
content-length: 475099
x-amz-meta-bundle: 10520
x-served-by: cache-fra-etou8220062-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1707240923.672941,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 2621cc8d587b/[78,17,-] 2611cc028372/[-,327.362]
accept-ranges: bytes
x-amz-cf-id: EHuMd49CzZp2pkKlJsP-DlvocwkIhXiAmFMXi4c8bn-HU3mAwWrxOA==
x-cache-hits: 1

GET
H2 200 pages-home.js Show response
cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/ 4 KB
3 KB 129ms
39ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/pages-home.js?yocs=1u_1y_
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afa9753d7a61cde7238d39c93026f264ea282f128440e39f1f0589867d337387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: fAWlbmIDqd1NY.BY1yu5BULDqI5Q3tq5
via: 1.1 60b2b330807c6611e06e3923c8e315cc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:22 GMT
x-amz-cf-pop: DFW57-P1
age: 946902
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1000 si/3211a5fec6eb-1701773462-2089544135 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront, HIT
x-amz-meta-deploy: 655743
content-length: 2056
x-amz-meta-bundle: 10520
x-served-by: cache-fra-etou8220062-FRA
x-yottaa-forcecache: true, true
server: AmazonS3
x-timer: S1707240923.672986,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=31104000
x-yottaa-metrics: 3221a5fec610/[36,31,-] 3211a5fec6eb/[-,40.681]
accept-ranges: bytes
x-amz-cf-id: jiWVjtKQp2cbsrIEZiaHFKO1mgAB4oosN7wBgbinXd6Rmt3lx8pNXQ==
x-cache-hits: 3

GET
DATA 200
OK truncated
/ 37 B
37 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 valetines-day-2024-01-29-background_D-min
cdn.media.amplience.net/i/elfcosmetics/ 119 KB
119 KB 65ms
65ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-background_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

5478e51ef21aa9f24fa7e2d3f75c26ce7860893fd92c71beafee5fe7e443f8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: 3bwUT35V2,l4p5bDg2e,fpXyktect,WepA0szpz
x-req-id: f2hkEpFKg4
content-length: 121826
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1602
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 valetines-day-2024-01-29-image-1_D-min
cdn.media.amplience.net/i/elfcosmetics/ 46 KB
46 KB 134ms
133ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-1_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

5874673f915a3ec17db9e690bc64a2c33413a2e11e3bd666bb5d43131004ffdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: G0yVLSj9j,l4p5bDg2e,sKi4G9I4o,WepA0szpz
x-req-id: P6AR3Jd4AJ
content-length: 47038
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:22 GMT

GET
H2 200 0124_hptile_newarriavals_newdrops_desktop
cdn.media.amplience.net/i/elfcosmetics/ 33 KB
33 KB 148ms
147ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/0124_hptile_newarriavals_newdrops_desktop?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

f5cdac8011cc5cd8f9ea74c60de77824460b750be5cf9f50b6e18e37daf2889e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: tEkKcOB6q,l4p5bDg2e,_ISn8MOn3,DtzGFM5oJ
x-req-id: ggkeBnPfgy
content-length: 33434
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 17 Jan 2024 20:45:37 GMT

GET
H2 200 hp1-project-pro-0124-v2-FINAL_D-min
cdn.media.amplience.net/i/elfcosmetics/ 117 KB
118 KB 158ms
157ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/hp1-project-pro-0124-v2-FINAL_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

f889dbbc26896110ff404dc7b2dd90968003c110e0fc1a8d06e8446bc6631284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: MQDoy9rgf,l4p5bDg2e,TvTLWouwK,WepA0szpz
x-req-id: tVnM55tHd3
content-length: 120283
x-xss-protection: 1; mode=block
x-amp-source-height: 802
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2362
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Fri, 02 Feb 2024 05:05:56 GMT

GET
H2 200 beauty-squad-exclusive-sky-blue-2024-02_D-min
cdn.media.amplience.net/i/elfcosmetics/ 5 KB
5 KB 178ms
177ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/beauty-squad-exclusive-sky-blue-2024-02_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

64133b3165c14b5ab3fdc7e04af6fe8939846b37f0e08119ff2d2fe16d6b59a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: eCQ_GpZQF,l4p5bDg2e,g2U_PTlJt,WepA0szpz
x-req-id: bF2bwc4rF3
content-length: 4977
x-xss-protection: 1; mode=block
x-amp-source-height: 80
server: Unknown
x-frame-options: DENY
x-amp-source-width: 296
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Fri, 02 Feb 2024 05:09:48 GMT

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 540 B
787 B 162ms
66ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 19612dea94d2b587a9cd018101a89d4c30800fadc669ddd3580a950a2f0400b6

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 17:35:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 1 MB
152 KB 165ms
81ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/OtAutoBlock.js

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 81634
content-md5: 3CHjrTrl4YSKzn90GsMA3A==
content-length: 154812
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 13:08:00 GMT
server: cloudflare
etag: 0x8DBD9493E0E92B7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: faa9619b-101e-0023-4914-1ea340000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8515263c9cc32c77-FRA
expires: Wed, 07 Feb 2024 17:35:23 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 135ms
52ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 49463
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 17:46:31 GMT
server: cloudflare
etag: 0x8DC2672631E21FF
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b3236ebc-601e-0080-51a9-58c685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8515263c9cbf2c77-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 445 KB
124 KB 151ms
63ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a73c8112281696261f2bb19a516222fdabf3de80d68e59d26d3ebf7be63c4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126415
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 16:50:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Feb 2024 17:35:23 GMT

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8772046/ 362 KB
42 KB 178ms
48ms Script
application/javascript 2600:9000:2251:4000:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_dynamic.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 0a786e7496690459bdeab407b5ffec269154f049c9fd02974f147c7272049970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:05 GMT
content-encoding: gzip
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 08:35:42 GMT
server: DYCDN
age: 18
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"deb1f97dcd62ceae4db67209f3e1355d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: aEZaBXGbdl5vbhywa5bPErP402zV-hA0gJE7ItMpiVqTr-YJzKDtWg==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8772046/ 390 KB
115 KB 220ms
90ms Script
application/javascript 2600:9000:2251:4000:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8772046/api_static.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 7a0194f3b5fcc06b24f7c9424f6eff12086308cb52d87b6b07745871c075c751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:09:11 GMT
content-encoding: gzip
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 08:35:43 GMT
server: DYCDN
age: 30373
x-amz-cf-pop: FRA60-P3
etag: W/"a74903395937c23aa9fd258be5679e7a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: 3MKDcu5Zqypc66vjCTlEtOGZ9iRecF4v3v4U0PmzvF3xvS4mYOOfzw==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 21 B
221 B 550ms
180ms XHR
application/json 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: e33a708ad9d04c864fdd86f9ccfdfbbdf24c3b2585bed619367ba4c4747c4e20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Feb 2024 17:35:23 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

GET
H/1.1 200
OK / Show response
api.ipify.org/ 21 B
221 B 551ms
181ms XHR
application/json 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: e33a708ad9d04c864fdd86f9ccfdfbbdf24c3b2585bed619367ba4c4747c4e20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 06 Feb 2024 17:35:23 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 21
Vary: Origin
Content-Type: application/json

GET
H2

200

callback
www.elfcosmetics.com/
Redirect Chain

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=...
https://www.elfcosmetics.com/callback?usid=78110194-a2d9-4afe-81cb-c8ac48fad6df&code=P-MLHieEr68M9Sgyg1Ev-zH5rjSaScUwwzSTPgmDL-0

0
0

394ms
394ms

Fetch
application/json

204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/callback?usid=78110194-a2d9-4afe-81cb-c8ac48fad6df&code=P-MLHieEr68M9Sgyg1Ev-zH5rjSaScUwwzSTPgmDL-0
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 0
x-amz-cf-pop: EWR50-C1
age: 0
x-amzn-remapped-connection: close
x-amzn-requestid: fd92071e-ad45-4e7c-984a-fcbc36a94481
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580357 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
x-amz-apigw-id: SuYaeEGECYcEZPQ=
content-length: 0
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65c26ddc-1bad5339001af5d1244e090a;Sampled=0;lineage=2b75b0e9:0
content-type: application/json
cache-control: public, max-age=604800
x-yottaa-os: 200
x-yottaa-metrics: 3821cc023182/[237,234,-] 38D1cc0231aa/[-,239.775]
x-amzn-remapped-date: Tue, 06 Feb 2024 17:35:24 GMT
x-amz-cf-id: ywgopn-M9BT4lsY1lNAcj-wXmdVCOv7T-SrN8Tv9yAje9Pr16xh-1A==

Redirect headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-correlation-id: 8515263f1b1839b5
via: 1.1 724c8c129f28bfce25c0430050f1ae72.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/0 si/38D1cc0231aa-1707237389-1660580353 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
content-length: 0
pragma: no-cache
x-ratelimit-1m-remaining: 23340, 1972746
x-ratelimit-1m-reset: 35960, 35959
x-ratelimit-1m-limit: 24000, 2000000
vary: Accept-Encoding
location: https://www.elfcosmetics.com/callback?usid=78110194-a2d9-4afe-81cb-c8ac48fad6df&code=P-MLHieEr68M9Sgyg1Ev-zH5rjSaScUwwzSTPgmDL-0
cache-control: no-store
x-yottaa-os: 303
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/authorize?redirect_uri=https%3A%2F%2Fwww.elfcosmetics.com%2Fcallback&response_type=code&client_id=f9f7052a-f742-4c38-bdf5-1da004e7fb3b&hint=guest&channel_id=elf-us&code_challenge=zlQllyCuiLkvUUf8zVx9YplJmQdo7D_CNwhb7JhSSac
x-yottaa-metrics: 3821cc02317e/[84,81,-] 38D1cc0231aa/[-,86.042]
cf-ray: 8515263f1b1839b5-IAD
x-amz-cf-id: r3gQzCdm1m4d5Rk0otd4fSl1HpIl7RpXtZ7GL3jUauUgo87kFj8c8A==

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 323 B
477 B 1409ms
1409ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a09824b6d7bbd0f5e82a23d14da408abfba60d02f5bdb48309d3ab6ca61bb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/json
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: 51b752f9-605c-476c-8a47-9b717ced073a
x-served-by: cache-fra-etou8220022-FRA
x-runtime: 1.269611
etag: W/"1a09824b6d7bbd0f5e82a23d14da408a"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 237ms
139ms Preflight 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220022-FRA

POST
H2 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 600 B
655 B 84ms
84ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0f0697fdc997c1a96902844e80fbf3d28d0a2f72bc248b1c108288dd50cdd02f

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 17:35:23 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600

GET
H2 200 6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/ 5 KB
2 KB 138ms
56ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 22884
content-md5: 4swZDWVp4C0QChiGUbrcTg==
content-length: 1746
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 15:26:04 GMT
server: cloudflare
etag: 0x8DBE5260423F079
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 47594d34-001e-002f-61c0-213448000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8515263f0e708fe6-FRA
expires: Wed, 07 Feb 2024 17:35:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
40ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Feb 2024 17:30:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 281
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 06 Feb 2024 19:30:43 GMT

GET activityi;src=9231397;type=retarget;cat=globa0;ord=5450069118511;npa=0;auiddc=1628542943.1707240924;u6=%2F;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l...
9231397.fls.doubleclick.net/ Frame E27A 0
0

GET activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=5470722561064;npa=0;auiddc=1628542943.1707240924;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;...
10742279.fls.doubleclick.net/ Frame 8969 0
0

GET
H2 200 cnxtag-min.js Show response
js.cnnx.link/roi/ 2 KB
1 KB 223ms
43ms Script
text/javascript 2600:9000:21f3:8e00:11:85b0:d600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cnnx.link/roi/cnxtag-min.js?id=316282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8e00:11:85b0:d600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:28:25 GMT
via: 1.1 google, 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
age: 419
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: max-age=600
x-amz-cf-id: crTm4niHtJq6N3S0bNmHzKS8lboCuqdIVD3tMahd3LGgMLCH1yWVjQ==

GET
H2

200

activityi;dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=s... Show response
10265292.fls.doubleclick.net/ Frame 7014
Redirect Chain

https://10265292.fls.doubleclick.net/activityi;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cp...
https://10265292.fls.doubleclick.net/activityi;dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v89...

522 B
615 B

76ms
75ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10265292.fls.doubleclick.net/activityi;dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL3STMX&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e1998ad54cb22048ae02467e8c98478697dbbd4af017d8266f73054c7e87bb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 311
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 17:35:24 GMT
expires: Tue, 06 Feb 2024 17:35:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 17:35:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10265292.fls.doubleclick.net/activityi;dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=1841738940887;npa=0;auiddc=1628542943.1707240924;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;...
10742279.fls.doubleclick.net/ Frame 7D76 0
0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
148 B 214ms
59ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:8m23e30&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET kpi
pixel.pointmediatracker.com/ 0
0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
148 B 215ms
60ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:y8694b5&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 213ms
58ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=3ftfnh3&ct=0:uuhj0na&fmt=3
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 st Show response
st.dynamicyield.com/ 114 KB
10 KB 271ms
159ms Script
text/javascript 2600:9000:2250:1000:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8772046&inHead=true&id=0&jsession=f3mj5n7n1ezi1mqk614hubxlkelh2oje&ref=&scriptVersion=2.28.0&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22HOMEPAGE%22%2C%22lng%22%3A%22en-US%22%2C%22data%22%3A%5B%5D%7D
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1000:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d6193b41ddb6b35b1774ef2a44db248111555d15e977348fe1f60f37085bdbfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: rC_8s-4_bE4u9_7CIZJPchG36vu2lk-Iy7jHVgvpItvDisRGhikmgw==
expires: Tue, 06 Feb 2024 17:35:23 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 147ms
62ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85152640b8ef2be6-FRA
access-control-allow-headers: Content-Type

GET
H2 200 valetines-day-2024-01-29-image-4_D-min
cdn.media.amplience.net/i/elfcosmetics/ 171 KB
172 KB 40ms
40ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-4_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

2d20903227f36798b79adec5bbd810679d27fe0abed0d698813e8f769df046fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: qhO9uXHAy,l4p5bDg2e,1TZJXD2Ju,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: uuXo0IaUDE
content-length: 175384
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 47ms
47ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1098381211&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAI~&jid=478044978&gjid=1563617792&cid=1279543329.1707240924&tid=UA-432816-1&_gid=1089025156.1707240924&_r=1&_slc=1&gtm=45He41v0n81WL3STMXv896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1946164761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 96 KB
97 KB 44ms
44ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-2_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

0b84574ee8a2d0530e19d393d7a2dbc713e95c1694b51e10a19f32ef556a3c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: m4Rl8_nU7,l4p5bDg2e,89YZElKgt,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: rUqR5jniXT
content-length: 98494
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:29 GMT

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 30 KB
30 KB 52ms
52ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

03966b1fc6b3f2cdef1a46df52094209b5edb7772d9dc4c70d638abbbfb1b2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: gssoa82dq,l4p5bDg2e,vqOuqrwHe,DtzGFM5oJ
x-req-id: Z7kY9wpahy
content-length: 30848
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:28 GMT

GET
H2 200 valetines-day-2024-01-29-image-2_D-min
cdn.media.amplience.net/i/elfcosmetics/ 48 KB
48 KB 54ms
54ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-2_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

78bfaac4db8bcea12350fcfca30ebb06d21d9f4533f0e46eb96568c5cebcde1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: rZx2a-bcj,l4p5bDg2e,8f2sfnNlk,WepA0szpz
x-req-id: jnvJuQRfkL
content-length: 49035
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 valetines-day-2024-01-29-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 38 KB
38 KB 57ms
57ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

6d97ff963aee1b37773794c4dfa9f69345ad53a777a53e0c8e877f1f9932fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: rqlI3LyEt,l4p5bDg2e,WgG9ZJtbq,WepA0szpz
x-req-id: bjA-EfPt8y
content-length: 38906
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:22 GMT

GET
H2 200 valetines-day-2024-01-29-image-5_D-min
cdn.media.amplience.net/i/elfcosmetics/ 59 KB
59 KB 72ms
72ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-5_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

9984ddd66cac2301c90a8af8df473e374a6a76a5839fd72a7483bdc8db9efbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: XDjwBEJ8e,l4p5bDg2e,xhQ7djhcu,WepA0szpz
x-req-id: PE_37DyabP
content-length: 60073
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 valetines-day-2024-01-29-image-6_D-min
cdn.media.amplience.net/i/elfcosmetics/ 110 KB
110 KB 68ms
68ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-6_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

4640c95ead92ab52d145901f4c81171be7617504eea0d47bc74dffa50cc0b584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: nbP029mD3,l4p5bDg2e,HKFzQEt3Y,WepA0szpz
x-req-id: 6O3-Ym2bV6
content-length: 112474
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 190ms
56ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-432816-1&cid=1279543329.1707240924&jid=478044978&gjid=1563617792&_gid=1089025156.1707240924&_u=YEBAAEAAAAAAACgAI~&z=209551258

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/ 404 KB
98 KB 56ms
56ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XJk1ZZTljtwHFT3qcIJg+w==
age: 50500
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99599
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:36 GMT
server: cloudflare
etag: 0x8DB82A15D413626
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 851526411a5d2c77-FRA

GET
H2 200 dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=*;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;u...
adservice.google.com/ddm/fls/z/ Frame 7014 42 B
401 B 212ms
110ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=*;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F

Requested by

Host: 10265292.fls.doubleclick.net
URL: https://10265292.fls.doubleclick.net/activityi;dc_pre=CNf11oagl4QDFctMkQUd8mIEgg;src=10265292;type=conte0;cat=homep0;ord=6973111413254;npa=0;auiddc=1628542943.1707240924;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10265292.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b3580e16-19d9-4554-ba1a-ac19abea14a3/ 199 KB
36 KB 71ms
70ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6ee1574c-d59b-4e80-9930-2e1c3c7db4ff/b3580e16-19d9-4554-ba1a-ac19abea14a3/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1df881dfa3c790fb46a3ab0d0edd13cfaf25c0c369cca89ec8115cfdf338236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 69509
content-md5: bM5EAFhwhSHsrqZI9IpFVg==
content-length: 36174
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 15:26:18 GMT
server: cloudflare
etag: 0x8DBE5260C9926DA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 40ed0566-901e-0002-3b0e-17873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85152641a9a98fe6-FRA
expires: Wed, 07 Feb 2024 17:35:24 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 267ms
74ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=1279543329.1707240924&jid=478044978&_u=YEBAAEAAAAAAACgAI~&z=1956404043

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 272ms
74ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-432816-1&cid=1279543329.1707240924&jid=478044978&_u=YEBAAEAAAAAAACgAI~&z=1956404043

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dy-coll-min.js Show response
cdn.dynamicyield.com/scripts/2.28.0/ 196 KB
65 KB 46ms
44ms Script
text/javascript 2600:9000:2251:4000:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/2.28.0/dy-coll-min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4000:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 7277d352a2cf641b65f40654e30a9346a0323d1e66bc7abe105ec1d36cf7ee7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:19:20 GMT
content-encoding: gzip
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 10:55:08 GMT
server: DYCDN
age: 202565
x-amz-cf-pop: FRA60-P3
etag: W/"010c6c8c94a11631e8bcaf15a24f611b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: JBEpr12cSlNMshI9L6lVUAMHyJPq1JOUPYJYkAwX9ITmyDMTCfytYA==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 13 KB
3 KB 64ms
63ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5mNZducabMgxSDzBo+ZI8w==
age: 27178
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:30 GMT
server: cloudflare
etag: 0x8DB82A159AF8EA6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0c718e4e-201e-0081-6f27-129959000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 851526424a488fe6-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ 61 KB
12 KB 64ms
64ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sXFDxCJwbPEMIT/8f5Prwg==
age: 17440
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:33 GMT
server: cloudflare
etag: 0x8DB82A15AFF8646
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 99943331-001e-00a9-52a5-21f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 851526424a4a8fe6-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 5 KB
2 KB 65ms
65ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: v0pzgeeelPwcAOki15i3HA==
age: 10903
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:32 GMT
server: cloudflare
etag: 0x8DB82A15AB9FB83
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7a892ea0-601e-0080-09c3-13c685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 851526424a4b8fe6-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ 21 KB
4 KB 66ms
66ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 17440
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 05545e90-b01e-002a-0255-23e693000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 851526424a4c8fe6-FRA

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 119ms
117ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b877311e3743367bee817ee88fca0dedf65abb663d0e8b1f64954c5bcca1846f

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

POST
H2 200 token Show response
www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/ 2 KB
2 KB 252ms
248ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

319cdcb02e5edbc8ece151a09c8d65fc59021d0f9575058a75d9f9c4edca769c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 17:35:24 GMT
content-encoding: gzip
x-correlation-id: 851526431e925776
cf-cache-status: DYNAMIC
via: 1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580365 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
pragma: no-cache
x-ratelimit-1m-remaining: 23319, 1972011
x-ratelimit-1m-reset: 35310, 35310
vary: Accept-Encoding, User-Agent
x-ratelimit-1m-limit: 24000, 2000000
content-type: application/json
cache-control: no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/f_ecom_bbxc_prd/oauth2/token
x-yottaa-metrics: 3821cc023188/[115,113,-] 38D1cc0231aa/[-,116.889]
cf-ray: 851526431e925776-IAD
x-amz-cf-id: Z8--DZUslxSmO5drU7Ketvbyiv8yYczG-E8HdSBQuHf6ifwxDpajsw==

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 50ms
50ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 44774
x-ms-lease-status: unlocked
last-modified: Tue, 06 Feb 2024 03:58:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5fd5cf97-101e-0023-1bb8-58a340000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85152642cd292c77-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
538 B 49ms
48ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 29393
x-ms-lease-status: unlocked
last-modified: Tue, 06 Feb 2024 07:09:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 96e80080-401e-0073-5ed0-586110000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85152642dae68fe6-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 59ms
58ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 49010
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 08:11:12 GMT
server: cloudflare
etag: 0x8DC2622044F096E
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c2a58162-e01e-008e-220b-58ef35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85152642fd6b2c77-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 50ms
50ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Feb 2024 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 55184
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 03:34:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 835cbc65-e01e-008e-3ee7-57ef35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85152642fd6f2c77-FRA

POST
H2 200 uia Show response
async-px.dynamicyield.com/ 0
383 B 376ms
140ms XHR
text/plain 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/uia?cnst=1&_=1707240924672
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.28.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: yYoKy-7WNg1SKtIeG60-WI_pDYqiARt2Gi8vgkYjF_fNXadUMmIerg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 337ms
140ms Fetch 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=907245&uid=-9124292598532248100&sec=8772046&t=ri&e=1261284&p=1&ve=11209913&va=%5B27119924%5D&ses=051870698c0b3855c151e9cf5456238d&expSes=64400&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7060695473395579751&cgtgDecisionId=7060695474129454572&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707240924712&rri=7494499
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.28.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: b40pDglfI9jDU66hhdG2uZHxLQSjtETYy3HlbxoKhonW7ZLtybhGVA==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 332ms
136ms Fetch 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=845106&uid=-9124292598532248100&sec=8772046&t=ri&e=1574966&p=1&ve=12698518&va=%5B28347247%5D&ses=051870698c0b3855c151e9cf5456238d&expSes=64400&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7060695474406786824&cgtgDecisionId=7060695473938540271&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707240924712&rri=3445405
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.28.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: Kk_--uStFVDSD7yRGcphUhl2D5w4Nk8l_Ht1NeR7Xqx8TPNPJ4sntg==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 331ms
136ms Fetch 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=358234&uid=-9124292598532248100&sec=8772046&t=ri&e=1609852&p=1&ve=12669413&va=%5B28321879%5D&ses=051870698c0b3855c151e9cf5456238d&expSes=64400&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7060695472459318896&cgtgDecisionId=7060695474224004313&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707240924713&rri=9052914
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.28.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: eENa1AmG8t8vExf33_BhTUp7zTbNOd43PE6xcsZ9y2S8bRzcBkZ2VQ==
expires: 0

GET
H2 200 var
async-px.dynamicyield.com/ 0
0 330ms
135ms Fetch 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/var?cnst=1&_=2948&uid=-9124292598532248100&sec=8772046&t=ri&e=1575901&p=1&ve=12692962&va=%5B28207095%5D&ses=051870698c0b3855c151e9cf5456238d&expSes=64400&aud=884367.884385.884387.1167402.1324059.1846919.998337.1092373.1232212.1426804.1443347.1182144.799438.799440&expVisitId=7060695474286628859&cgtgDecisionId=7060695474211563062&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1707240924713&rri=5066134
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.28.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: NWO250PY-GEbSY6RmYYWLer4xd2KH9vUcnNqm4YFN5jbdUiqx1JEAg==
expires: 0

POST
H2 200 batch
async-px.dynamicyield.com/ 0
383 B 267ms
136ms Ping
text/plain 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px.dynamicyield.com/batch?cnst=1&_=1707240924777_623485
Requested by: Host: cdn.dynamicyield.com
URL: https://cdn.dynamicyield.com/scripts/2.28.0/dy-coll-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:24 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
x-amz-cf-id: QBy2sYSI5bGK5j7pdXjAQCkr_4cqdn3h24rwjsoC4kJ4Ue8tEo7aKw==
expires: 0

POST
H2 204 sessions Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 0
1 KB 238ms
237ms XHR
text/plain 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/sessions
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/0 si/38D1cc0231aa-1707237389-1660580369 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
pragma: no-cache
allow: OPTIONS,POST
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 3821cc02318a/[114,112,-] 38D1cc0231aa/[-,116.946]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/sessions
accept-ranges: bytes
cf-ray: 85152644be253b8c-IAD
x-dw-request-base-id: eaola91twmUBAAB_
x-amz-cf-id: jVUh-hlEJQKpd3CjqPB1oEEIwvgRblI81vGlnKAJL0O5PqOTrG0Ihg==
x-yottaa-os: 204
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 shoppercontext Show response
www.elfcosmetics.com/api/v1/ 114 B
786 B 691ms
691ms XHR
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/shoppercontext?siteId=elf-us
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
via: 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 114
x-amz-cf-pop: EWR50-C1
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580370 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: a276345c-8e52-4263-8109-a4501ad61f6d
x-cache: Miss from cloudfront
x-amz-apigw-id: SuYakG7XCYcEBBg=
content-length: 108
etag: W/"72-HgdmTgyCF/DQfqnMU3u+4UstAzI"
x-amzn-trace-id: Root=1-65c26ddc-329ce370430104f97e62110d;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 3821cc02318b/[558,556,-] 38D1cc0231aa/[-,559.914]
x-amzn-remapped-date: Tue, 06 Feb 2024 17:35:25 GMT
x-amz-cf-id: XsAEUS5cfh0rlgMbdl2FFJosZgL1e0-_FOIoEGygsHnY0861pKItvQ==

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 179 B
845 B 338ms
337ms XHR
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.108

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580376 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.108
x-yottaa-metrics: 3821cc023190/[199,198,-] 38D1cc0231aa/[-,201.771]
cf-ray: 851526458fb93b0c-IAD
x-dw-request-base-id: eaooa91twmUBAAB_
x-amz-cf-id: 69NzHTEiz7psVnLXNnE_uufDJnsEVPitGH0TsNZ0bptn839QU6wyyA==

GET
H2 200 geo-ip Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/ 179 B
846 B 310ms
309ms XHR
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.108

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580377 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
allow: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/custom_objects/CustomApi/geo-ip?c_ip=80.255.7.108
x-yottaa-metrics: 3821cc023191/[169,168,-] 38D1cc0231aa/[-,173.007]
cf-ray: 8515264579db3b05-IAD
x-dw-request-base-id: -doGKN1twmUBAAB_
x-amz-cf-id: UEGjm8KTwrt20BtNgYs3m7KEl9YBayNCxvlmO9Sp3nULTgka0ynwXg==

GET
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/bclXEVkraVmroRwrhImqYYwuxJ/ 11 B
814 B 240ms
240ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/bclXEVkraVmroRwrhImqYYwuxJ/baskets?siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
x-correlation-id: 851526457fee1318
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580373 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
content-encoding: gzip
x-cache: Miss from cloudfront
content-length: 37
allow: GET,HEAD,OPTIONS
x-ratelimit-remaining: 999
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0,no-cache,no-store
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/customer/shopper-customers/v1/organizations/f_ecom_bbxc_prd/customers/bclXEVkraVmroRwrhImqYYwuxJ/baskets?siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526457fee1318-IAD
x-amz-cf-id: AH7q5ExItvD7DpGp_Ghc5P_iunRUhjQ31pI5raRyc4kN8-ZIuKLTVA==
x-yottaa-metrics: 3821cc02318d/[119,116,-] 38D1cc0231aa/[-,121.415]

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 368 KB
32 KB 476ms
475ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300233%2C300211%2C300220%2C81517&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

01aa0811c31979c696025ebea9026cad5000469c96b34834ba768ef237e4ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526456de99c46
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580374 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=60
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300234%2C300233%2C300211%2C300220%2C81517&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526456de99c46-IAD
x-amz-cf-id: RplWr8ZoWYY1nX8qjPZflZooJy2eY1jHHchMNBegliSdGShqZTQakw==
x-yottaa-metrics: 3821cc02318e/[280,278,-] 38D1cc0231aa/[-,282.747]

GET
H2 200 products Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/ 494 KB
35 KB 356ms
354ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300237%2C300230%2C300229%2C300215%2C300199&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

a03984a7a5b36b4c6da58aaa8fa5380a317bfa209a969b8c38907f080b4e50a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526456a32061c
via: 1.1 6e131451bd3f2f00145987b931606ec0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580375 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=10
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products?ids=300237%2C300230%2C300229%2C300215%2C300199&currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526456a32061c-IAD
x-amz-cf-id: iM3MMiwrSO9jJuEcz_h4ctOZ3xtnXTLXFLcJkNudWdi67IZBT5zvug==
x-yottaa-metrics: 3821cc02318f/[125,123,-] 38D1cc0231aa/[-,126.905]

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 208ms
82ms Ping
text/json 140.174.14.83
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 140.174.14.83 Frankfurt am Main, Germany, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 17:35:25 GMT
access-control-expose-headers: X-Results-Data-Source
access-control-allow-credentials: true
cache-control: no-cache
timing-allow-origin: *
content-type: text/json

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/ 144 KB
42 KB 493ms
59ms Script
application/javascript 23.197.142.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/1e72a9589c4f11e9a62ebc764e10b970/main.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.142.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-142-200.deploy.static.akamaitechnologies.com

Software

nginx / Express

Resource Hash

58da72bddd8da96edee8626efe890283621d3c23f38a2aac4911d773461ead38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Date: Tue, 06 Feb 2024 17:35:25 GMT
Server: nginx
ETag: W/"802810ef2b8ff8127ba90eb9cbbb4fb601a094cd"
X-Powered-By: Express
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=900
Connection: keep-alive
Content-Length: 42822
Expires: Tue, 06 Feb 2024 17:50:25 GMT

GET
H2 200 110221.ct.js Show response
tag.rmp.rakuten.com/ 47 KB
15 KB 501ms
69ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/110221.ct.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Feb 2024 17:35:25 GMT
x-cache: hit
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.paypal.com/sdk/ 408 KB
113 KB 491ms
60ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8c6ebbfbfd150bad4b5bd7158cc60bed275422878781b45bd2450f776d625b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 17:35:25 GMT
age: 4648
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f87382690d57d
server-timing: "traceparent;desc="00-0000000000000000000f87382690d57d-b35fa549671c1fb3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 114027
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f87382690d57d-834841a32d306e92-01
x-timer: S1707240925.397897,VS0,VE6
etag: W/"1bd6b-WsGDcd1F8OTUDL37QJoKRy1NxRA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 496ms
69ms Script
application/javascript 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 17:35:25 GMT
Content-Encoding: gzip
x-amz-request-id: 2YBD1Y83SA1VBPZN
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: Vo5gJfn4DHGgFFcnzwzpG4njjvgMt8LlOnQtX6RdM+uNb3LkYv06L++KpTpVEqpBqbyFMWzosrU=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1185
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Tue, 06 Feb 2024 17:55:10 GMT

GET
H2 200 loader.js Show response
cdn.usehero.com/ 98 KB
28 KB 486ms
59ms Script
application/javascript 2600:9000:236e:a600:13:d6f4:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usehero.com/loader.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a600:13:d6f4:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:20:45 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 07:56:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 881
x-amz-server-side-encryption: AES256
etag: W/"fbf714a58cbac38c0deea519667d9044"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: rn4cWrJNKXfgcRjBo2aOqtLr2LhodAAiXV8QDVkHkSNSIDXTQo57fQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/ 3 KB
2 KB 505ms
80ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10812184462/?random=1707240923999&cv=11&fst=1707240923999&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6148fcfb081115252c094c42d4420c139cb987fb43f866238752db4e4d3e3045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/698270988/ 3 KB
2 KB 489ms
66ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/698270988/?random=1707240924002&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9ae7a413e2d84452ebc43806c2f3b579bd607518e8aeb8d04b7840cf1259c9c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1717
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/ 3 KB
2 KB 488ms
81ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865242110/?random=1707240924007&cv=11&fst=1707240924007&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95654fdd5b364f7cb881f923571ce651b1076b621abfc5e83083b42d4d4b095c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/ 3 KB
2 KB 396ms
80ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1707240924008&cv=11&fst=1707240924008&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&rfmt=3&fmt=4

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5ba8e737d92d36efd3493f4f0669f2fba6adef29e53034100419e8f2856519b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 286ms
65ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 90ef36e0fc9aecb01aad9a5f1a54a573c0861e2cbf485d3c187593fe1a5cf10f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17891
x-amz-cf-id: hlXgcByquxVr53N-NxN6mci3osgHaCJRNet6PHS0xFntiZEBI4YYkg==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 220ms
53ms Script
application/javascript 2a02:26f0:3500:880::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:880::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "ba3486175e2b68724e3b47a025fadde7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1861

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 214ms
58ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 30 Jan 2024 22:08:33 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "cdb613b732483a878e5e73924ee9a02f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8623

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 253ms
156ms Script
application/javascript 2.16.1.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1EFEJPT0U322RQPGHFG&lib=ttq
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2409651241c0de9b571e266d1ca6ee4c9a3376c423fdc8998b9a6b7842112b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-akamai-request-id: 2674d064.277441eb
date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402061735254C0409E53582B9F0EC4E-002D6A8B1C659490-00
x-cache: TCP_MISS from a2-16-1-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 96,2.16.1.181
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=7, inner; dur=3
content-length: 2069
pragma: no-cache
server: nginx
x-tt-logid: 202402061735254C0409E53582B9F0EC4E
x-cache-remote: TCP_MISS from a23-48-200-40.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.200.40
x-tt-trace-host: 018d063700e1cf17c08548c9ad121f23aa119dff2d78d6230d41051aea75435f83196511b411754ad71a01a4eded4c485ab463f09c68dd4eaa12b9df6b8f2e0abd854b2419e7fefdb74da67dc1b41d4e6bfe5f912275f72653fc08b4ae7102b6ea660836674bed47f5041a59cefbbca517
expires: Tue, 06 Feb 2024 17:35:25 GMT

GET
H2 200 widget.js Show response
js.jebbit.com/companion/v1/ 44 KB
45 KB 169ms
50ms Script
text/javascript 2600:9000:206f:5600:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5600:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef37a0adcce8182a55abff9a5e28be02925fe56a3088a8d36a91a8cd3008c58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: iCZS77ZG1ZPlwIXN0jcyz2UtdxRogOfI
date: Mon, 05 Feb 2024 18:44:23 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 18:44:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 82263
x-amz-server-side-encryption: AES256
etag: "6b2f615c6ad69ee4f7b72b4ba8130ca4"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 45233
x-amz-cf-id: Vs3Lrw62zZLQAV0iYuND4Sp8WgBkoqvOv4FaBz_QtxBK6l8Tx9qrmw==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 170ms
70ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:25 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8CED47B6B3664061A21EF73DABA090E8 Ref B: FRA31EDGE0107 Ref C: 2024-02-06T17:35:25Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 1a8bfa042c9c5.js Show response
t.contentsquare.net/uxa/ 288 KB
69 KB 146ms
46ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/1a8bfa042c9c5.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87108ed8601ca33ed2e179c7c19e2181f10f1d5fc354e4c3756154ed00714377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:22:37 GMT
content-encoding: br
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 70533
last-modified: Tue, 06 Feb 2024 17:20:42 GMT
server: AmazonS3
etag: "c13e4df87d0d5cff8b126db47d8e201d"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Eo-NQBbyrbyQBai57P7I3RT3uc4g0JYqOVTZYbtw96bQWeY6Nk6_9Q==

GET
H2 200 i.js Show response
tag.wknd.ai/4142/ 18 KB
6 KB 142ms
43ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/4142/i.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 6ace9ab9c495e069a90f7c423cd985e271b19ef8e780f0b7fb3ff9627fab4896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:33:08 GMT
content-encoding: gzip
via: 1.1 google
age: 137
x-envoy-upstream-service-time: 54
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5762
server: istio-envoy
etag: c1699b4863539e
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 77ms
61ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a39f2e16bae522d2f09b9089a025fa9f87747c5a5e70c8a33640fc0cdba7fa87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 17:35:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 137ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Feb 2024 17:35:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 7X2IDlHRHuf31oZxHY6Apq+SMezcXigLrspqjwTEO47JkHPtW2WPFU1sF/6RcrzQ4hpnjSOkIP4JxSQxjR0I6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 baskets Show response
www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/ 3 KB
2 KB 263ms
261ms XHR
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/ocapi/s/elf-us/dw/shop/v21_3/baskets

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

8aabb0230239d64cfc819c6c0010c0b026427746920cb43eb9e274e08c8030c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
x-dw-client-id: f9f7052a-f742-4c38-bdf5-1da004e7fb3b
accept-language: de-DE,de;q=0.9
x-pwa-request: true
authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
via: 1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580382 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-dw-version-status: obsolete
x-cache: Miss from cloudfront
content-length: 1100
pragma: no-cache
etag: 39a6c01ca067599041a8866caccbcedf9509281cef4d9039571bf7e170bb0bdb
allow: OPTIONS,POST
content-type: application/json;charset=UTF-8
x-dw-resource-state: 39a6c01ca067599041a8866caccbcedf9509281cef4d9039571bf7e170bb0bdb
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: etag,location,x-dw-version-status,x-dw-resource-state,authorization,x-dw-request-base-id
x-yottaa-metrics: 3821cc023195/[129,127,-] 38D1cc0231aa/[-,132.289]
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/s/elf-us/dw/shop/v21_3/baskets
accept-ranges: bytes
cf-ray: 85152646e94e20a0-IAD
x-dw-request-base-id: -doUKN1twmUBAAB_
x-amz-cf-id: rpljiNeLxwlDrNQL31P9d7cjLG4Dahezi3Yl85zLvr4wzuOIW6JHYg==
x-yottaa-os: 200
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 122ms
121ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946301
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

POST
H2 201 sync Show response
sdk.iad-05.braze.com/api/v3/content_cards/ 85 B
199 B 186ms
186ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

59561243adefde1154857a31f0d98d5d9d48f67dca71178ea9e4632b2a5045f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 609afcb2-1dc3-41ef-a771-0a9aaf10bf57
X-Braze-DataRequest: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/json
BRAZE-SYNC-RETRY-COUNT: 0
Referer: https://www.elfcosmetics.com/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: e9f54c2e-5586-45f3-beb9-a0c194403771
x-served-by: cache-fra-etou8220022-FRA
x-runtime: 0.045661
etag: W/"59561243adefde1154857a31f0d98d5d"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 0
0 139ms
139ms Preflight 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220022-FRA

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 1 KB
1 KB 226ms
222ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435&locale=en-US

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

2de68a6dc3817d48b67a7a0c134c34ba7d02d6fe9a0380e8f1ad3501899d0ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526484fe6289a
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580387 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=31
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526484fe6289a-IAD
x-amz-cf-id: sOkxfe48AIOmMZ8HVx7HZPtIPSQDe8p0uPZSQ17eI6GjLS2Oi7WI_w==
x-yottaa-metrics: 3821cc02314c/[100,97,-] 38D1cc0231aa/[-,101.968]

POST
H3 200 collector Show response
collector-pxxt4gy2ig.px-cloud.net/api/v2/ 32 B
49 B 200ms
199ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxxt4gy2ig.px-cloud.net/api/v2/collector
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/XT4Gy2ig/init.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b877311e3743367bee817ee88fca0dedf65abb663d0e8b1f64954c5bcca1846f

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 796 B
1 KB 285ms
175ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je41v0v879088318z8896608294za200&_p=1707240923526&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1279543329.1707240924&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707240923526&_s=1&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1707240925&sct=1&seg=0&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=page_view&_fv=1&_ss=2&ep.page_type=homepage&ep.page_environment=production&ep.page_country=US&ep.page_language=EN&up.custom_user_id=&up.client_id=&up.user_has_transacted=false&up.user_logged_in=false&up.user_country=US&up.user_loyalty_status=false&tfd=4691&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

a2943eee3c0d637c48c086cf0048b80ddb30c69679d2fb90c18ef542a12efb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2 200 promotions Show response
www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/ 3 KB
2 KB 412ms
408ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

cdabdca122a95c86d013bc3792c3fa8b6d610fddc9724b16360821de4c63dcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 8515264af8d40778
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580396 tts/1697558664636 ti/5a0c9b7732f01c35d421038a ai/5a0c9b7732f01c35d4210324 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=44
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/pricing/shopper-promotions/v1/organizations/f_ecom_bbxc_prd/promotions?siteId=elf-us&ids=2024-02-gwp-%2435%2C2022-ordergroove-first-order-ORIGINAL-SETUP&locale=en-US
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 8515264af8d40778-IAD
x-amz-cf-id: iKQh7OsWv86yr4jLjUp60vYsdvplGA8RMRz_qIGfZKpfvuGaebn4ZQ==
x-yottaa-metrics: 3821cc023151/[282,281,-] 38D1cc0231aa/[-,284.508]

GET
H3

200

/
www.google.de/pagead/1p-conversion/698270988/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_...

42 B
64 B

59ms
58ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThPLW1ZSFo5cnlKbjVZakRucXdBQUpkbUQydXRCMjhQV05pRG5wQjlFdzktYlEaWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9la3FhNXF1S1lyaVZMZ3F2ZEhsTHdkYmFaZHk4T0lQZGdaQ3NhU2hyWUg1Z3BNYTNFdXlPc0Q3dyITCKejnoegl4QDFYckBgAdxosMSg&is_vtc=1&ocp_id=3W3CZefAGIfJmLAPxpey0AQ&cid=CAQSKQAvHhf_GXTuBwvtwTXMfLqRT8We4baFWH3Drv2uoQ2qXVayfZIYuJ5r&eitems=ChEIgM6HrgYQj_7etOq_q7a6ARIdAPyKe1DvrRGj0zPJVJgjyM38BjG_BA6tDdagjuQ&random=334346050&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/698270988/?random=1831468605&cv=11&fst=1707240924002&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&label=87uyCIuRktcBEIyK-8wC&hn=www.googleadservices.com&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&value=0&npa=0&pscdl=noapi&auid=1628542943.1707240924&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThPLW1ZSFo5cnlKbjVZakRucXdBQUpkbUQydXRCMjhQV05pRG5wQjlFdzktYlEaWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9la3FhNXF1S1lyaVZMZ3F2ZEhsTHdkYmFaZHk4T0lQZGdaQ3NhU2hyWUg1Z3BNYTNFdXlPc0Q3dyITCKejnoegl4QDFYckBgAdxosMSg&is_vtc=1&ocp_id=3W3CZefAGIfJmLAPxpey0AQ&cid=CAQSKQAvHhf_GXTuBwvtwTXMfLqRT8We4baFWH3Drv2uoQ2qXVayfZIYuJ5r&eitems=ChEIgM6HrgYQj_7etOq_q7a6ARIdAPyKe1DvrRGj0zPJVJgjyM38BjG_BA6tDdagjuQ&random=334346050&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698270988/ 42 B
108 B 57ms
53ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698270988/?random=1707240924008&cv=11&fst=1707238800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_UeKQ6l8tuM3XoHqQGuI1zdmvb0ca0ZnWUC4z47R5MsuWomrM&random=397249690&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698270988/ 42 B
154 B 59ms
55ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698270988/?random=1707240924008&cv=11&fst=1707238800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_UeKQ6l8tuM3XoHqQGuI1zdmvb0ca0ZnWUC4z47R5MsuWomrM&random=397249690&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/865242110/ 42 B
154 B 52ms
50ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/865242110/?random=1707240924007&cv=11&fst=1707238800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_L0twPaPIekgr_KuUjsS2xQZLXSF-9ezcjMibo8SVMpabA1Kq&random=2743277473&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/865242110/ 42 B
108 B 57ms
55ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/865242110/?random=1707240924007&cv=11&fst=1707238800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&data=ecomm_prodid%3D%3Becomm_totalvalue%3D&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_L0twPaPIekgr_KuUjsS2xQZLXSF-9ezcjMibo8SVMpabA1Kq&random=2743277473&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10812184462/ 42 B
108 B 54ms
52ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10812184462/?random=1707240923999&cv=11&fst=1707238800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_wCRMPX7YqH9I1WDL_Q85lMgmoaA-zOba-yKPwpJ2vl-Te1Rh&random=3327528904&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10812184462/ 42 B
108 B 59ms
57ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10812184462/?random=1707240923999&cv=11&fst=1707238800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v896608294za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&frm=0&tiba=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_wCRMPX7YqH9I1WDL_Q85lMgmoaA-zOba-yKPwpJ2vl-Te1Rh&random=3327528904&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 display Show response
api.usehero.com/webplugin/ 118 B
1 KB 365ms
218ms XHR
application/json 52.51.70.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usehero.com/webplugin/display?appId=efcf9631-4c6b-4874-9f76-51f71464249a&location=https%3A%2F%2Fwww.elfcosmetics.com%2F&state=untouched&outboundFeature=

Requested by

Host: cdn.usehero.com
URL: https://cdn.usehero.com/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.70.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-70-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bde1972055f3fd260111d4cf8032a7c9263e720a11974ff8b6076032712d74ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains; preload
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
surrogate-control: no-store
x-dns-prefetch-control: off
x-time-zone: Europe/Berlin
klarna-correlation-id: 94b19586-3ccb-47d3-ba9b-4a2ee97f5952
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: same-origin
x-geo-longitude: 9.49100
content-length: 118
x-xss-protection: 0
x-request-id: 94b19586-3ccb-47d3-ba9b-4a2ee97f5952
pragma: no-cache
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
etag: W/"76-s12LxvbLr/SxyeJ2DCH8igZKUbU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-geo-latitude: 51.29930
x-country: DE
x-accuracy: 500
expires: 0

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame D269 5 KB
2 KB 50ms
50ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be4b55c5d8a7ef71000d7696ba2e6a36cce9cfe71de512a9bb6a93028ae0e02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 82178
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1526
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 17:35:25 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-hZrJEn1/I7nZxrYtD5biQSscHCo"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f200968dca12a
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f200968dca12a-21b4e1ea1b3a093a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f200968dca12a-8dab3705fa269eee-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 26521, 0
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220035-FRA
x-timer: S1707240926.795335,VS0,VE10
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 55ms
55ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.elfcosmetics.com&t=xo&v=5.0.422&source=payments_sdk&client_id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&comp=buttons,messages&disableSetCookie=true&vault=true

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2b640a7227890217527259e40d2d35cc3117f6ea19c9caa1edae8a6631dfc25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-F0oBYW+6OgY7CxYmx5Q2JewuOVi5l/kdYPsChQn/OoxWcpLw' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-F0oBYW+6OgY7CxYmx5Q2JewuOVi5l/kdYPsChQn/OoxWcpLw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Feb 2024 17:35:25 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 81841
x-cache: HIT, MISS
paypal-debug-id: f908853b89683
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4797
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f908853b89683-1e2a6dfab4bee27a-01
x-timer: S1707240926.798143,VS0,VE13
etag: W/"3691-O5DxjADlzAMI8SM+4CmRbyohXa4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 p
tr.snapchat.com/ 68 B
444 B 149ms
62ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&ev=PAGE_VIEW&intg=gtm&pids=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_c1=ef5d2cce-5b2f-4774-a099-89eb04a21447&u_sclid=a8df9178-2bdd-4c7c-8bd8-dbf906d10f8b&u_scsid=3bc5ea08-49c2-40cc-98b5-a44865ed272e&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1751&m_fcps=1558&m_pi=1750&m_pl=3799&m_pv=2&m_rd=4871&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.elfcosmetics.com%2F&trackId=98012eaf-8d98-4f95-9577-d3f06df6f469&ts=1707240925797&v=3.9.0-2401311916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 120ms
119ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946302
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1017 B
876 B 272ms
272ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee403d823263b85f8ec9057fddec95bd32e577df8db7ec95e88a59009012eb21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f916852419d6f
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220027-FRA, cache-fra-etou8220027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f916852419d6f-f1460729da9a5a74-01
x-timer: S1707240926.281193,VS0,VE195
etag: W/"3f9-wsjPUXjRcsmPMNFg/oYDwAEgYko"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 342ms
262ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elfcosmetics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 06 Feb 2024 17:35:26 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f91685226889b
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f91685226889b-94cf1a65c65e0415-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220027-FRA, cache-fra-etou8220027-FRA
x-timer: S1707240926.980226,VS0,VE223

GET
H2 200 PWA-UpdateSession Show response
www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/ 56 B
1 KB 309ms
308ms XHR
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/mobify/proxy/controllers/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
content-encoding: gzip
via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: EWR50-C1
age: 0
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580401 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
pragma: no-cache
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
x-yottaa-os: 200
x-proxy-request-url: https://cc-elf-us-prd.elfcosmetics.com/on/demandware.store/Sites-elf-us-Site/en_US/PWA-UpdateSession
x-yottaa-metrics: 3821cc023154/[187,187,-] 38D1cc0231aa/[-,189.370]
cf-ray: 8515264b5d91083c-IAD
x-dw-request-base-id: Bf20fd5twmUBAAB_
x-amz-cf-id: vxvBWUbSCAKBdnVq6bZSbRuvxklXJijFnmm5h1i9C_2z4SBET8pFAg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare
elfcosmetics.a.bigcontent.io/v1/static/ 5 KB
6 KB 221ms
47ms Image
image/png 2a02:26f0:7100::687e:24f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/NEW-beauty-squad-beauty-squad-loyalty-logo-staggered-paddedsquare?%24Desktop%24=&fmt=auto
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:24f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 06 Feb 2024 17:35:26 GMT
server: Unknown
x-amz-server-side-encryption: AES256
x-amp-srv: A
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 5378

GET
H2 200 icon-noun-gift-1165617
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
1 KB 216ms
42ms Image
image/svg+xml 2a02:26f0:7100::687e:24f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-gift-1165617?%24Desktop%24=&fmt=auto%203x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:24f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:26 GMT
server: Unknown
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
x-amp-srv: A
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 996

GET
H2 200 icon-lips
elfcosmetics.a.bigcontent.io/v1/static/ 914 B
1 KB 214ms
41ms Image
image/png 2a02:26f0:7100::687e:24f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-lips?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-lips?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-lips?%24Desktop%24=&fmt=auto%203x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:24f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 2f3989acda5131345cd5dd5f11e9c3c373fd3b09eb1a2a64fb2d6b302ea020a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 06 Feb 2024 17:35:26 GMT
server: Unknown
x-amz-server-side-encryption: AES256
x-amp-srv: A
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 914

GET
H2 200 icon-noun-hearts-257768v2
elfcosmetics.a.bigcontent.io/v1/static/ 2 KB
1 KB 216ms
43ms Image
image/svg+xml 2a02:26f0:7100::687e:24f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto%201x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto%202x,%20https://elfcosmetics.a.bigcontent.io/v1/static/icon-noun-hearts-257768v2?%24Desktop%24=&fmt=auto%203x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:24f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Tue, 06 Feb 2024 17:35:26 GMT
server: Unknown
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=86400
x-amp-srv: A
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 1031

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 123ms
119ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946302
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 297 B
838 B 632ms
631ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 90b18ee6d6327a356913dc9d6cf9180346ab1b71fb800c5f97dbbf43bddac98c

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 297
x-amz-cf-pop: EWR50-C1
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580409 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 97ace3c9-0b32-4560-8576-255e4c92ee6d
x-cache: Miss from cloudfront
x-amz-apigw-id: SuYaxFu2CYcEQ8A=
content-length: 158
etag: W/"129-Y0wtQ/XsWchdD0Uq8Mpj+qGFNAI"
x-amzn-trace-id: Root=1-65c26dde-56e82e4a3a668e341bf816a3;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 3821cc02315a/[509,507,-] 38D1cc0231aa/[-,511.919]
x-amzn-remapped-date: Tue, 06 Feb 2024 17:35:26 GMT
x-amz-cf-id: rez3lswClUWhioLsL0bMF2kPwlNFUifw0uvdDKz5hZDskdOkUjl5lg==

GET
H2 200 pout-clout-pen-bs-2024-01-19-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 30 KB
30 KB 41ms
40ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/pout-clout-pen-bs-2024-01-19-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

03966b1fc6b3f2cdef1a46df52094209b5edb7772d9dc4c70d638abbbfb1b2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: gssoa82dq,l4p5bDg2e,vqOuqrwHe,DtzGFM5oJ
x-req-id: Z7kY9wpahy
content-length: 30848
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 2880
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Mon, 22 Jan 2024 17:53:28 GMT

GET
H2 200 valetines-day-2024-01-29-image-3_D-min
cdn.media.amplience.net/i/elfcosmetics/ 38 KB
38 KB 43ms
42ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-3_D-min?fmt=auto

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

6d97ff963aee1b37773794c4dfa9f69345ad53a777a53e0c8e877f1f9932fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: rqlI3LyEt,l4p5bDg2e,WgG9ZJtbq,WepA0szpz
x-req-id: bjA-EfPt8y
content-length: 38906
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:22 GMT

POST
H2 204 collect
region1.analytics.google.com/g/s/ 0
248 B 141ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e4250h1v879088318z8896608294z99175401888za200&_gsid=ZLYXLXNDL8aDg3MELCSd6aSuLRpUttig
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 59ms
55ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=sypham&tid=G-ZLYXLXNDL8&cid=IQhXpOk1LlesAcsaqpOuOtTs0pREr7W0l0wZdXPenss%3D.1707240924&gtm=45j91e4250h1v879088318z8896608294z99175401888za200&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 76ms
75ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-ZLYXLXNDL8&cid=IQhXpOk1LlesAcsaqpOuOtTs0pREr7W0l0wZdXPenss%3D.1707240924&gtm=45j91e4250h1v879088318z8896608294z99175401888za200&aip=1&z=393224277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
405 B 156ms
54ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

e8a633a525653ec9513091b00537d4dfde1a161152a5f85547df1b4e90deb336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Tue, 06 Feb 2024 17:35:26 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-samesite: secure

GET
H2 200 collect Show response
sgtm.elfcosmetics.com/g/ 65 B
394 B 321ms
320ms XHR
text/plain 34.49.124.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.elfcosmetics.com/g/collect?v=2&tid=G-ZLYXLXNDL8&gtm=45je41v0v879088318z8896608294za200&_p=1707240923526&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1279543329.1707240924&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l3l1&sst.tft=1707240923526&_s=2&dt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&sid=1707240925&sct=1&seg=1&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&en=page_view&ep.page_type=homepage&ep.page_environment=production&ep.page_country=US&ep.page_language=EN&ep.vendor_id=facebook&ep.event_id=1707241236203_170724119764611&ep.email=&ep.phone=&_et=3&tfd=5284&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZLYXLXNDL8&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.49.124.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

132.124.49.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2 200 widget.css
js.jebbit.com/companion/v1/ 15 KB
16 KB 46ms
46ms Stylesheet
text/css 2600:9000:206f:5600:a:7914:b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jebbit.com/companion/v1/widget.css
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5600:a:7914:b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a1fe89f11a11d89299028b565a99569e2aa5df3055ce514ba4dec2a8f0fe4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: Z0QDj1CgW4goG86MDiwkBAynMlsfDNZh
date: Mon, 05 Feb 2024 18:44:26 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 18:44:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 82261
x-amz-server-side-encryption: AES256
etag: "8e754beaa7f32e405c184f00c12cece1"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 15502
x-amz-cf-id: 3LiwXHHnIneGzNipF11sMJ_kHaFV4aGCNn_3eRthbvAFGLqcg4Wtpw==

GET
H2 200 launcher_configs Show response
external-api.jebbit.com/moments/v2/ 2 B
448 B 183ms
51ms XHR
application/json 18.157.236.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://external-api.jebbit.com/moments/v2/launcher_configs?key=542695a9-9318-492b-9638-2018989f6dc4&url=aHR0cHMlM0ElMkYlMkZ3d3cuZWxmY29zbWV0aWNzLmNvbSUyRg==&completedLightboxCampaigns=W10=&jebbitCookies=

Requested by

Host: js.jebbit.com
URL: https://js.jebbit.com/companion/v1/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.157.236.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-236-34.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 193ms
57ms Image
text/plain 52.30.246.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?ex=&pvt=n&cvars=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&cvarp=%7B%223%22%3A%5B%22Page%20Type%22%2C%22homepage%22%5D%7D&la=en-US&uc=0&url=https%3A%2F%2Fwww.elfcosmetics.com%2F&dr=&dw=1600&dh=5102&ww=1600&wh=1200&sw=1600&sh=1200&uu=2e29d576-eb87-ab57-8a7b-3fa13b11f0a5&sn=1&hd=1707240926&v=13.84.1&pid=1926&pn=1&r=184101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.246.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-4.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:26 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 1638306756445368 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 185ms
179ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1638306756445368?v=2.9.145&r=stable&domain=www.elfcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8255a24f4eee1cd6244471f8db9d7d185e667879d4e96cd2130f64961d94ec42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Feb 2024 17:35:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: HwUI5Kt49sjDHhhRhsQmJY6OwgJ0Pvh2F/p2MnQyUymDVrQ1dhXlxcAI3rW0ZL4leM1W4ilJxlWQpXzjwOT1qg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.b3ba56f5.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 41ms
40ms Script
application/javascript 2a02:26f0:3500:880::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:880::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "672deff0b6e5a9abcd39c208d7373098"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19203

GET
H2 200 t2_16331p_telemetry Show response
conversions-config.reddit.com/v1/pixel/config/ 86 B
424 B 130ms
47ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://conversions-config.reddit.com/v1/pixel/config/t2_16331p_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:25 GMT
nel: {"report_to":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"success_fraction":0.3,"failure_fraction":0.3}
report-to: {"group":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"endpoints":[{"url":"https://w3-reporting-nel.reddit.com/reports"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
content-length: 86
x-served-by: cache-fra-etou8220080-FRA

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 122ms
39ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1707240926261&id=t2_16331p&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3c9d4c96-2171-4b31-87fc-031dbb21d05d&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_26e8ea0f&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 main.MTU3YmJkODI0MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 399 KB
104 KB 80ms
79ms Script
application/javascript 2.16.1.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-akamai-request-id: 27744630
date: Tue, 06 Feb 2024 17:35:26 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240125200847DDA91E517C5E8E6B985F
x-tt-trace-id: 00-240125200847DDA91E517C5E8E6B985F-7725D46E0742E506-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-1-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f1bb587ca53ca3d3fb6edf7936233219d091c6df59c4c49f922618b052e49fee42c2b0acd9c939a493a6842f5e2fadc37fd9070bbb47ba5aac5e960aefdd75f9ea19483028bcbb51cf117070641655693afb1792fb23501c7d9489968b0870e5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 106170

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame D269 408 KB
112 KB 52ms
52ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQ-EQFYFdmKNxtZRBoRdv2chvQI-_ZPvL1jVN9SFYCTseKT4OHPKrnT2yJlx8kWKnFI7JXEJM_cTSdbf&intent=authorize&currency=USD&vault=true&components=buttons,messages

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8c6ebbfbfd150bad4b5bd7158cc60bed275422878781b45bd2450f776d625b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fHjx0kEhJ/qx8JEs6oyo4HHLWIr59mrdRyC6dfBvphMElnFK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 17:35:26 GMT
age: 4649
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f87382690d57d
server-timing: "traceparent;desc="00-0000000000000000000f87382690d57d-b35fa549671c1fb3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 114027
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f87382690d57d-834841a32d306e92-01
x-timer: S1707240926.285966,VS0,VE7
etag: W/"1bd6b-WsGDcd1F8OTUDL37QJoKRy1NxRA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 204 5013978.js Show response
bat.bing.com/p/action/ 0
117 B 68ms
67ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5013978.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 06 Feb 2024 17:35:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 27F5BE571C404F0C9F41F862DE79F296 Ref B: FRA31EDGE0107 Ref C: 2024-02-06T17:35:26Z
x-cache: CONFIG_NOCACHE

GET
BLOB 200
OK 74948a95-06ac-4b01-b4bb-2915c4fcd003
https://www.elfcosmetics.com/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elfcosmetics.com/74948a95-06ac-4b01-b4bb-2915c4fcd003
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec4707a8901d0e739b73b254330c67e1bac777e4678a036253bd109daa8fef3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

GET
H3 200 c69c204f-fba0-4685-aea8-ad32f799fa5d.js Show response
tr.snapchat.com/config/com/ 186 B
205 B 191ms
147ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/c69c204f-fba0-4685-aea8-ad32f799fa5d.js?v=3.9.0-2401311916

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

9a35922a6b3cdd53f2dbce919d6e801174ef11b8eb275e17bba7742e1d115beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
Origin: https://www.elfcosmetics.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.elfcosmetics.com
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186

GET i
tr.snapchat.com/cm/ Frame 4A7F 0
0

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 309ms
205ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7PFGPLHGYKX72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&fltp=analytics&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707240926300&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 06 Feb 2024 17:35:26 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: e9517bf822788
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
correlation-id: e9517bf822788
traceparent: 00-0000000000000000000e9517bf822788-e9d638ab6dea4d6d-01
x-timer: S1707240926.425528,VS0,VE161
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 17:35:26 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 119ms
118ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946302
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

POST
H2 200 productratings Show response
www.elfcosmetics.com/api/v1/ 298 B
839 B 563ms
562ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfcosmetics.com/api/v1/productratings
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/main.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4521b62ec39aade325758059085811a0b93e49b084aa06bcce0bead41aed726f

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amzn-remapped-content-length: 298
x-amz-cf-pop: EWR50-C1
age: 0
x-amzn-remapped-connection: close
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580413 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-amzn-requestid: 6a7a38ab-31cd-4429-80ff-8b362bf0fb96
x-cache: Miss from cloudfront
x-amz-apigw-id: SuYazFEBCYcEj2g=
content-length: 160
etag: W/"12a-6oX5YXAgnEcHSd+xqrZMBF3uM0E"
x-amzn-trace-id: Root=1-65c26dde-5d1e680a71ebadf15ab893e0;Sampled=0;lineage=2b75b0e9:0
content-type: application/json; charset=utf-8
x-yottaa-os: 200
x-yottaa-metrics: 3821cc02315d/[442,439,-] 38D1cc0231aa/[-,444.421]
x-amzn-remapped-date: Tue, 06 Feb 2024 17:35:26 GMT
x-amz-cf-id: BvhYTZlGuAhkmVjDm1uuArEgfGxNwwP-SR25ZrJR8dI11fNK4p5CKg==

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 58ms
57ms Image
text/plain 52.30.246.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=13.84.1&pid=1926&pn=1&sn=1&uu=2e29d576-eb87-ab57-8a7b-3fa13b11f0a5&dv=H4sIAAAAAAAAA0WMsQrCUAxFfyVkdnHtpq0VwVEKnUraBgnERF6DWor%2F7hOUjvdwzl1wt%2B%2Bqtjuq96RQukVyhQtPgQVWs9FNBmiFdYTD685J2AaecPPrVgbbHDSUhELc8vorZ3%2FCyYLt%2B1i6KvWesvRgqEUj53bF9wcxTAoRiQAAAA%3D%3D&ct=2&r=168857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.246.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-4.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:26 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
406 B 159ms
74ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1707240926491&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b3ba56f5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 5644922459411127
content-length: 172
pin-unauth: dWlkPU5qSmhOelppTmpRdE1XSXpOeTAwWTJWaUxUazNZall0WVdZNFptWmxOMll6WWpjeA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elfcosmetics.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: cfd4e862d9e3481a2f60d0bf6fccc06d9ddb0948
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame D269 40 B
2 KB 263ms
262ms Fetch
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_bb5afc0c9b_mtc6mzu6mjy&disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

07db4ac1f0efab00657070a16444c3e26a7ff82ead6d8d394d6690bc0c5b20f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_numhnacfzmymuvpacsidplhppphjzs&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVEtRVFGWUZkbUtOeHRaUkJvUmR2MmNodlFJLV9aUHZMMWpWTjlTRllDVHNlS1Q0T0hQS3JuVDJ5Smx4OGtXS25GSTdKWEVKTV9jVFNkYmYmaW50ZW50PWF1dGhvcml6ZSZjdXJyZW5jeT1VU0QmdmF1bHQ9dHJ1ZSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMiLCJhdHRycyI6eyJkYXRhLXNkay1pbnRlZ3JhdGlvbi1zb3VyY2UiOiJyZWFjdC1wYXlwYWwtanMiLCJkYXRhLXVpZCI6InVpZF9udW1obmFjZnpteW11dnBhY3NpZHBsaHBwcGhqenMifX0&env=production&scriptUID=uid_numhnacfzmymuvpacsidplhppphjzs&version=1.55.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 17:35:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
edge-cache-tag: up-treatments-hash
x-cache: MISS, MISS
paypal-debug-id: f2526713f0567
server-timing: "traceparent;desc="00-0000000000000000000f2526713f0567-86f444fa4103bcf1-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 57
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f2526713f0567-bf532a9edb885235-01
x-timer: S1707240927.532377,VS0,VE221
etag: W/"28-exw5SIvTtyrhed2gnxjZ2DwJ7+I"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: s-maxage=86400, max-age=0
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
399 B 132ms
73ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615235625530&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.elfcosmetics.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b3ba56f5%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1707240926517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 17:35:26 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: cfd4e862d9e3481a2f60d0bf6fccc06d9ddb0948
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 2220770924325769
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 48ms
48ms Script
application/javascript 2.16.1.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-akamai-request-id: 2774477d
date: Tue, 06 Feb 2024 17:35:26 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151541C24600940D693CC0364F
x-tt-trace-id: 00-240123151541C24600940D693CC0364F-5B94EE98C3A0A4FC-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-1-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b08062277ac0c2e98e64041b66c1b15306295a986812a0ebad68141093a9b5aeb1ae278850eb782d3df28abe2175afe74b6b5215d46993d31596c1dbc1363b1bb860f7805ba3b9d5f7068d3575b388fd73da4a282f9f02627c7bd1dc878dd4b5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 36988

POST
H2 200 performance_interaction
analytics.tiktok.com/api/v2/ 0
844 B 525ms
525ms Ping
text/plain 2.16.1.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/performance_interaction
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2e56bc3.277447a4
date: Tue, 06 Feb 2024 17:35:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240206173526D6ED39D76BF9CAFC7675-32A0F45276065574-00
x-cache: TCP_MISS from a2-16-1-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 458,2.16.1.181
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=368, inner; dur=365
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240206173526D6ED39D76BF9CAFC7675
x-cache-remote: TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 369,23.220.105.219
x-tt-trace-host: 018d063700e1cf17c08548c9ad121f23aafcf83d9247322c15e6661cd176d09659d551f46926f667113469749a1fb0744202dc4005602538f1b1c3394f7b51bbf89d9c759482163d0bb0fd45f45e3891d4e536c6fa91fc74d8d2777b85c7e91d33d753615b08f00eb4a8ef9c916bfa2c20
access-control-allow-headers: Authorization,*
expires: Tue, 06 Feb 2024 17:35:27 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
822 B 374ms
134ms Ping
text/plain 104.77.153.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.153.43 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-153-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 19ef9d7
date: Tue, 06 Feb 2024 17:35:26 GMT
x-bytefaas-request-id: 202402061735260457C55C84EABDE77224
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402061735260457C55C84EABDE77224-36E56A7617D101B1-00
x-cache: TCP_MISS from a104-77-153-39.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402061735260457C55C84EABDE77224
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 5.23
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01f15d691855a4ef9000967103417149142c11f8969c3b441c2bc71da0802c373ddf63c6500b6bd1f3e6f19f25693ff716d32bf11c144961eeb1e3bc51379148a8184b5dd4e96aa40a81d07205079e3f67da144b301d16650de24a754b46c9ae40
x-origin-response-time: 15,104.77.153.39
access-control-allow-headers: *
expires: Tue, 06 Feb 2024 17:35:26 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
838 B 193ms
192ms Ping
text/plain 2.16.1.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2e56be6.277447a5
date: Tue, 06 Feb 2024 17:35:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240206173526C511F6346FE78C532349-6171F4401525DC3F-00
x-cache: TCP_MISS from a2-16-1-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 129,2.16.1.181
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=45, inner; dur=41
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240206173526C511F6346FE78C532349
x-cache-remote: TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,23.220.105.219
x-tt-trace-host: 018d063700e1cf17c08548c9ad121f23aafcf83d9247322c15e6661cd176d09659d551f46926f667113469749a1fb07442e38cacb5eada81209b8a73ffe0a37b9499b271fe354139208c3de41675d85941866ecdd40adc6c9e4ab641ce2b64d64f814e11d311f6f29a9aeee8569dce23f7
access-control-allow-headers: Authorization,*
expires: Tue, 06 Feb 2024 17:35:26 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 127ms
45ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1638306756445368&ev=PageView&dl=https%3A%2F%2Fwww.elfcosmetics.com%2F&rl=&if=false&ts=1707240926575&sw=1600&sh=1200&v=2.9.145&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1707240926572.1214750291&ic=fbpixel&ler=empty&cdl=API_unavailable&it=1707240926244&coo=false&eid=1707241236203_170724119764611&tm=1&exp=e1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 17:35:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 136ms
41ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:44:19 GMT
content-encoding: br
age: 1291867
x-guploader-uploadid: ABPtcPrZ-5KfnxFnGmQBQdcU54YVtLjDpSN7IPSeD0jKg9qjm7baIcs47nzouHpIADeauPSLcw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Mon, 22 Jan 2024 18:44:07 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1705949047694544
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

POST
H2 200 p
tr6.snapchat.com/ 0
47 B 52ms
52ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST logger
www.paypal.com/xoplatform/logger/api/ Frame D269 0
0

GET
H2 200 main-v2_ebdc40144452b28a9e2494fb9b413c26.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 482 KB
105 KB 55ms
54ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_ebdc40144452b28a9e2494fb9b413c26.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 89b2a0533b9474d5d5c289ab743c84b54c90dd8ac0afd31dbe67de88aeabf61c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 14:32:34 GMT
content-encoding: br
age: 97372
x-guploader-uploadid: ABPtcPp-HXDMgGBfIUEwP4LXYnVMiRoI0Mzr0MR7gfXr-Sd3HOjCOKTHS2IEKcur9eDfcgYj4jA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107404
last-modified: Mon, 05 Feb 2024 14:32:16 GMT
server: UploadServer
etag: "25a4c458d8d13400c22ae2aff2beabcc"
x-goog-generation: 1707143536539182
x-goog-hash: crc32c=q4aRkg==, md5=JaTEWNjRNADCKuKv8r6rzA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 107404
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_1e55b565811f11b08485230cf1d150d6.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
16 KB 42ms
42ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_1e55b565811f11b08485230cf1d150d6.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:23:34 GMT
content-encoding: gzip
age: 2164312
x-guploader-uploadid: ABPtcPrdxOUSHBnr880ZDF5VqySp_B518yX9pSpyVR_qlU3nSXKGlZKoYGfOqeynjKllaw7vzQE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15751
last-modified: Wed, 13 Dec 2023 16:23:11 GMT
server: UploadServer
etag: "d7dc7d7ebcc4f5af5fc2d4804e7ec737"
x-goog-generation: 1702484591435387
x-goog-hash: crc32c=3TW0yQ==, md5=19x9frzE9a9fwtSATn7HNw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15751
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 568ms
151ms XHR
application/json 34.149.177.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.177.128 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 128.177.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 0e17304acd0bd22d001e4f6cf14509642dd52a04dcd07675c6a1684e1c7fb021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:27 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 824ms
151ms XHR
application/json 34.98.88.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.88.136 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.88.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 26e394c8bd847b5e9c4649a41eb1936db4fce85fbf462beed2a9a3f131bd761a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:27 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 1049ms
157ms XHR
application/json 34.95.121.138
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.121.138 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 138.121.95.34.bc.googleusercontent.com
Software: /
Resource Hash: f06af6f0b8bcb60ec1c3df3488d40a79056c34318f985aade2887f78109baa4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:27 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 181ms
48ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1e18eff08368c
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-00000000000000000001e18eff08368c-08c272d148f4abff-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 06 Feb 2024 18:35:26 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
840 B 388ms
387ms Ping
text/plain 2.16.1.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d09906af.2774491f
date: Tue, 06 Feb 2024 17:35:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402061735267FBE3A7852C678FA252C-3991803F66C3951C-00
x-cache: TCP_MISS from a2-16-1-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 300,2.16.1.181
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=210, inner; dur=205
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402061735267FBE3A7852C678FA252C
x-cache-remote: TCP_MISS from a23-48-200-48.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 210,23.48.200.48
x-tt-trace-host: 018d063700e1cf17c08548c9ad121f23aa119dff2d78d6230d41051aea75435f83e750141b2091ec2ea689b9a83891ce49e0ffe7f7438295abb81ab093698370688c9957a8ee7bdec283650833a19bed0fd7a0629f0c2bc876629d28b7685c3cb7046f34a7d9fc699a6366395c0a56d3fc
access-control-allow-headers: Authorization,*
expires: Tue, 06 Feb 2024 17:35:27 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 120ms
119ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:26 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946303
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

GET
H2 200 82292 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 74 KB
7 KB 342ms
341ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82292?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

40358306dfb4820c1a32e41b3ba3fc89ff02692453199b66762c5530cc27b2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526541ce481f9
via: 1.1 c5e0ddd115d9893ade353cf085d11dba.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580432 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=13
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82292?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526541ce481f9-IAD
x-amz-cf-id: Mo0UjuNCV0LMwcBvMTJtx0yx7V6RlObPrFpAMt5wHZnvPQJce_JeVw==
x-yottaa-metrics: 3821cc023167/[111,109,-] 38D1cc0231aa/[-,114.409]

GET
H2 200 22092 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 72 KB
7 KB 338ms
337ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/22092?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

d2d13ee7d5e1b53cb8875fd68d83e282923946cd62dffb8b60f4c1e3e1d8b8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526541f4759ce
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580433 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=22
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/22092?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526541f4759ce-IAD
x-amz-cf-id: xCXfFfCZNXSl5f8AG-fltOCrzbBvNaa92nylEJn2Bgo7LcpKtqNvvw==
x-yottaa-metrics: 3821cc023168/[99,98,-] 38D1cc0231aa/[-,101.653]

GET
H2 200 82004 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 69 KB
7 KB 340ms
339ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82004?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

43a3bff7e70106568a76f10e4ef2240647f5d0e7699b037321033201c6a6e1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526541aca3988
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580434 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=32
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82004?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526541aca3988-IAD
x-amz-cf-id: VOll2EQ3jh1HHoSvxfa8cq7XsrhvHNvwQ01_C3BDTKmlY1HMiXPQvQ==
x-yottaa-metrics: 3821cc023169/[108,105,-] 38D1cc0231aa/[-,110.164]

GET
H2 200 81789 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 209 KB
13 KB 453ms
452ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81789?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

1bfe98628a5ef77df8152ae76dab744b335056946626f57f8e554554942dfbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 8515265419b58260
via: 1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580435 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=32
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81789?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 8515265419b58260-IAD
x-amz-cf-id: NrDspvbn3968cqxisWqh7PvmvYoBnobJeWZWZQawYiMED1qbCsjFVQ==
x-yottaa-metrics: 3821cc02316a/[124,122,-] 38D1cc0231aa/[-,126.482]

GET
H2 200 85960 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 45 KB
6 KB 220ms
220ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/85960?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

c11e6ec05824d38cdf78c1b0a881bdcc9809bb9236cf41488544aebddbce561a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 8515265419567f7e
via: 1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580436 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=32
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/85960?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 8515265419567f7e-IAD
x-amz-cf-id: pC285cxZdg_4REKBkEzWQV0f1Fsbf-qSTRqza7dnZW-5ZmI20i2Nuw==
x-yottaa-metrics: 3821cc02316b/[91,90,-] 38D1cc0231aa/[-,93.212]

GET
H2 200 82292_d77759_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdb8d957b/2023/PoutCloutLipPlumpingPen/PinkyOut/ 309 B
936 B 135ms
121ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdb8d957b/2023/PoutCloutLipPlumpingPen/PinkyOut/82292_d77759_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 72d481f7a20131369585280bca5d51f098c22cf79a2dfe11bb5d4ce0e814c7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 46a179b8ac401f1f1def1c8690577c3e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444580 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1587932
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 309
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023161/[6,-,1705651389608] 38D1cc0231aa/[hit]
cf-ray: 847d8f40e9df8c1d-EWR
x-amz-cf-id: sr6MWChvq2_PDZkuOWHAHZFnFHtgckLC--VClBmQOfVAqwXOgNsA8w==

GET
H2 200 82290_efeee9_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1904084f/2023/PoutCloutLipPlumpingPen/InTheClear/ 289 B
916 B 136ms
123ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1904084f/2023/PoutCloutLipPlumpingPen/InTheClear/82290_efeee9_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 76cdc759e378fa1ef1f13fc5e60edbcc0670fab791b76e61d65bd74961e84d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444581 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1587932
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023162/[4,-,1705651389609] 38D1cc0231aa/[hit]
cf-ray: 847d8f40ef0e7c69-EWR
x-amz-cf-id: V62CPwQ2wqhYNcBBJYXNxpH18qeqOxORu9wl9eTrhzgO9QAAmlpFDQ==

GET
H2 200 82291_efeee9_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw22a61a5d/2023/PoutCloutLipPlumpingPen/JustPeachy/ 303 B
927 B 251ms
238ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw22a61a5d/2023/PoutCloutLipPlumpingPen/JustPeachy/82291_efeee9_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: fc69e12a63b78030d4236815d85bce291387c1b845927d50cd6fb71ba64109d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 619f2eec0ea05d2ce0279df117eb9a0c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444582 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1587932
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023163/[5,-,1705651389613] 38D1cc0231aa/[hit]
cf-ray: 847d8f40fd7242e3-EWR
x-amz-cf-id: DRWg6Z_2riLcKXcj1_K4ZR-leooj-bOpAm9g23_HKcociZnwEeyJdw==

GET
H2 200 82293_b15c42_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw316cf920/2023/PoutCloutLipPlumpingPen/Toasted/ 309 B
935 B 253ms
240ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw316cf920/2023/PoutCloutLipPlumpingPen/Toasted/82293_b15c42_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 72d481f7a20131369585280bca5d51f098c22cf79a2dfe11bb5d4ce0e814c7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444583 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 1587932
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 309
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Tue, 18 Feb 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023164/[4,-,1705651389618] 38D1cc0231aa/[hit]
cf-ray: 847d8f40fed1c343-EWR
x-amz-cf-id: aNekqnYtcZRN8gJ1L1Xj2ZdOygcY8ehMXcUL-gqsd4JL-ETpk3zYYw==

GET
H2 200 82294_6f4335_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw05471bf3/2023/PoutCloutLipPlumpingPen/BustaMauve/ 310 B
909 B 259ms
246ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw05471bf3/2023/PoutCloutLipPlumpingPen/BustaMauve/82294_6f4335_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 521b556af81f230eb308ac3dacc6848e359a524f58ad9b31bc7f218664d7ee7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 73c72f4ba985fa512968a14b5bd2f576.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: JFK52-P1
age: 1587932
x-amzn-requestid: d4f9fe9e-1c4e-4208-bdf8-30dea2e40c1f
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444584 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvftGMuIAMEX3w=
content-length: 310
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c64-5d85383937ac686800792934;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023165/[4,-,1705651389622] 38D1cc0231aa/[hit]
cf-ray: 847d8f40fe59439a-EWR
x-amz-cf-id: 15pL0YuFeQ8KuNl2r-9FgZhDX0ysCZF3SkdZpZxpR32ASp4Fo_QlIQ==

GET
H2 200 82295_902939_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5509677c/2023/PoutCloutLipPlumpingPen/PlumOnOver/ 312 B
909 B 256ms
244ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5509677c/2023/PoutCloutLipPlumpingPen/PlumOnOver/82295_902939_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b6045de830d5a1427b1d82ad89e8719f0679efa99be8aae15ab76cef2fa9d60e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 a7c9fe7eb79f698774d5b4dbc632cf68.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: JFK52-P1
age: 1587932
x-amzn-requestid: ad1a69d0-cc84-41a3-8e68-922856bff24a
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444585 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvfjFBNoAMEa5g=
content-length: 312
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c63-7497ec812c7a30f34ce486bd;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023166/[5,-,1705651389632] 38D1cc0231aa/[hit]
cf-ray: 847d8f4108a34405-EWR
x-amz-cf-id: d9RLB-amVo9lE4P94EqBSmsazFt98rYbcTUFCabmuLsD5tscYxFCwg==

GET
H2 200 82296_cc262f_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw41aced7b/2023/PoutCloutLipPlumpingPen/RedMyMind/ 311 B
910 B 254ms
242ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw41aced7b/2023/PoutCloutLipPlumpingPen/RedMyMind/82296_cc262f_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d9f35b91794a215842c6dd0689adc9a714a9a321e368b1b4cbcfcad98113c6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 6c1e463b1907685097cce9e63f1cf75a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: JFK52-P1
age: 1587932
x-amzn-requestid: 2b21a53c-0d00-41cd-8c6f-09667ee64619
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444586 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvfhFe_IAMEnSg=
content-length: 311
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c63-0566b25b391d0c94180c6724;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023167/[4,-,1705651389626] 38D1cc0231aa/[hit]
cf-ray: 847d8f4108e142c8-EWR
x-amz-cf-id: sqP8FpzZBgG8-BYdMfvIRdvSXslHxMHrtxpvOiTbqWFFLIsJ9sBnRg==

GET
H2 200 82297_561f10_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw76cf3bb1/2023/PoutCloutLipPlumpingPen/WickedCherry/ 315 B
912 B 257ms
245ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw76cf3bb1/2023/PoutCloutLipPlumpingPen/WickedCherry/82297_561f10_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f524d22c03b99f5dac2d22e9987e41bbf29c83972ec1f023e2fdb3f7c374333f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 64d968aa0a0b58a1d00cb142d02b0ac0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: JFK52-P1
age: 1587932
x-amzn-requestid: 183bd5c8-5447-4355-9af3-39c3ccb18869
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1705527385-7322444587 tts/1704308418854 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
x-amz-apigw-id: RxvfhFmKoAMEP7A=
content-length: 315
x-yottaa-forcecache: true
x-amzn-trace-id: Root=1-65aa2c63-3cfa5f3d6a40923612f2fa1e;Sampled=0;lineage=36621fcf:0
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023168/[4,-,1705651389629] 38D1cc0231aa/[hit]
cf-ray: 847d8f410e1c4406-EWR
x-amz-cf-id: 37riV46z5dDhusVTTNZSwXvmNkuW53d6MQpraCOGMn12YM5ild1mNA==

GET
H2 200 22092_c27b75_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw094bb7a8/2023/CreamGlideLipLiner/ 303 B
895 B 373ms
361ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw094bb7a8/2023/CreamGlideLipLiner/22092_c27b75_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 1b054a2373ab46b72eac91fa53871f6fdd4469ec90e9aae0fcbb46342e9c69b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 79f9fb603ee37517dbf3cd108c449392.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494659 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02315a/[4,-,1702310603707] 38D1cc0231aa/[hit]
cf-ray: 833ef5190bc38cc6-EWR
x-amz-cf-id: Pc3v9ZHb0EI6AHyYVlJpbqhXlAId-pOZbh-Z42wz1_0_GmJHC72XeQ==

GET
H2 200 22090_8b645c_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw95683555/2023/CreamGlideLipLiner/ 306 B
899 B 376ms
364ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw95683555/2023/CreamGlideLipLiner/22090_8b645c_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 7edc838de142afdde6ee28ab5df6c24df48525959a77805928b7673357040953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494660 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 306
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02315b/[4,-,1702310603712] 38D1cc0231aa/[hit]
cf-ray: 833ef5191a63c41d-EWR
x-amz-cf-id: 0Rx7K_ZdNhXD7chFfkXgZKXdtLwBxb3OsDMGMtTsuTiqQHsGTD3eOA==

GET
H2 200 22091_be7472_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweac2d3e5/2023/CreamGlideLipLiner/ 303 B
895 B 378ms
366ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dweac2d3e5/2023/CreamGlideLipLiner/22091_be7472_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5398968be9f49371bc4215a9cb5cad38269ab93075b72dac187f45ae3ba04ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494661 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02315d/[4,-,1702310603744] 38D1cc0231aa/[hit]
cf-ray: 833ef51919508c59-EWR
x-amz-cf-id: Owucwstt397zXqklpmg2nLZ-TukLgVWO8SX1NzL42OT2RRwsgRcwGA==

GET
H2 200 22094_9e5755_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2dd0c30c/2023/CreamGlideLipLiner/ 310 B
902 B 379ms
368ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2dd0c30c/2023/CreamGlideLipLiner/22094_9e5755_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 2e72d5ff50ff3eacfa59b2ffad79b937577aeabfbacfe9a0b4f68192c4b3cfe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494662 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 310
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02315c/[4,-,1702310603741] 38D1cc0231aa/[hit]
cf-ray: 833ef5192dfd4407-EWR
x-amz-cf-id: 3M4Rc0pq78jUpHwTpvezvgO_YdBarsNdL2xr0W0zxlz8JuuIEhQpaQ==

GET
H2 200 22095_a57368_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5f33333b/2023/CreamGlideLipLiner/ 303 B
898 B 380ms
369ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5f33333b/2023/CreamGlideLipLiner/22095_a57368_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5e7fa7d432773d5968e98fe4118396e67e1ebe4085a5bee83b57bce0bbf5e8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494663 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02315e/[4,-,1702310603732] 38D1cc0231aa/[hit]
cf-ray: 833ef51929ec18ea-EWR
x-amz-cf-id: UKy5KQLX2rL5EOPBNO2wN7r3UTKVOfy_DeKRMNm1RdTJJOMcV6YEVQ==

GET
H2 200 22096_92674c_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwa98a9212/2023/CreamGlideLipLiner/ 302 B
894 B 382ms
370ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwa98a9212/2023/CreamGlideLipLiner/22096_92674c_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e823d829f383704a61c26381c7010a9af9851c52cb93c831a8c73a0127f04e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 cb7f1fdf6954dd7324e8117a63207a3c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494664 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 302
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02315f/[5,-,1702310603745] 38D1cc0231aa/[hit]
cf-ray: 833ef519382f0f60-EWR
x-amz-cf-id: NBBPok52H-NOP6YvqT1KKNterQgcIgLRReyCW_eEP7baPFR_OR55gw==

GET
H2 200 22097_f54b4a_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbc79dfb4/2023/CreamGlideLipLiner/ 303 B
895 B 383ms
255ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbc79dfb4/2023/CreamGlideLipLiner/22097_f54b4a_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 644369dc2f4a20a6681cdc05e12af7d050996a4da8bc083b0bb12ae2cde7b3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494665 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 303
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023161/[5,-,1702310603747] 38D1cc0231aa/[hit]
cf-ray: 833ef5193c0042e0-EWR
x-amz-cf-id: NC9YnkVpSMsYAwJR4zH0-zbsGQ7lp5cSyzq1Fdv7f_NGbfMhSwJatg==

GET
H2 200 22098_793454_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1e170385/2023/CreamGlideLipLiner/ 315 B
907 B 384ms
256ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1e170385/2023/CreamGlideLipLiner/22098_793454_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ed569a029a60a5accbcc447951f2958f4dbd7037fb721a60d3b91d8cd71ee8e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 78151a5252ddc63300143dbe81b1f0c4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494666 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929935
content-length: 315
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023160/[5,-,1702310603764] 38D1cc0231aa/[hit]
cf-ray: 833ef5194a0943a9-EWR
x-amz-cf-id: ZXRXtEsLLg9XSdD1ngKK_p3wdclyEoBRP_FieaHN0oTuORZ7X1Slug==

GET
H2 200 82004_edbec6_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw878b70f1/2023/GlowReviverLipOil/ 290 B
881 B 385ms
257ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw878b70f1/2023/GlowReviverLipOil/82004_edbec6_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 701923e7612fdd51b1ae0ea1009d390d0685c9a261def001e1e534848ce61349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494694 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02317b/[5,-,1702310603641] 38D1cc0231aa/[hit]
cf-ray: 833ef5189e5b4321-EWR
x-amz-cf-id: q6K4OEX7xbVx6eRHF0o64hkiHSp0bOlAapUCNtqu35RDoBfT6v3PuQ==

GET
H2 200 82005_834f42_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3bddec38/2023/GlowReviverLipOil/ 289 B
880 B 492ms
365ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3bddec38/2023/GlowReviverLipOil/82005_834f42_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 22b8be33763fcc8bbd3b4aef547439cd7e7159f9cb384e131d35d235d4b9c682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494695 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02317c/[7,-,1702310603644] 38D1cc0231aa/[hit]
cf-ray: 833ef5189fcec360-EWR
x-amz-cf-id: QkvTWye7KhiDKMrZtQ-eXzfVWuXaDPDi8ITbibjm3lJdipRO1pPnSQ==

GET
H2 200 82006_c73840_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2843e53e/2023/GlowReviverLipOil/ 290 B
881 B 490ms
363ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2843e53e/2023/GlowReviverLipOil/82006_c73840_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 7094e19560bf043abd04be7f51dc7d27886f902d377efb7c07718f6133438fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494696 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02317d/[5,-,1702310603652] 38D1cc0231aa/[hit]
cf-ray: 833ef518a9fd32fa-EWR
x-amz-cf-id: QkQNByWGw_PcPPk93wrbmgxxWWF7Al5GTm-QmHeUNaayPmL9we9GOg==

GET
H2 200 82007_ffc2b4_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw58337410/2023/GlowReviverLipOil/ 290 B
880 B 386ms
259ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw58337410/2023/GlowReviverLipOil/82007_ffc2b4_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 39fff1d57d4226f0cb30a7f938b3ed28f1e48dcf2b92b8da1dee9de6afd47317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494697 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023184/[3,-,1702310603657] 38D1cc0231aa/[hit]
cf-ray: 833ef518bce1c431-EWR
x-amz-cf-id: Nk6b833BQekVrycQg7bwFJhk4LoElbhFKCTxStxGmYIs5kg7Qn-yAg==

GET
H2 200 82008_ed3959_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw9eef22b8/2023/GlowReviverLipOil/ 290 B
882 B 486ms
360ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw9eef22b8/2023/GlowReviverLipOil/82008_ed3959_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9f3932674ce8ead7ddc5fe72934f296a637d9da3784b5eb0aaceff52bed4fea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 29cb8c298da4d2ced72495e99456ecc8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494698 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Miss from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02317e/[6,-,1702310603863] 38D1cc0231aa/[hit]
cf-ray: 833ef518dfd10f91-EWR
x-amz-cf-id: Yum13mPtjV9-8UzXwp2HnocEiPWatZU5dV-fKZlJ77OhCUYnWxbIkg==

GET
H2 200 82009_892b33_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwba1f3dc8/2023/GlowReviverLipOil/ 290 B
883 B 491ms
366ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwba1f3dc8/2023/GlowReviverLipOil/82009_892b33_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 181e93bf2e7a124cdd270932c1c6d7470ced40d6e6eea76092c6ae5a8df764ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 75e95d402c844985152ed9360801af06.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494699 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02317f/[4,-,1702310603683] 38D1cc0231aa/[hit]
cf-ray: 833ef518c885c409-EWR
x-amz-cf-id: HCZ4lwQUGnFx9JNKyRl4VDCm6EJ-6ZI6wwmBXRRhyDDVa7lFlZ62mA==

GET
H2 200 82010_efefef_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdc8c726c/2023/GlowReviverLipOil/ 162 B
753 B 493ms
368ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwdc8c726c/2023/GlowReviverLipOil/82010_efefef_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: cfa5c45522b2dd9681f2f6096c44b4818c1de789e03624fa89571f26cd845cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494700 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 162
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023180/[5,-,1702310603677] 38D1cc0231aa/[hit]
cf-ray: 833ef518defc1825-EWR
x-amz-cf-id: KlCSiyACtSNrHDQSJsWdyJ4PBtuSmQUQzkz9eapXfFpBHQyuuRm-Lg==

GET
H2 200 81789_923836_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw72f8ede1/2023/OFaceSatinLipstick/ 290 B
880 B 494ms
369ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw72f8ede1/2023/OFaceSatinLipstick/81789_923836_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 256e37934c207356811c6351ca463f0b711ecf706b52137b5e76f3b068860cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 55111e952110eb701257618e8e013998.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: MSP50-P2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494705 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023186/[6,-,1702310866787] 38D1cc0231aa/[hit]
cf-ray: 833efb84ee4c42c3-EWR
x-amz-cf-id: SWRdTjKricsR0fyOnLPTePskK7y7PdqYy5s-U6MsQmB7H5rWZE7IyQ==

GET
H2 200 81781_a65e4f_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw06b8b34a/2023/OFaceSatinLipstick/ 290 B
881 B 494ms
370ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw06b8b34a/2023/OFaceSatinLipstick/81781_a65e4f_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 48ef0dc66a8a286b38d5944718583de3e545a21cc76a68be63a50b5466baa5cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494702 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023182/[5,-,1702310866744] 38D1cc0231aa/[hit]
cf-ray: 833efb84ed254407-EWR
x-amz-cf-id: qPzHQzjZpUL8HDu07leu2lTJ4j_ib-L4iGGBaZu4ed2htQHMjlwjMA==

GET
H2 200 81785_cc7e79_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7eaa8780/2023/OFaceSatinLipstick/ 290 B
880 B 495ms
371ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7eaa8780/2023/OFaceSatinLipstick/81785_cc7e79_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f77ae8b7ccd1e3fe3fe4d25f86895c30af899b8ca2b97efa5ce7faec4e111542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 e6acd25be4e8f28d7a25f72c24c4380a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: MSP50-P2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/38D1cc0231aa-1702308518-7766494701 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023181/[3,-,1702310866660] 38D1cc0231aa/[hit]
cf-ray: 833efb843de3425f-EWR
x-amz-cf-id: tL1YdJQHzi8osfUtUsjnMwvRuhdKvWH6V6LAxZ_wTqG4sjbb6E4vNQ==

GET
H2 200 81786_8b5437_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe1f13951/2023/OFaceSatinLipstick/ 290 B
880 B 496ms
372ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe1f13951/2023/OFaceSatinLipstick/81786_8b5437_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 96c3df039232309bcd492159531e5f842a518033b80257d12a41cf11f2406b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 11ab138d0b995a9fa4daabbae7fc0b0c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494703 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023183/[5,-,1702310866726] 38D1cc0231aa/[hit]
cf-ray: 833efb84eb378c59-EWR
x-amz-cf-id: dUoCi6cRTYqlcQOTNGu62nvVZazG_TlfCC1P7YRAjf97m8mWN0E8Cg==

GET
H2 200 81787_985b65_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw02195ef7/2023/OFaceSatinLipstick/ 290 B
882 B 497ms
257ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw02195ef7/2023/OFaceSatinLipstick/81787_985b65_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: dd465d2dec1267933c3b50dfea44c34c81c76c7c411c13154486ef85e8c3a128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 2d5ae77baf1e996b29b17b6541abf9c2.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494704 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023185/[4,-,1702310866750] 38D1cc0231aa/[hit]
cf-ray: 833efb84fd1e18ea-EWR
x-amz-cf-id: yuGGry0T-HeOhis9Ul4RD4Y3sLGBg3JXVkLB15ESZqz9l6qR5Pw5qA==

GET
H2 200 81790_af5340_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw000126c6/2023/OFaceSatinLipstick/ 290 B
882 B 498ms
258ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw000126c6/2023/OFaceSatinLipstick/81790_af5340_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f0cee144505e4df51da3ec75c5a3dee2264d201c32bc80df1969b2082d019eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 119a6678daa8460130f2575d73df9ee6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494706 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023187/[4,-,1702310866744] 38D1cc0231aa/[hit]
cf-ray: 833efb84fa1ac41d-EWR
x-amz-cf-id: OqWMjff43PyVybctmrF2KSpmeRSQemRMMN1CFAIIdFRchMYX6HUTow==

GET
H2 200 81791_85474b_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5ad87613/2023/OFaceSatinLipstick/ 290 B
882 B 518ms
277ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5ad87613/2023/OFaceSatinLipstick/81791_85474b_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d8f63055f392b204f4fb9e9ec7f4d03f17c6b235182bfa62621396a76d3a0d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 6e131451bd3f2f00145987b931606ec0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494707 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023189/[5,-,1702310866738] 38D1cc0231aa/[hit]
cf-ray: 833efb84ffd50f60-EWR
x-amz-cf-id: DMY7ECujrm_xiuQpZJH50lhE9WZ-MIBvkP3nSuDr3UBF36rfwqRoaw==

GET
H2 200 81793_d6a483_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7feacfa4/2023/OFaceSatinLipstick/ 290 B
882 B 515ms
275ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7feacfa4/2023/OFaceSatinLipstick/81793_d6a483_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 58f8b28f51a6cf18779d85e9760aff99a636b0cc770634252f56fd1224445ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494708 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023188/[4,-,1702310866739] 38D1cc0231aa/[hit]
cf-ray: 833efb84ea158cc6-EWR
x-amz-cf-id: SyyAFsa2kjAMPHxS-Me_gvergf0oWhTzqGxhYzDVqk_2qUYUFBvp7Q==

GET
H2 200 85960_b78066_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1bcce985/2021/ 290 B
881 B 516ms
276ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw1bcce985/2021/85960_b78066_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: f79eb41c3a197f45707f482b689b7845fd9c069519a1edb610230a4870a9122d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 3aa2aa1b7b816f70e94675c9a63f98d0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766495051 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929895
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02314e/[5,-,1702310866709] 38D1cc0231aa/[hit]
cf-ray: 833efb84be0dc409-EWR
x-amz-cf-id: 4NBSWEz8G92du-WTm9d0tn55mh3FFhD1zap_90w0wepLsVLQBV_30Q==

GET
H2 200 85961_c1827e_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw4379c720/2021/ 290 B
882 B 519ms
279ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw4379c720/2021/85961_c1827e_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a2fc4569fdc0b5d60e03c34a75957431a6c6e06d7af7b599876068d61e2f8d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766495052 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929895
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02314f/[6,-,1702310866660] 38D1cc0231aa/[hit]
cf-ray: 833efb848afd32fa-EWR
x-amz-cf-id: mf3kFcFjfIA0C_14_RpaY5uW4WvRmdHhT2DVAi9F_k_CNDf6eJxhrQ==

GET
H2 200 85962_916366_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6fc01785/2021/ 290 B
881 B 520ms
280ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw6fc01785/2021/85962_916366_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d0a088110f86dbad05069f5026219709675de2936b9b494ffe598cc50e3c8b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766495053 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929895
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023150/[6,-,1702310866728] 38D1cc0231aa/[hit]
cf-ray: 833efb84e89f1825-EWR
x-amz-cf-id: XTllcztBI2xsLa8JJ64RA9zV72Rcgp7gISza1BSICm3j02rQIdC8Lw==

GET
H2 200 85963_8d5c44_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb29c0f5d/2021/ 289 B
879 B 521ms
282ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb29c0f5d/2021/85963_8d5c44_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 8fee9c64f65dab04c91790f9086e3bffd10136cf0ac1c0de4bd15fc2a7f7788d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 3ea7dd920772e2ffb2371e107e093dfc.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766495054 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929895
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023151/[5,-,1702310866704] 38D1cc0231aa/[hit]
cf-ray: 833efb848cce0f91-EWR
x-amz-cf-id: 1KK7U7-xIcddgGAEJ4x6UoqgzoGo5mxEaoIhmbOls2yIzV2vwlSv9g==

GET
H2 200 85964_cc5152_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0da40873/2021/ 290 B
880 B 532ms
293ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0da40873/2021/85964_cc5152_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 7baac448a67e8eac98e1bcba93f75d5bf3fb0c5c5fd5742fc5419eb187520ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766495055 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929895
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023152/[4,-,1702310866677] 38D1cc0231aa/[hit]
cf-ray: 833efb848eff4321-EWR
x-amz-cf-id: uBaME0DasT90pPw0bLyTZlWu2iE2olcsvgMhiyPHl26n6nN0som5zw==

GET
H2 200 85965_c33253_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe10c3691/2021/ 290 B
881 B 533ms
294ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe10c3691/2021/85965_c33253_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: aaa0521eb89dcca04567e4f63e71a3ccc04075391ad07b06e4362c7428e0fd50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766495056 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929895
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023153/[5,-,1702310866665] 38D1cc0231aa/[hit]
cf-ray: 833efb847852c360-EWR
x-amz-cf-id: KTYi4AExL6-k9-YbtNjaoVA-caWFW6mvTYsO_jyW3V5TPz8B8NNo8A==

GET
H2 200 85966_963a51_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw481cfdba/2021/ 290 B
881 B 600ms
361ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw481cfdba/2021/85966_963a51_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: db3d9630fdd0f8c1c751ea3f4c70b80ece69c13450fbba151972d8a2d98d057d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
via: 1.1 79f9fb603ee37517dbf3cd108c449392.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766495057 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929895
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023154/[3,-,1702310866639] 38D1cc0231aa/[hit]
cf-ray: 833efb843efd4352-EWR
x-amz-cf-id: Gkm1iT1PvOoem6rvnbaN8njK0hTe6MgCmno046wPvC7eAb8dEwJYTg==

POST
H3 200 p
tr.snapchat.com/ 0
15 B 61ms
57ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.elfcosmetics.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 exist Show response
srm.ba.contentsquare.net/ 2 B
94 B 211ms
66ms Fetch
application/json 34.241.27.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srm.ba.contentsquare.net/exist?v=13.84.1&pid=1926&pn=1&sn=1&uu=2e29d576-eb87-ab57-8a7b-3fa13b11f0a5
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.27.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-27-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 17:35:27 GMT
content-length: 2
content-type: application/json

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 10 KB
3 KB 143ms
41ms Script
application/javascript 18.66.122.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-54.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:21:50 GMT
content-encoding: gzip
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 11:26:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 818
x-amz-server-side-encryption: AES256
etag: W/"d34fe38d39e71cd6ace9ab1bfc0bb10a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: -fSvRIqLFJHmgAsN1M3ZAhAiE4_DTBypBcQqdzNJpuMdvs7y7JJXyw==

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 170ms
170ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5293e3d1f06d73bbd75b83ab1fd1e3020fd5fc1143e2d628d09cd6dc56f9b427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
x-cdn: fastly
age: 6526
etag: "ac8a351969e6397350708173ca06e5ca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4045

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 6A66 565 B
402 B 127ms
122ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 17:35:27 GMT
pinterest-version: cfd4e862d9e3481a2f60d0bf6fccc06d9ddb0948
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1487495292446003

GET
H3 200 inbox-v2_c555afbb18897f16008370a417a91834.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 60ms
60ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_c555afbb18897f16008370a417a91834.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c80ba44f61dd8c09ce0c57ca565f286b8bbb3f5ca6cb1fe882ad0d174eaafd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:43:41 GMT
content-encoding: br
age: 1291906
x-guploader-uploadid: ABPtcPoXvcuDtNHKM6ef615j71gHzDh9xe3wAZ61TpWSkXrKYRy8zycB4saf8o6uVFOcnXjOiYQ_-cBFwA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4860
last-modified: Mon, 22 Jan 2024 18:43:27 GMT
server: UploadServer
etag: "9f22ee70a9494b465aa6cccf0424e225"
x-goog-generation: 1705949007615648
x-goog-hash: crc32c=ugxA6Q==, md5=nyLucKlJS0ZapszPBCTiJQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4860
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 sms-v2_e39203556bab2366e56296ce42e974a7.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
1 KB 59ms
59ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/sms-v2_e39203556bab2366e56296ce42e974a7.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:44:30 GMT
content-encoding: br
age: 1291857
x-guploader-uploadid: ABPtcPrGEcN62WLfCc2Ee8s6nXYOmt43GKac8QDMDFr5ocUVdFw_sGgP8R-dsciI_9jEXSZkAya6XcYvPQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1303
last-modified: Mon, 22 Jan 2024 18:44:14 GMT
server: UploadServer
etag: "684b816ff7fa85526ab4b729fb5f0c91"
x-goog-generation: 1705949054010429
x-goog-hash: crc32c=ikqFlg==, md5=aEuBb/f6hVJqtLcp+18MkQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1303
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 61ms
61ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_1e65144eaf4e12878292a8065df4997d.br.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7bcce32f4ef85233e030a2e0f1a2a81aefab5d602d45c655b1ff5f068ac8abb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 18:44:05 GMT
content-encoding: br
age: 1291882
x-guploader-uploadid: ABPtcPpzokSUUtzblhLvk5vARy-xHpvDAEa3_AFJQyqCqow-WeQF24jUi3PbhhnZUbITJFJjxLU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4963
last-modified: Mon, 22 Jan 2024 18:43:50 GMT
server: UploadServer
etag: "aaf913c9914c1e9a66cc88a9a0b151cd"
x-goog-generation: 1705949030274423
x-goog-hash: crc32c=jDxLwQ==, md5=qvkTyZFMHppmzIipoLFRzQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4963
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 valetines-day-2024-01-29-image-4_D-min
cdn.media.amplience.net/i/elfcosmetics/ 171 KB
172 KB 41ms
41ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-4_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

2d20903227f36798b79adec5bbd810679d27fe0abed0d698813e8f769df046fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: qhO9uXHAy,l4p5bDg2e,1TZJXD2Ju,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: uuXo0IaUDE
content-length: 175384
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 343ms
343ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:27 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946304
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

GET
H2 200 new-9FAEE5
cdn.media.amplience.net/i/elfcosmetics/ 178 KB
178 KB 50ms
49ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/new-9FAEE5?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

774750eac984a3f73fcf8aef4926b4ed999600b51caf9b635cf6d5617e4cae90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: _IlsKJwxX,l4p5bDg2e,mF-g78ke7,tJjh4FgGa,DtzGFM5oJ
x-req-id: Fj1PpnAEsK
content-length: 182202
x-xss-protection: 1; mode=block
x-amp-source-height: 96
server: Unknown
x-frame-options: DENY
x-amp-source-width: 112
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Sun, 10 Sep 2023 03:38:07 GMT

GET
H2 200 BestofBeauty_2023
cdn.media.amplience.net/i/elfcosmetics/ 217 KB
217 KB 55ms
55ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/BestofBeauty_2023?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

c62eb4f0c14c8b5734e56be81f06374ca9171415d6dde6d87f2812d916055bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: _UGy8lvte,l4p5bDg2e,mF-g78ke7,Pkjy1BsHj,Cqm_p3RsQ,DtzGFM5oJ
x-req-id: b2BCzzyqfK
content-length: 221764
x-xss-protection: 1; mode=block
x-amp-source-height: 422
server: Unknown
x-frame-options: DENY
x-amp-source-width: 421
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Tue, 19 Sep 2023 21:22:09 GMT

GET
H2 200 badge-gone-viral
cdn.media.amplience.net/i/elfcosmetics/ 100 KB
100 KB 47ms
47ms Image
image/webp 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/badge-gone-viral?%24Desktop%24=&fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

11bda28dd29d065faff41cdb718b856ca5e49f3022115bff4788b0542ba9d3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: C7XBuMggF,l4p5bDg2e,mF-g78ke7,3i2hWg6BQ,DtzGFM5oJ
x-req-id: DMHdf4SJq5
content-length: 102504
x-xss-protection: 1; mode=block
x-amp-source-height: 1404
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1404
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Sun, 10 Sep 2023 03:00:01 GMT

GET
H2 200 82421 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 76 KB
7 KB 339ms
339ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82421?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

c59da09c3ff7952882ffc1fc1fcdcc1cd82590d1f42ea3f300327bcfb1fc0bc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526594f0d82f3
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580492 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=46
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/82421?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526594f0d82f3-IAD
x-amz-cf-id: NInNvPr0AvKEC4_zNnu32U4ZiTFhsYrw1abQOwNb5KxgK_dcSlkTTQ==
x-yottaa-metrics: 3821cc02317c/[129,125,-] 38D1cc0231aa/[-,131.329]

GET
H2 200 81588G Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 39 KB
6 KB 337ms
336ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81588G?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

eab44c4c692bd138ca964812c04bb452c88bcf03f53055d6edcc606da9dc5803

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526594d0438ac
via: 1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580493 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=5
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/81588G?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526594d0438ac-IAD
x-amz-cf-id: eIndvgg5hhiDm6tonAucckqFDteZKm2fw602-YsJyMkyjpEcnSLgKQ==
x-yottaa-metrics: 3821cc02317d/[95,93,-] 38D1cc0231aa/[-,97.103]

GET
H2 200 83567 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 142 KB
10 KB 338ms
338ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/83567?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

2735b019967ea4e1396e69583d8dce1bd9a82b4f0079c26c0e957bf9c7241dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526595ff58260
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580494 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=46
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/83567?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526595ff58260-IAD
x-amz-cf-id: hmvg8obzwqx52KJLjmiULuRZlw4hvUVi2UILIL4sd0IjUwNPPSYKvw==
x-yottaa-metrics: 3821cc02317b/[124,121,-] 38D1cc0231aa/[-,125.938]

GET
H2 200 84700 Show response
www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/ 73 KB
8 KB 214ms
213ms Fetch
application/json 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elfcosmetics.com/mobify/proxy/api/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84700?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us

Requested by

Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),

Reverse DNS

Software

Resource Hash

6a2c860f67ee2a53273dd349b7d57b78d493559419c1dfa0ebc7f963957aedfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
x-pwa-request: true
Authorization: Bearer eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-correlation-id: 851526594b2381e5
via: 1.1 7f59e30d6672b7ea91c10bca6108d29a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-yottaa-optimizations: ob/1000 si/38D1cc0231aa-1707237389-1660580495 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Miss from cloudfront
age: 0
allow: GET,HEAD,OPTIONS
vary: accept-encoding
content-type: application/json;charset=UTF-8
x-ratelimit-remaining: 999
cache-control: private,max-age=5
x-yottaa-os: 200
x-proxy-request-url: https://6p9dgqhn.api.commercecloud.salesforce.com/product/shopper-products/v1/organizations/f_ecom_bbxc_prd/products/84700?currency=USD&locale=en-US&allImages=true&perPricebook=true&siteId=elf-us
x-ratelimit-limit: 99999
accept-ranges: bytes
cf-ray: 851526594b2381e5-IAD
x-amz-cf-id: zHRMDqgayLaEqhc2AOSAfPDrdVGeC7isMRkDcXOoRJspKdbfrGOC9A==
x-yottaa-metrics: 3821cc02317a/[89,86,-] 38D1cc0231aa/[-,90.250]

GET
H2 200 82421_8a1227_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5b6d6050/2023/CamoLiquidBlush/ 317 B
909 B 150ms
137ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw5b6d6050/2023/CamoLiquidBlush/82421_8a1227_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: e44d9f1131ad40d59d181647ff28fe44048f8634d9edc98434d20eb0c486103b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 e11cadb582e1707cafaebffffaca42e0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194961 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 317
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023172/[4,-,1702862777509] 38D1cc0231aa/[hit]
cf-ray: 83739de74d05c46d-EWR
x-amz-cf-id: MivRvmNfo9V8AK6xZJUG8QRDIuTmADEcCMeRENiffwRupAY2ggEZBQ==

GET
H2 200 82415_ed9170_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw50c1d8e1/2023/CamoLiquidBlush/ 297 B
889 B 152ms
139ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw50c1d8e1/2023/CamoLiquidBlush/82415_ed9170_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 668aa9986154c66db7b479ade413370fec61bdc181337553f80f5fdc01990c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 7f59e30d6672b7ea91c10bca6108d29a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194959 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 297
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023170/[4,-,1702862777509] 38D1cc0231aa/[hit]
cf-ray: 83739de74f044309-EWR
x-amz-cf-id: Jxh3D-GHkYb8ylQkwtNLSP1aCUTPApDNW9O2AmTEiJeVySOO6MHyCg==

GET
H2 200 82416_c97261_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73f9861a/2023/CamoLiquidBlush/ 304 B
894 B 153ms
141ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw73f9861a/2023/CamoLiquidBlush/82416_c97261_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6b02f9e36822c74ddfebf00ddefddc4e0de3eccf0561ee9957f66e6db9b189d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 00fd85d5c5d5bd788f272591be9ecbca.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194958 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 304
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316f/[4,-,1702862777503] 38D1cc0231aa/[hit]
cf-ray: 83739de749610f74-EWR
x-amz-cf-id: oqdaWJ_7ovcede01QY0d5yOoiNHRHs1bHTdBIt20vWdoKAJ6ClPIHw==

GET
H2 200 82417_934848_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2eb56abe/2023/CamoLiquidBlush/ 314 B
905 B 155ms
143ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2eb56abe/2023/CamoLiquidBlush/82417_934848_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 53a267fda006f16d6fdb54ee764922a3fe61a8b6ef2972ae8c60d93e306bb1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194960 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 314
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023171/[4,-,1702862777510] 38D1cc0231aa/[hit]
cf-ray: 83739de749600f83-EWR
x-amz-cf-id: RO7YmCp0JYvkH0tbeogltJgv819rqjG6uGK9p1SRFHQus4rCCpGv7A==

GET
H2 200 82418_ea5d4e_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2947a163/2023/CamoLiquidBlush/ 306 B
897 B 156ms
144ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2947a163/2023/CamoLiquidBlush/82418_ea5d4e_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: be26eb3fda8ce26fcf39cabb2d7d4f56a8524e31a343f6db6b1c4e255c4c89d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194957 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 306
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316e/[4,-,1702862777613] 38D1cc0231aa/[hit]
cf-ray: 83739de7bdcd727a-EWR
x-amz-cf-id: Y_J5sLe11AxSiZmoykiOr63nC1SXRnUlQpRNV12uprJrhWY3zaiPBA==

GET
H2 200 82419_d8295f_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbf823553/2023/CamoLiquidBlush/ 307 B
899 B 157ms
145ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwbf823553/2023/CamoLiquidBlush/82419_d8295f_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 55245d1dbef4c5307f1e4b89913f51d27a2bd76d9d4130bcfc48c1438ce27232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194962 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 307
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023173/[3,-,1702862777587] 38D1cc0231aa/[hit]
cf-ray: 83739de7b8f18cc5-EWR
x-amz-cf-id: M9wuO1WZbi-GwGcIhOAuUaIHowP8i4tr4WLaQ5WfHt04HVZR5b3iIw==

GET
H2 200 82420_d52e1c_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0bcb7171/2023/CamoLiquidBlush/ 313 B
905 B 158ms
147ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0bcb7171/2023/CamoLiquidBlush/82420_d52e1c_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4358d95ed843273750f6301a75ad4282b7f32fbf25d9bfc0d7c1ed220f526673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194964 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 313
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023175/[3,-,1702862777623] 38D1cc0231aa/[hit]
cf-ray: 83739de7bb9078d5-EWR
x-amz-cf-id: -KPP2wAw4LrOzPw25Z9FyRDIe46_KHY6f41vaH7lPnJySNkv3tWadw==

GET
H2 200 82422_81382b_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd690c536/2023/CamoLiquidBlush/ 314 B
906 B 159ms
148ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwd690c536/2023/CamoLiquidBlush/82422_81382b_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 57b5fadea258092c47cb3ad1f5ca816ed7a03c194c96b14a59e3bd606284616a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702588991-9267194963 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4377949
content-length: 314
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Fri, 17 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023174/[4,-,1702862777582] 38D1cc0231aa/[hit]
cf-ray: 83739de7bcd3238e-EWR
x-amz-cf-id: xislO83Mca2RYEMtunULeyPIV9llZqko99PUmz0ptVFqr-kJsKIHKw==

GET
H2 200 81588_212531_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc11cce39/2023/LashXtndrMascara/ 315 B
905 B 161ms
150ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc11cce39/2023/LashXtndrMascara/81588_212531_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 4dd4735601c7db12d49dc38c46dfef3a663db36321689bcb34aea889bd0db001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494114 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 315
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023177/[5,-,1702310586234] 38D1cc0231aa/[hit]
cf-ray: 833ef4abca184257-EWR
x-amz-cf-id: LeG_PZD8c4A5c8RN7dyYzUkfZ_Zuv_zmF5T2PQ7AM_BU01nVgrEq2Q==

GET
H2 200 81587_303030_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwac631f56/2023/LashXtndrMascara/ 186 B
776 B 162ms
151ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwac631f56/2023/LashXtndrMascara/81587_303030_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a57278ff3f6a270785706b6fa0185dd06bb2357e5ae950698989483ebc43d6c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 f91b1dd39ce8309d7fc575add365607e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494115 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 186
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Sat, 04 Jan 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023178/[5,-,1702310586238] 38D1cc0231aa/[hit]
cf-ray: 833ef4abdbe64276-EWR
x-amz-cf-id: D8tH8Fn-O3SiY8D-cFpi0uvasTLM8XeUgE7zGTwo2aSrqQB4oQSpXg==

GET
H2 200 81589_664847_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw09f003fc/2023/LashXtndrMascara/ 312 B
903 B 264ms
253ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw09f003fc/2023/LashXtndrMascara/81589_664847_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: d8eecca6704326f8db5486946d33420fdc588c6d519774e39df570883c4e3d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494116 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 312
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Sat, 28 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023179/[4,-,1702310586249] 38D1cc0231aa/[hit]
cf-ray: 833ef4abdefc6a4e-EWR
x-amz-cf-id: xTLaolnMMTpfa9fYQcYAe9J0urZrHGpRAdRkzE0z3VIsiLIFN4M0mw==

GET
H2 200 83567_c39b69_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2d6f4aac/2023/HaloGlowLiquidFilterSHADEEXT/ 304 B
895 B 265ms
254ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw2d6f4aac/2023/HaloGlowLiquidFilterSHADEEXT/83567_c39b69_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 8a04baac1bb2ecbbd8c34d07662c8d2ed56ed1b5145f9da4b9df0d93c5fc12f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 5e3f4627de97deab81963915d14a9754.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494168 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 304
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023161/[5,-,1702310586665] 38D1cc0231aa/[hit]
cf-ray: 833ef4ae7fa22363-EWR
x-amz-cf-id: qR55BryViAj_enqJpbZqD7m30dg2BVvKwW7Ot6bn5dBzAzJBBZNkuA==

GET
H2 200 83565_e4bc97_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0c47e8be/2023/HaloGlowLiquidFilterSHADEEXT/ 291 B
883 B 266ms
256ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw0c47e8be/2023/HaloGlowLiquidFilterSHADEEXT/83565_e4bc97_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 06f7a62ff765add60b19a7594e3cd59f4f243c718a07ce5d2e13f72dfffae406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494169 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 291
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023162/[5,-,1702310586671] 38D1cc0231aa/[hit]
cf-ray: 833ef4ae8e515e6a-EWR
x-amz-cf-id: 8ypHZVEyBXvqw7czllpAOaCPWAhmoh9nAhbEpXnJ_T6vFM8XinKSZg==

GET
H2 200 83566_e4c6a7_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw08c83b35/2023/HaloGlowLiquidFilterSHADEEXT/ 289 B
880 B 268ms
257ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw08c83b35/2023/HaloGlowLiquidFilterSHADEEXT/83566_e4c6a7_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a5a7fc32d089a7db4a8a51c3b0144e8571b63162c4db338cb169c668f9aa6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 c5e0ddd115d9893ade353cf085d11dba.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494170 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023163/[5,-,1702310586677] 38D1cc0231aa/[hit]
cf-ray: 833ef4ae8e2d4326-EWR
x-amz-cf-id: UkLUCY-nYOTSVIwF-NYspyhgsCCr04im3eH1_5Tj6p30v-EPPVw7-w==

GET
H2 200 82113_eac6ac_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw60089524/2022/HaloGlowLiquidFilter/82113_Halo_Glow_Liquid_Filter_Fair/ 289 B
880 B 269ms
259ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw60089524/2022/HaloGlowLiquidFilter/82113_Halo_Glow_Liquid_Filter_Fair/82113_eac6ac_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 988939b24208fa548397468433e51d44f04cfad29107321fb4332d075c2c3ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494171 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023164/[6,-,1702310586695] 38D1cc0231aa/[hit]
cf-ray: 833ef4aea98d1791-EWR
x-amz-cf-id: 3Vz9-x1OKWGeGY3QUPE4L_sXExxfRkqeON1NAHxby_6KxqwGVHyWsg==

GET
H2 200 82114_ddc1a6_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7184145d/2022/HaloGlowLiquidFilter/82114_Halo_Glow_Liquid_Filter_Fair/Light/ 289 B
880 B 270ms
260ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7184145d/2022/HaloGlowLiquidFilter/82114_Halo_Glow_Liquid_Filter_Fair/Light/82114_ddc1a6_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b0b16d044e600df5f3d5bcbe66b812b91169ac8c6f6394b52b94ec568e6d7232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 cb7f1fdf6954dd7324e8117a63207a3c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494172 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023165/[6,-,1702310586735] 38D1cc0231aa/[hit]
cf-ray: 833ef4ae9f95434c-EWR
x-amz-cf-id: 8067Bn8yLVIOyqFKRlLQTJCxMnddMAgo3AU7lr_4WbyIspa6xAvbiw==

GET
H2 200 82115_d7ad91_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe43236fc/2022/HaloGlowLiquidFilter/82115_Halo_Glow_Liquid_Filter_Light/Medium/ 289 B
880 B 270ms
261ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwe43236fc/2022/HaloGlowLiquidFilter/82115_Halo_Glow_Liquid_Filter_Light/Medium/82115_d7ad91_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5a1b7fbff7841e65b48c6f566b3f7c5a3d030c790f1de3e7e2ab760bb769082a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 94ac78512342d473815908b66b16cd7c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494173 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023166/[6,-,1702310586685] 38D1cc0231aa/[hit]
cf-ray: 833ef4aeaa144294-EWR
x-amz-cf-id: N3_c2pDxLOfklkLhlKBa-2QfWFKZ0MLeleVzpFvf-MF_V-X7amr8fw==

GET
H2 200 82116_bf926e_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw992ade67/2022/HaloGlowLiquidFilter/82116_Halo_Glow_Liquid_Filter_Medium/ 289 B
879 B 271ms
262ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw992ade67/2022/HaloGlowLiquidFilter/82116_Halo_Glow_Liquid_Filter_Medium/82116_bf926e_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 77563c3d31b3bd929f455be38d45d87449f2441007a1ae54c2ec4f644c767630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494174 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023167/[5,-,1702310586714] 38D1cc0231aa/[hit]
cf-ray: 833ef4aecb2315bb-EWR
x-amz-cf-id: pVyvPDAQBO8YDXCgDS5u_PcPeF_tPHN5iioQf5jzdDkqs_mxkmcbgw==

GET
H2 200 82117_bf9667_Tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc8c0121f/2022/HaloGlowLiquidFilter/82117_Halo_Glow_Liquid_Filter_Medium/Tan/ 290 B
881 B 272ms
263ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwc8c0121f/2022/HaloGlowLiquidFilter/82117_Halo_Glow_Liquid_Filter_Medium/Tan/82117_bf9667_Tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: a7dc26bff5b4a6ceb621fc58cb8e8b4f19619064e20d2a63d10d89d7649f3310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494175 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4930027
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023168/[3,-,1702310586711] 38D1cc0231aa/[hit]
cf-ray: 833ef4aebd4c0cb4-EWR
x-amz-cf-id: A9FBcnLWBp8piEM7yPH0EWL9WaXncSmB-xbdZPW0ccnfWcyTh37Kwg==

GET
H2 200 84700_a3494a_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwcc80c0c8/2023/HaloGlowWandBlush/ShadeExtensions/ 290 B
881 B 273ms
264ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwcc80c0c8/2023/HaloGlowWandBlush/ShadeExtensions/84700_a3494a_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: c72643964544332aff431b6a1b00c2196ce9eb194f196ad05e14982d3b08321c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 cd3b189d4dff15bd0a2ccf14f97ffda2.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/11 si/38D1cc0231aa-1702308518-7766494714 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023190/[2,-,1702310603894] 38D1cc0231aa/[hit]
cf-ray: 833ef51a18da8c99-EWR
x-amz-cf-id: ot4u17vWIC-vDUl-DHnHVserGKYDIQJsfFFY4_wT9FWepaQAkUtD_A==

GET
H2 200 sku84696_hex_bc8974.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5b2ba85/2023/HaloGlowWandBlush/ 289 B
880 B 274ms
265ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb5b2ba85/2023/HaloGlowWandBlush/sku84696_hex_bc8974.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 84c5d15e1a01e75f1164ada1359c5cc113b3aa3a85e43259b137d090b35c8072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494715 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 289
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023194/[5,-,1702310603887] 38D1cc0231aa/[hit]
cf-ray: 833ef51a1f9541f2-EWR
x-amz-cf-id: br-ZGsi5ySx2ltTQ7H4M_1oXnRN7kpK97J1KMSIXIfkmoJjGq-cgkg==

GET
H2 200 sku84697_hex_9b504f.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7db85a30/2023/HaloGlowWandBlush/ 290 B
881 B 274ms
266ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw7db85a30/2023/HaloGlowWandBlush/sku84697_hex_9b504f.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: c7800792e17ae1f204a586d14ec62c93d478bf0e9201e75eb7bb54b3a3068a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494716 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023191/[5,-,1702310603896] 38D1cc0231aa/[hit]
cf-ray: 833ef51a2d052363-EWR
x-amz-cf-id: cltXUYGZ0yMM5wXu96JAAmkjU9Tkrua9KsFL2IjWZ-M9L0KHW_FmRQ==

GET
H2 200 sku84698_hex_956141.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb8a78ca2/2023/HaloGlowWandBlush/ 290 B
880 B 275ms
267ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dwb8a78ca2/2023/HaloGlowWandBlush/sku84698_hex_956141.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 6d346ba132593213cba9bfa6b9ae595d953d5ce8ca748f4d31ded1b8f4f1e1ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 11ab138d0b995a9fa4daabbae7fc0b0c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494717 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02314c/[5,-,1702310603897] 38D1cc0231aa/[hit]
cf-ray: 833ef51a2fb25e6a-EWR
x-amz-cf-id: -oWdMxPHnInaHnxqTNWLTt7R0aQ9my4pYCbOf0Sspx74ZVANgeOqXQ==

GET
H2 200 sku84699_hex_864c52.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw11e3ba07/2023/HaloGlowWandBlush/ 290 B
881 B 277ms
269ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw11e3ba07/2023/HaloGlowWandBlush/sku84699_hex_864c52.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 9193ab03db75dc48eac7f6387304991f7c6e794e4f13163dae47280f91d2210a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 94ac78512342d473815908b66b16cd7c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494718 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02314a/[5,-,1702310603912] 38D1cc0231aa/[hit]
cf-ray: 833ef51a4bf94326-EWR
x-amz-cf-id: zIQVZi6MZSe5Jhg2s61OJ0d7x2zwFDOMeZ_0y8pvP-kcXTo77q--8A==

GET
H2 200 84701_833123_tile.jpg
www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3e276ea6/2023/HaloGlowWandBlush/ShadeExtensions/ 290 B
881 B 277ms
270ms Image
image/jpeg 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/dw/image/v2/BBXC_PRD/on/demandware.static/-/Sites-elf-master/default/dw3e276ea6/2023/HaloGlowWandBlush/ShadeExtensions/84701_833123_tile.jpg?sw=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 97b684ae93653983b3f22e0b74288e8b1ac19025ee91d4e17c60aa3c722cc8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
via: 1.1 6e131451bd3f2f00145987b931606ec0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cleanquerystring: sw=16
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/101 si/38D1cc0231aa-1702308518-7766494719 tts/1701196602045 ti/5a0c9b7632f01c35d421021b ai/5a0c9b7632f01c35d42101b2 tm/0
x-cache: Hit from cloudfront
age: 4929931
content-length: 290
x-yottaa-forcecache: true
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
content-type: image/jpeg
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc023192/[7,-,1702310603918] 38D1cc0231aa/[hit]
cf-ray: 833ef51a59091791-EWR
x-amz-cf-id: -GxL7OPXYzcmOxvNs5Ja8zceZRq2dHTdTulySNoNAcirXHV-vw-6qg==

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 5D01 55 KB
17 KB 44ms
43ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Tue, 06 Feb 2024 17:35:28 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Tue, 06 Feb 2024 18:35:28 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 19ed141efcc53
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000019ed141efcc53-a4cd6e9678be60c0-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 40ms
39ms Script
application/javascript 18.66.122.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-54.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:29:53 GMT
content-encoding: gzip
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 336
x-amz-server-side-encryption: AES256
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: R235_OkXRtLxO2Kjy01KAR1WRzV44fMXW4OxPSPAVQfcwHBmmBqC6Q==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 122ms
122ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:28 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946305
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 125ms
125ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:29 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946305
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 122ms
122ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:29 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946305
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

GET
H2 200 valetines-day-2024-01-29-image-5_D-min
cdn.media.amplience.net/i/elfcosmetics/ 59 KB
59 KB 39ms
39ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-5_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

9984ddd66cac2301c90a8af8df473e374a6a76a5839fd72a7483bdc8db9efbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:29 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: XDjwBEJ8e,l4p5bDg2e,xhQ7djhcu,WepA0szpz
x-req-id: PE_37DyabP
content-length: 60073
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 87 KB
31 KB 41ms
40ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 22:43:16 GMT
content-encoding: br
age: 327133
x-guploader-uploadid: ABPtcPrzv3zMX7I1dzjbsiC62El24rAurKB2xJVFm0jBPw_I1rAT8y3Qisp-oAfaWzhGusIgZlk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31584
last-modified: Tue, 30 Jan 2024 20:16:29 GMT
server: UploadServer
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-goog-generation: 1706645789533091
x-goog-hash: crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 89476
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame FC3A 2 KB
969 B 41ms
41ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 785038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 15:31:31 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Tue, 23 Jan 2024 19:04:54 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1706036693932578
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPrzbHipj-CiDOBxJk1LaYMOuoiFnIDU7h_pWv47C3ToYfhaD3nrgcJSIlO-DZ4VaPWrw0pAV3Ht

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 5D01 18 B
233 B 199ms
199ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7CE2) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: e7cf440eddd50
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7CE2)
traceparent: 00-0000000000000000000e7cf440eddd50-a69e159a8731214c-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 06 Feb 2024 17:35:28 GMT

GET
H/1.1 200
OK pgwbghxiutqyzx9t.js Show response
imgs.signifyd.com/ 95 KB
13 KB 151ms
43ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/pgwbghxiutqyzx9t.js?74ecir9tbcbufwon=w2txo5aa&tw8s9ew0mj2jjupz=LzMzOTBkYWRmNDFmYmI0ZWFmZjc3MWUzZmMx

Requested by

Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

03f8b27a5a5f052420315293357ce3f2af3dd92bb40b5de15f93722648ce3f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 17:35:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 143ms
143ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:30 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946306
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

GET
H2 200 us.svg
www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/ 9 KB
1 KB 122ms
122ms Image
image/svg+xml 204.2.49.170
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfcosmetics.com/mobify/bundle/10520/static/img/flag-icons/us.svg
Requested by: Host: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/mobify/bundle/10520/vendor.js?yocs=1u_1y_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.2.49.170 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:30 GMT
x-amz-version-id: PgkEiBXOrB52tTjpwT_rl._JX6QZ0DMF
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR50-C1
age: 946306
x-amz-server-side-encryption: AES256
x-yottaa-optimizations: ob/1101 si/38D1cc0231aa-1706292485-6677601666 tts/1701194968684 ti/5a0c9b7632f01c35d4210286 ai/5a0c9b7632f01c35d4210220 tm/0
x-cache: Hit from cloudfront
x-amz-meta-deploy: 655743
content-length: 676
x-amz-meta-bundle: 10520
x-yottaa-forcecache: true
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31104000
x-yottaa-metrics: 3821cc02316d/[4,-,1706294090466] 38D1cc0231aa/[hit]
x-amz-cf-id: 3CkLhBKyOP_Gib4v9msL1-ZZAaF-nhhxCivwZqf09U_Iqu_TEhbOOQ==

GET
H2 200 ts
t.paypal.com/ 42 B
213 B 200ms
200ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1&page=muse%3Aoffer%3A%3A%3A7PFGPLHGYKX72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a9b41b4-1a0b-4488-939e-bc9b13368cc5&es=visitorInfoFlowStarted&mrid=7PFGPLHGYKX72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=e.l.f.%20Cosmetics%3A%20Affordable%20Makeup%20%26%20Skincare%20%7C%20Clean%20Beauty%20Products%20%7C%20e.l.f.%20Cosmetics&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707240930499&g=-60&completeurl=https%3A%2F%2Fwww.elfcosmetics.com%2F&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 06 Feb 2024 17:35:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: be60fa72b7de6
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
correlation-id: be60fa72b7de6
traceparent: 00-0000000000000000000be60fa72b7de6-454973673a80b01f-01
x-timer: S1707240931.520333,VS0,VE161
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 17:35:30 GMT

GET
H2 200 valetines-day-2024-01-29-image-6_D-min
cdn.media.amplience.net/i/elfcosmetics/ 110 KB
110 KB 40ms
40ms Image
image/avif 2a02:26f0:3500:14::1724:a24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.media.amplience.net/i/elfcosmetics/valetines-day-2024-01-29-image-6_D-min?fmt=auto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

4640c95ead92ab52d145901f4c81171be7617504eea0d47bc74dffa50cc0b584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:30 GMT
x-content-type-options: nosniff
x-amp-srv: A
cache-tag: nbP029mD3,l4p5bDg2e,HKFzQEt3Y,WepA0szpz
x-req-id: 6O3-Ym2bV6
content-length: 112474
x-xss-protection: 1; mode=block
x-amp-source-height: 1040
server: Unknown
x-frame-options: DENY
x-amp-source-width: 1598
access-control-allow-origin: *
content-type: image/avif
cache-control: max-age=1800, s-maxage=86400
accept-ranges: bytes
x-amp-published: Wed, 24 Jan 2024 23:00:23 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 5D01 435 B
2 KB 288ms
288ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

96fe25287296df88fabdf10b1d5e07093a8cf0c24d3331875ba36d865ca1d45f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-RKBAf2fFFzV8NcR5MyBcQ0X3N+YYp1ye/GtOza82AAO+iUwu' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-RKBAf2fFFzV8NcR5MyBcQ0X3N+YYp1ye/GtOza82AAO+iUwu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Feb 2024 17:35:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f974880883244
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f974880883244-095a5b39921737eb-01
x-timer: S1707240931.765761,VS0,VE247
etag: W/"1b3-tCFwgA6opyHhr5snL7EPvrPtZPo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 220ms
219ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 06 Feb 2024 17:35:30 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f97488089d480
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f97488089d480-052537d603d5ca67-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220027-FRA, cache-fra-etou8220027-FRA
x-timer: S1707240931.544128,VS0,VE179

GET
H/1.1 200
OK TIs4-R7BtNnBgoLR Show response
imgs.signifyd.com/ Frame DCD0 272 KB
46 KB 48ms
48ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/TIs4-R7BtNnBgoLR?4b5dc33db17dd2a2=Cf3DXDg4x6y9KpnY6BOObLN7pinPDVz0dSa57lSKohbg-nZDf-zbXO047Hc0lw_fLLumRsE_rRTmB549gQCeZ8dl3xJcYWLE-Nwf3_XreWl3lx8KlZM5-KAezolItFrdMD_IYIww_TaGl4OwF5M6qy5e4jByrUbOyS3oIUueSWz-K4EMKdtUf3uPXP_AuykSEYyoqwSyW83kfLEJ&jb=3d332e2c60736d7f35556b666e6f757b2e627b6f37556b666e6575712d30303b3b2e627b6a7f354962726d676d24687b683d41607a6765652f303239383b

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/pgwbghxiutqyzx9t.js?74ecir9tbcbufwon=w2txo5aa&tw8s9ew0mj2jjupz=LzMzOTBkYWRmNDFmYmI0ZWFmZjc3MWUzZmMx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

d518201937be457c86198f9f21fbcec1b7a3d2697a02f2995a8e0405d498f9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: e6755a978d8a9ab1
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK or45hAFw5zOKmcjy
imgs.signifyd.com/ Frame DCD0 81 B
475 B 117ms
38ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/or45hAFw5zOKmcjy?54a3fab1a6de97ad=qMkw4e_C39037vI7cLJ98aiD41Inqhpk7Y6-052Pfel57--wZYRR0D7nE2UrSbNcVyxO5Cx7a-NYE6uwQRV92koBEDDH2x7RU8wbLBUYN3BW4w1YtDC5DZ2owxQwAkJWL21dX4Vf77G04DZEp2WiFW0UuFw2Svq8676zA6A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK lXcdiybKeCQZ6Hvc
imgs.signifyd.com/ Frame DCD0 81 B
475 B 119ms
40ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/lXcdiybKeCQZ6Hvc?2ef746a7c8ec735e=-bySlv_I7iQPWj0JRqF3IGtafY0xAx2kAKenjZSnyGngHXObpmPy8i3SEp_w-Lg_euI2EVBtq52U0cCPPccydUaYqN_gN-_uic6QOCA9RPFrzni--E9tTEyUWBTyCEquVskfMKn85aEPMniwjhymeVOVIHTNZTNLiyWu_hQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame DCD0 81 B
536 B 122ms
40ms XHR
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/TIs4-R7BtNnBgoLR?4b5dc33db17dd2a2=Cf3DXDg4x6y9KpnY6BOObLN7pinPDVz0dSa57lSKohbg-nZDf-zbXO047Hc0lw_fLLumRsE_rRTmB549gQCeZ8dl3xJcYWLE-Nwf3_XreWl3lx8KlZM5-KAezolItFrdMD_IYIww_TaGl4OwF5M6qy5e4jByrUbOyS3oIUueSWz-K4EMKdtUf3uPXP_AuykSEYyoqwSyW83kfLEJ&jb=3d332e2c60736d7f35556b666e6f757b2e627b6f37556b666e6575712d30303b3b2e627b6a7f354962726d676d24687b683d41607a6765652f303239383b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, w2txo5aa/e6755a978d8a9ab1lzmzotbkywrmndfmymi0zwfmzjc3mwuzzmmx
Referer: https://www.elfcosmetics.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 06 Feb 2024 17:35:30 GMT
Server: Apache
Etag: 5e2f0a65198a40ac923beda30426d9a1
Content-Type: image/png
Access-Control-Allow-Origin: https://www.elfcosmetics.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 04 Feb 2029 17:35:30 GMT

GET
H/1.1 200
OK 8ajWOt5dntxxobvm Show response
imgs.signifyd.com/ Frame 8BED 90 KB
14 KB 43ms
43ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/8ajWOt5dntxxobvm?57616578d3d0ac95=iWSk7AvZglpoeUILVmbNHQPZRtR7PolgnwzpLng8g_tDFO3ZlCpwrLRARRVQPh_X9v717J-Uvi0L_8RQdQ87K2FogeOJB0HCYt9HwWNvNDfJgmfzLO8n4It68LC5sFuGPMOguG0swbBGVO4nia_g1yr6jX8TvrFtM94cVqkT6lZXljMyqZjT6Mp8ic_FQrJv70Nt5ijEKgiF3Bm4Fqo

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2f6e7161889d6c74478ba8767d3a88e18cabe88992649467f277de8926f867f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 06 Feb 2024 17:35:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content orckW3rkoeF37QAY Show response
imgs.signifyd.com/ Frame DCD0 0
387 B 40ms
39ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1QjeEOC0_8kutSeO Show response
h.online-metrix.net/ Frame 3AA8 103 KB
15 KB 143ms
43ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/1QjeEOC0_8kutSeO?1750b94c3c3228a2=hjCenkZeY0TGnsYkwd333y1WK85woUH6WmHws7o574rqNeygRyqYFCnDEWoPsC1QC1aOJnA3xRwIyUvuwqhsJ_YsA17OCBGTeIPxrHvu5vrnN-WHz3sHbs8UjjhbCfVoSKn1ofLSf7Ai6xh5R0PPunUR84JNOK02yjxl45vsoQqs0Pw4sc_ak-MM-T_3QffsisxXkQDSXWJx9TP7shJF

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

959837d67ff29e5bc93b6ed29d8055de24c6b7adafc4dcf186fd2bb2e96b7988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 06 Feb 2024 17:35:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK yGIOFBdDIRrc5_lm Show response
imgs.signifyd.com/ Frame EE27 90 KB
14 KB 59ms
42ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/yGIOFBdDIRrc5_lm?4f920e628e2c18c5=n7e4G522uZLdUSTJYAEJzTNVz6au6SlYxl72iXZJFKZO9eGliGAhHBarAYcDdDkh49u1jBrBx-Pi2hzNBqOUeqpcPzrXcSXy0K4GZ6CauCgCYU3gFd16E0TYJyh7VtIvvEH_fq8o5gvhPOjRpoaOWVfnkLgeydg-wAx4CH6n6hV-VrXWB6pfRT3JBIlmajonQCM5aFoABsdZe5FG-hYI

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

d96edbb032c874715acfd5ab0cdbbc4b87f93b5d48bd8868bb164cb9c6642039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elfcosmetics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 06 Feb 2024 17:35:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 orckW3rkoeF37QAY Show response
imgs.signifyd.com/ Frame DCD0 0
218 B 40ms
40ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/orckW3rkoeF37QAY?8ec2ef724cc5d79e=0Kxosiwerv9ovIY2Dt-_qVA55vgoZXcK1Hqcpwq8WBZcNJx2Df5wVpcBxO9fwCUDmbOn5E8u-K6B0cUvLqEdgEitF3KK2oTXh-wugQAz1ec-us3_c9r12PCoJWL_XkNx7fy_2KYWpKMTZ2CiLL1Wkck4KwY&ja=39323d392c2661373e3224723736322e6e3539363a327a39383a322469643d3b3c3838703938383a2c737a7335327a382c64727a353924313c3232243b3832322433363a3a24393a383a243b3c3032263930323826313438382439323a322e38263a246f7c3f6132323a696a6b6e6b3d3d64666c6c643b6d6b383639393c3f303c603b693d6b246f663f342c796b6c353a3e2e66623d6a7e7c72712d3941273a4e2d3a467d7575266f66646167716d6f7e616b7b266967672f32442c786e3f3b2c706a353f306e323263633e686964606d333139683f3b303f6b6d3a6e33606e6a30663c2c686a35313b31623d36376a336f60673d3033683c3b303d6b6c30383e63646c3d6060392c6a7167355f616e6e6d757b2f38323339246a7968354b607a65656f2f32323b3a332462796f77355f6166646575712e607960773541687865656d2e66626b373e266c6e653f3a2e646d767835382e7470663f4d7f786d726d27324c486d7a6461642e676b746a78353632383964336b3a6a6d633a30673e69693734383238386b6c393d3d3e383b6c64363f303a333c3b64346d69693a346e613b3c6b6c60663f30333b3939313e692c6c783768767e7871273b4b25304e2d3a4e777d752c6d666c616d7b6f657e636b7b266b65652f3846247a35726e7d6d696c576e6469736227374d6c6b6e716d2370667f6f6166577d61646e6f7579576f676c63615d78646971657827374d6c6b6e716d2370667f6f6166576b6c6568655d6b6b706d6a6b74273d4d6e696c79672378667f656b665d717f636b637c61676d2f3f45646b647167297a6c776f61665773626d61637d6b74672d37456c6b647b6d297a647f6d696c557a6763647a6c63716d7a2d354f646364796f23726477676364577e646b5578666b7967782d37476e6b6c716d297864756d6b6c576e6f74636474722f3f4d6e6964796d2b7a6c776d616c5d7b7c675d7e616d7f657827374d6c6b6e716d2370667f6f61665760697c6b25374f6e636e7b6f266564576b35776f6065645d6f60454427323a3b26382d3a3a20457a656c4d442730384f53273a383a26302f30324b62786d6f61776d235d6d6a4f442f3a3a4d4c51462d30324d592530383926382538322a477a6f6c454427323a4f5b2d3a384d44594625303a4d51273a3a312c382d3a384362706d65637f6f2b5f676241637c5f6d6a41617e2f32325d6d6045444b4e45444d57616e79766366696f665d6970726b737b2d3b4a2f3a3a4f5856556a6e67666e5f6f61666569782f31402d383a475a5c5d636566677a576a7f6e6c6f725d62696e64576c6c6d697c2d3b422f30324d525e5d666d727462556b6469657a2d394825303a4d5a56576c6c6d697c576a6c6f6c662d394827303847585e556e7a696f556c6f7a746a2f3b40273a3a455a5c577b60616e6770577e6f7a767d70655566676c2d3b482d383a455a5e577667707e75706d576b676d7a70677b79636d6c5760707e692d3b4a2d38384f52545d7e6d7a767d78655d6b676578726f71716165645d706f76632f394a2d3a384f505e557467727c77706d55666b647c6d7a5f6b6c6b7b657e706d786b632f394a2d3a384f505e5573504d4a27314a2f3232474d5b576566676f6d647e5d6b66666572557d61667c2f3b482f3232454d515d6e686f5d7a6d666c65785d6f617a6763722d31422f3838474d5b557b7e6b6e666b7a665d6c6f726b7e697c61766f71273b482f3032474753557e6d707c7d786d556c6c6d6b7c27314a2f3232474d5b57746f7a767d786f5d64646d617e556461666d6b7a2f39422738384d475b557467707c7d7a65556a63646c55646e6763742f394a2d3a38454d59557467727c77706d556863646e576e6c6563765766636c6769702539482d3a38474f5b557c65707e6d7a5d697872637157676a6a6f61762d39482730385545484d44576b676667785562776c6e6770576c6c6d697c2d3b422f30325f4f48454e57616f677a7a6d7b7b6f6c557e657a7e7d7067576b73766b2d3b4a253832554d484d4e5d6b6d6d7a786d7b7b6d6e577e6f78767f7a675d6d7e63273b4a2d3a305d47404f4655616d6572726f797b6d6c577e6d727e75706f5767766b3b25314a2d3a38574f40454455696d6f78706579796d6c577c6f707e7f7267557b31766b2f33402d3a385f4548454e5769656f727a6773796f6c577c6d727c7f78655d793b7661577972656a2d3b4a253832554d484d4e5d6c67627f6d577a6d666e6d786f725d6366646d2d3942273a385f4d424d4e5d6c6f7a766a577665727e7d7a6d2d394a2f3830554f4a454e576e72637f576a7d666c67707b2f3940273a32574f484f445764657b6f55636d647c677a7c2f33402d3a385f4548454e57677f6e76615d64786b7f2d3b4a2f3a3a5d45404d445d7267667965676657656f6e67333e2c6d6e5d603f343f3d6b31383f3a6e3b6b30676e3863363d6f31663c6d6b316433643a6b3a6961366a6164686b312e7f6f667e37436e766f64273038436e61262e7f6f6c783f4b667e6f6e273a324978637b2d3a3845786f64474e2f3a3247666d696c6d2e6b6b643732&jb=393f3d2c66713f4767786b646661273a4e3d26302f3032205d636c666775732f3838465c2d38383b3a2e322f3b40273a3a576b663e3c2d3348273038723c362b2d30304b7a78646d5f6f6a41637427384e37313f2433342d3a38204b42564f442f3841273a326c63616d2d3a384d6d69616f2b2f3a324160786f6f6d2d3a4e3138332c38243c33343f2c3139332d3a385b6b6e6b786927384e37313f243334

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK 9OO1xsd9o8wXXPlb
w2txo5aaoeoayg7qbizfu2xazffllap2al7ehn5oe6755a978d8a9ab1am1.e.aa.online-metrix.net/ Frame DCD0 81 B
438 B 183ms
38ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aaoeoayg7qbizfu2xazffllap2al7ehn5oe6755a978d8a9ab1am1.e.aa.online-metrix.net/9OO1xsd9o8wXXPlb?842eb87f27f7af10=8-skxfwJgOK7dUDsZIlKuAZsRb4QMZN9RQtXmjaJX7PNYI4pzEgywKxbodhBGDQnL53M6dHZQrEycXUAXabANehLCcKgv-vHsAQVUsmDZoteM2gqWV-sPqv6SFxoDn34TUstKyxKpqq-3PcmPMamisY65VEvhC7GhjMW

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
235 B 252ms
156ms XHR
application/json 2600:1901:0:56e0::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=105254217&GCS2=&pe=false&wsid=4142&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A4142%2C%22loadID%22%3A%22Ep1pNRmTtc0WC8x%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A5%2C%22IDStageStart%22%3A5%2C%22obsReqdata%22%3A624%2C%22obsReqpage%22%3A1393%2C%22obsReqview%22%3A1395%2C%22IDStagePrefire%22%3A2959%2C%22netComplete%22%3A2984%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%224181893050201417042%22%2C%22visitid%22%3A%221707240930538634%22%7D
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:30 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elfcosmetics.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H/1.1 204
204 EU5MTOf5KKGqcao3
imgs.signifyd.com/ Frame DCD0 0
400 B 41ms
41ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/EU5MTOf5KKGqcao3?25ca55812f2ec308=RjcShpMPKqcDSsKYz8TVMqE1an171ligL9uwnqMo_RyYj-g08N3yF42hakaCXTT4KtRHB5lebQaLrbG2SWdtywT77-sY2QtY3sKI-YstE9kjYTOnDslvLZVGIZLHHdO-RAK_ipPEQn62KIDJiNe2xUCh8xxnuD5PSTQps14PtJOY_kzZdGG68RAGOIBBlcHQ4oLJ8_3JTFfiO_E-k00&jf=3c3b3c2c796966557a6c66357e64705779456a395c485b4d705837677f30787e2c7b616c576e697e6f3d333d3835303c3a3931382e7b616455767b786f3775676a3865696e7b692e7b636c5561657b373b3237313930333b383e383738633a3e3e3261673b6630383a39383e38323a6b323636326b67316c3a333239383f38333e3032383a3e3a373b33313b6e3a313a313f6a3a3861353d3e67603f3a353030383069376e30346e6e3e36673c676432696d3a3f3f3d39323233336b303a60396932363c3e386b366937346d6f3b61333f376568333b383c693c3d396b65603f6e343a6e6c62313f303c6b346832346a323c363a6c37353c386a6a3e3f693c3e3e30643d3b3a247b63645d7b616f35333a363638383832323e3a3139396a393b3f693e386b3132393866613c6b65606b6b30393368363a306b6f31616d3a633b3b693a3f3e6c6c6e6933643a6d36636b3263306e3b6a6a30383032396b3b32353d373832336a6b696a3a6b323c61313b6b36663b6937353e3e393d613a6361393f3d3a306d36623d3a3b6d3e6b32696b6839363a6b3b356a33353a2e7b616e723732

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content 1S4D2mHUS9hvbN_z Show response
imgs.signifyd.com/ Frame 8BED 0
387 B 40ms
39ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/1S4D2mHUS9hvbN_z?8034827c41816372=WRSXdAhmd4OK3aZvYjd7VxoQQ9coIkvC2uOL-X5X9uD182ExpR479Drcl924RIbj9coRPp0VKs5PJWsb1Sq0ZMEkZg4AOEJyz5N_cHJ9nR24oFjMlxM6Q57XmyefJrOX3xI81gg2UJC19qShcdryzGjruH4&jf=3b3c2e6679623f68386631306836646d3e6e3c343b333269396c37343a35633269393c3f6e6c3c

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/8ajWOt5dntxxobvm?57616578d3d0ac95=iWSk7AvZglpoeUILVmbNHQPZRtR7PolgnwzpLng8g_tDFO3ZlCpwrLRARRVQPh_X9v717J-Uvi0L_8RQdQ87K2FogeOJB0HCYt9HwWNvNDfJgmfzLO8n4It68LC5sFuGPMOguG0swbBGVO4nia_g1yr6jX8TvrFtM94cVqkT6lZXljMyqZjT6Mp8ic_FQrJv70Nt5ijEKgiF3Bm4Fqo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imgs.signifyd.com/8ajWOt5dntxxobvm?57616578d3d0ac95=iWSk7AvZglpoeUILVmbNHQPZRtR7PolgnwzpLng8g_tDFO3ZlCpwrLRARRVQPh_X9v717J-Uvi0L_8RQdQ87K2FogeOJB0HCYt9HwWNvNDfJgmfzLO8n4It68LC5sFuGPMOguG0swbBGVO4nia_g1yr6jX8TvrFtM94cVqkT6lZXljMyqZjT6Mp8ic_FQrJv70Nt5ijEKgiF3Bm4Fqo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 iyR8Vu1wrRtnvt8F
h.online-metrix.net/ Frame 3AA8 0
400 B 42ms
42ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/iyR8Vu1wrRtnvt8F?85aea864e7f42ef9=ru8AMFw9vtvRYgyrOeILPgEbQBPJPXPvEv6tSgcb0CkF1ifpHwOME1Lw6attrvz_B1lnufIl0_QwGgdEOaR30YWvlioJCTI_cvZMycNstdxpVOqgpTqCCtEIaK7KH_peuMqP-2G27qKzVw3YHyzOYFkFwTl4uw5R1jyiVfnz4vQEnwGxjU2ve2omNYhQ0auQuz76aUZsTscKQo4B5fE&jf=3c3b3e2c796966557a6c66357e6470574771665441584e6246693a77596a57432c7b616c576e697e6f3d333d3835303c3a3931382e7b616455767b786f3775676a3865696e7b692e7b636c5561657b373b3237313930333b383e383738633a3e3e3261673b6630383a39383e38323a6b323636326b67316c3a333239383f38333e3032383a3e33323f3134393e3a6c3e3e6930396c66373b6b6361383330313a3f6e31386b3b613c3e6e61366e37643c3e3b3e3a386e3d3d696263393864323d3f6461693b693d316b37376d3f6f303a3f3a303c3b3b3e3b3c696b32333835683833633d6c37363a303e38623d31633f3c6934356b67383e6b6c3139693a3c3b3b6563383b60247b63645d7b616f35333a363738383832306b3b613f3e3c3f6d3f3d386b3d36376b3a3631303332323d31386938333663303d3d66333b64353e6c69313e6a39313f3f38616e3031346c3a66326a3f3a3e30383033383a3361663032656c6b3d6e6d6c3b6a3e6b613a683d32336b6c3633316a3f6e663b3a3231383e34333160633b3d3d39306d393e6c6f3466326c60663939313a693e2e7b696c703f39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/1QjeEOC0_8kutSeO?1750b94c3c3228a2=hjCenkZeY0TGnsYkwd333y1WK85woUH6WmHws7o574rqNeygRyqYFCnDEWoPsC1QC1aOJnA3xRwIyUvuwqhsJ_YsA17OCBGTeIPxrHvu5vrnN-WHz3sHbs8UjjhbCfVoSKn1ofLSf7Ai6xh5R0PPunUR84JNOK02yjxl45vsoQqs0Pw4sc_ak-MM-T_3QffsisxXkQDSXWJx9TP7shJF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
333 B 179ms
67ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=870&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAGQgJgBZiBOAZn2NM2AC8QoBaANmMwHcApgCMcqYAID6qACZQK+CmUwAnAThAAbOGgwEexAB74yjFQJgDlq5VGwBDDRtQIA5hLjKNUABbBgABxwAUloAQSCyADEIyL44gDoBDRgkEBwAWwE0JBx41PSYzAA3VFFgCVSQAGtUASggwgAhCLINfxaQ8LIyXwDgsgBWMIiBqJGouL5E5NSMrNQcvJACwbHuiIBhFuUO4fX1wgARbBBq2vqmlukZXa7KfAAOR7piAeITBSJiRQ6yLe6StJbl9yFQXkMHlxaBRNi0ircGs1uhoQC4XAJpFIELcYA4cAJYd0BEVLBIUWiMVicXiCX8Wkg7MpygBHYAAT1uxEJZAZTIkRQccFpZE6XLp3RwcCE6TE4kxGDKws6uI0+O55PRmOcUmkAgQaBgtSB6zCKrV4p5jPK+OA1NVtP+lqZdrVR250hckVQyhwwAAMiA7MaRWFgMohQ1jgKfQBtDWU5wAXVgNOKjJwMeJpPjWoQybNAjTsd5LPZyd40YzJf5goE5aLGf8yhAmKbCzrKftDZjTZbEgQdky+dTlZj2t9ICQVWHXdHkulsspCrEHYL3cqNUk6RbDgkTbUeuAM-x3ZzWJ1h9Qhoxx8Lo+rNtv3f80n8EhwVTgT-vVu-6Z7qhFO+n7frqMAxtWApaB2FZgXGqKaueMiXte0igeYEFWu+WRPhutQSKAIBkoy6KdieQj+FAvBZJRMYAEQlnRAA0DF2OILggMobLMQx3gCFOIDaDx3jLAIPG9tIcAoDx+KMkg3h0YmmD+MAeAiZkJzpP4Th2MgkgwBodguLYRTeHYUBAA
Requested by: Host: www.elfcosmetics.com
URL: https://www.elfcosmetics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Tue, 06 Feb 2024 17:35:31 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 11
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 249ms
153ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=4142&warpspeed=2%5EHIykD&loadID=Ep1pNRmTtc0WC8x&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET 458359.gif
idsync.rlcdn.com/ 0
0

GET
H/1.1 204
No Content orckW3rkoeF37QAY Show response
imgs.signifyd.com/ Frame DCD0 0
387 B 40ms
39ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elfcosmetics.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 17:35:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-fsly.yottaa.net
URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/

Domain: 9231397.fls.doubleclick.net
URL: https://9231397.fls.doubleclick.net/activityi;src=9231397;type=retarget;cat=globa0;ord=5450069118511;npa=0;auiddc=1628542943.1707240924;u6=%2F;u10=undefined;u12=undefined;u8=undefined;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flap;ord=5470722561064;npa=0;auiddc=1628542943.1707240924;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: 10742279.fls.doubleclick.net
URL: https://10742279.fls.doubleclick.net/activityi;src=10742279;type=elf8j0;cat=glo_flhp;ord=1841738940887;npa=0;auiddc=1628542943.1707240924;u1=https%3A%2F%2Fwww.elfcosmetics.com%2F;pscdl=noapi;gtm=45He41v0v896608294za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.elfcosmetics.com%2F?

Domain: pixel.pointmediatracker.com
URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=20194f4e-a442-44e5-b235-19e0885159fb&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1535121624

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=c69c204f-fba0-4685-aea8-ad32f799fa5d&u_scsid=3bc5ea08-49c2-40cc-98b5-a44865ed272e&u_sclid=a8df9178-2bdd-4c7c-8bd8-dbf906d10f8b

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/458359.gif?partner_uid=dea6fff8-f4dc-4092-bcfc-78b8bb864845

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 18:15:27	Name: X-AB Value: 33eab0fa79c342aca6dee3eee3c90d77
.elfcosmetics.com/	1969-12-31 23:59:59	Name: pxcts Value: 1b04ccf3-c516-11ee-addb-bfeb53f3c513
.elfcosmetics.com/	1970-01-21 02:59:36	Name: _pxvid Value: 1b04c1fe-c516-11ee-addb-0248ae03e3b0
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: initAuthComplete Value: true
.elfcosmetics.com/	1970-01-21 03:50:00	Name: ab.storage.sessionId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%2202be926a-3e5c-a462-2177-ec3b24c69277%22%2C%22e%22%3A1707242723538%2C%22c%22%3A1707240923538%2C%22l%22%3A1707240923538%7D
.elfcosmetics.com/	1970-01-21 03:50:00	Name: ab.storage.deviceId.609afcb2-1dc3-41ef-a771-0a9aaf10bf57 Value: %7B%22g%22%3A%223cc1d872-00e0-8e31-eb42-e1aeb3053ab1%22%2C%22c%22%3A1707240923539%2C%22l%22%3A1707240923539%7D
.elfcosmetics.com/	1970-01-20 18:14:01	Name: _px3 Value: eb9f0d80f94d97b4d1986ebe178dda6a1522e84ef9a9a3a6a309f0e751b21f0d:XMQN3IZNm16NOfr9WazZlCV21Z28xnQRPdv2R9ieyf52a0PcEHQuP5ayciixISV+DVGrejVFlg71WWl/TH1Uwg==:1000:K0P8Z6pD7XefBbljahRm8bKqvZQBKhp8eaV33YIAVxqHWZPJKBIaUNGB4nK7BqxskFR1kcUTxKCq4OqVwVWS3zyFw6jJtRm9yWrDK8SsQ7w2dm/us7bat6GKzeTNJG/gzFPcHTEWFYwrqz8aDxS8UBa6YfC+hjCXZPm6xsh0CMVtsMPXkCd6DvDCFV+AH2I3ltRVB6UsOelD0TXCPhMWbCfsLNyQUxnnr0lPSMd5OeU=
.elfcosmetics.com/	1970-01-20 20:23:36	Name: _gcl_au Value: 1.1.1628542943.1707240924
www.elfcosmetics.com/	1970-01-20 18:24:05	Name: FPC Value: 20194f4e-a442-44e5-b235-19e0885159fb
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dyjsession Value: f3mj5n7n1ezi1mqk614hubxlkelh2oje
.elfcosmetics.com/	1969-12-31 23:59:59	Name: dy_fs_page Value: www.elfcosmetics.com
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dy_csc_ses Value: f3mj5n7n1ezi1mqk614hubxlkelh2oje
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dy_c_exps Value:
.elfcosmetics.com/	1970-01-20 18:15:27	Name: _gid Value: GA1.2.1089025156.1707240924
.elfcosmetics.com/	1970-01-20 18:14:00	Name: _gat_UA-432816-1 Value: 1
.doubleclick.net/	1970-01-20 22:33:12	Name: receive-cookie-deprecation Value: 1
.dynamicyield.com/	1970-01-21 03:01:03	Name: DYID Value: -9124292598532248100
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dycnst Value: dg
.elfcosmetics.com/	1970-01-21 02:59:36	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Feb+06+2024+18%3A35%3A24+GMT%2B0100+(Central+European+Standard+Time)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=90c29e8c-2309-47ed-82e6-216834ee12c6&interactionCount=0&landingPath=https%3A%2F%2Fwww.elfcosmetics.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dyid Value: -9124292598532248100
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dycst Value: dk.w.c.ws.fst.
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dy_geo Value: DE.EU.DE_.DE__
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dy_df_geo Value: Germany..
.elfcosmetics.com/	1970-01-20 18:57:12	Name: _dy_toffset Value: 0
.elfcosmetics.com/	1970-01-21 02:59:36	Name: _dy_soct Value: 647796.1248068.1707240924.f3mj5n7n1ezi1mqk614hubxlkelh2oje836603.1652212.1707240924837245.1654610.1707240924*861617.1750272.1707240924
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: scapi Value: prd:78110194-a2d9-4afe-81cb-c8ac48fad6df:eyJ2ZXIiOiIxLjAiLCJqa3UiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJraWQiOiI1MzgxNTFkMC01MTJmLTQ4MzMtODk1Zi0wYTcwNzQzNDUxYTkiLCJ0eXAiOiJqd3QiLCJjbHYiOiJKMi4zLjQiLCJhbGciOiJFUzI1NiJ9.eyJhdXQiOiJHVUlEIiwic2NwIjoic2ZjYy5zaG9wcGVyLW15YWNjb3VudC5iYXNrZXRzIHNmY2Muc2hvcHBlci1teWFjY291bnQuYWRkcmVzc2VzIHNmY2Muc2hvcHBlci1wcm9kdWN0cyBzZmNjLnNob3BwZXItbXlhY2NvdW50LnJ3IHNmY2Muc2hvcHBlci1teWFjY291bnQucGF5bWVudGluc3RydW1lbnRzIHNmY2Muc2hvcHBlci1jdXN0b21lcnMubG9naW4gc2ZjYy5zaG9wcGVyLWNvbnRleHQucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5vcmRlcnMgc2ZjYy5zaG9wcGVyLWN1c3RvbWVycy5yZWdpc3RlciBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5hZGRyZXNzZXMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wcm9kdWN0bGlzdHMucncgc2ZjYy5zaG9wcGVyLXByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItcHJvbW90aW9ucyBzZmNjLnNob3BwZXItYmFza2V0cy1vcmRlcnMucncgc2ZjYy5zaG9wcGVyLW15YWNjb3VudC5wYXltZW50aW5zdHJ1bWVudHMucncgc2ZjYy5zaG9wcGVyLWdpZnQtY2VydGlmaWNhdGVzIHNmY2Muc2hvcHBlci1wcm9kdWN0LXNlYXJjaCBzZmNjLnNob3BwZXItbXlhY2NvdW50LnByb2R1Y3RsaXN0cyBzZmNjLnNob3BwZXItY2F0ZWdvcmllcyBzZmNjLnNob3BwZXItbXlhY2NvdW50Iiwic3ViIjoiY2Mtc2xhczo6YmJ4Y19wcmQ6OnNjaWQ6ZjlmNzA1MmEtZjc0Mi00YzM4LWJkZjUtMWRhMDA0ZTdmYjNiOjp1c2lkOjc4MTEwMTk0LWEyZDktNGFmZS04MWNiLWM4YWM0OGZhZDZkZiIsImN0eCI6InNsYXMiLCJpc3MiOiJzbGFzL3Byb2QvYmJ4Y19wcmQiLCJpc3QiOjEsImF1ZCI6ImNvbW1lcmNlY2xvdWQvcHJvZC9iYnhjX3ByZCIsIm5iZiI6MTcwNzI0MDg5NCwic3R5IjoiVXNlciIsImlzYiI6InVpZG86c2xhczo6dXBuOkd1ZXN0Ojp1aWRuOkd1ZXN0IFVzZXI6OmdjaWQ6YmNsWEVWa3JhVm1yb1J3cmhJbXFZWXd1eEo6OmNoaWQ6ICIsImV4cCI6MTcwNzI0MjcyNCwiaWF0IjoxNzA3MjQwOTI0LCJqdGkiOiJDMkMxOTUxNjYxMTg2MC00MjQ2Mzc5MDM4OTA1ODQwODU5MjI3Mzc5In0.ZaHDYLUA86rD9sYtWFBjWCiVhy-ubCVVLHa4DiNspwtMTFX9gPmS5ZYwCTfWKdUrc0HfsQIXAvjVvSEeS-QBIQ
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dwsid Value: Nvpn0VkAIbYgA66GC2MIOuCybumimLLi7SKnBlvkHwaMSBrYhfA5yUnJj_hPWAzfAxt4nb56Kb074b20hXADNA==
www.elfcosmetics.com/	1970-01-20 22:33:12	Name: dwanonymous_1a00c2845eeb01c699351ea28e20fd92 Value: bclXEVkraVmroRwrhImqYYwuxJ
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
.doubleclick.net/	1970-01-21 03:35:36	Name: IDE Value: AHWqTUlfruWFquMyWLYzN0ih_hPPipBB8MEKk-cGnqkxaCMS1aXquPGyxJ7H-mSg
.elfcosmetics.com/	1970-01-21 03:50:00	Name: _ga Value: GA1.1.1279543329.1707240924
.elfcosmetics.com/	1970-01-21 03:50:00	Name: _ga_ZLYXLXNDL8 Value: GS1.1.1707240925.1.1.1707240925.0.0.0
.elfcosmetics.com/	1970-01-20 18:57:12	Name: rmStore Value: dmid:9097
.elfcosmetics.com/	1970-01-21 03:43:47	Name: _scid Value: ef5d2cce-5b2f-4774-a099-89eb04a21447
.elfcosmetics.com/	1970-01-21 03:43:47	Name: _scid_r Value: ef5d2cce-5b2f-4774-a099-89eb04a21447
.tiktok.com/	1970-01-21 03:35:36	Name: _ttp Value: 2c0G8qK7rJ88kCF3IKYBbEfHmsw
.elfcosmetics.com/	1970-01-21 03:50:00	Name: FPID Value: FPID2.2.IQhXpOk1LlesAcsaqpOuOtTs0pREr7W0l0wZdXPenss%3D.1707240924
.elfcosmetics.com/	1970-01-20 18:14:02	Name: FPGSID Value: 1.1707240925.1707240925.G-ZLYXLXNDL8.aDg3MELCSd6aSuLRpUttig
.snapchat.com/	1970-01-21 03:35:36	Name: sc_at Value: v2\|H4sIAAAAAAAAAA3HwQ0AIAgEsIlIkBPBcYw5pmB47a9OVNUNcYAymSkHvxwHVGQuWPcIDZu6zVsf5gPyoTIAAAA=
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.currency Value: USD
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: sid Value: Gg7syruSHXypNDJ5AMUCFcxG5fJACo4oZBU
www.elfcosmetics.com/	1970-01-21 02:59:57	Name: _dyid_server Value: -9124292598532248100
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.InternationalUser Value: ""
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.location Value: US
www.elfcosmetics.com/	1970-01-20 18:15:27	Name: currentLocale Value: en_US
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.sessionid Value: bclXEVkraVmroRwrhImqYYwuxJ
www.elfcosmetics.com/	1969-12-31 23:59:59	Name: esw.LanguageIsoCode Value: en_US
.elfcosmetics.com/	1970-01-21 02:59:36	Name: hero-session-efcf9631-4c6b-4874-9f76-51f71464249a Value: author=client&expires=1738776926204&visitor=ab63ce94-be8c-42ef-94cc-d354938e2766
.elfcosmetics.com/	1970-01-21 03:43:24	Name: _cs_c Value: 0
.elfcosmetics.com/	1970-01-21 03:43:24	Name: _cs_id Value: 2e29d576-eb87-ab57-8a7b-3fa13b11f0a5.1707240926.1.1707240926.1707240926.1558384338.1741404926226.1
.elfcosmetics.com/	1970-01-20 20:23:36	Name: _rdt_uuid Value: 1707240926258.3c9d4c96-2171-4b31-87fc-031dbb21d05d
.elfcosmetics.com/	1970-01-20 18:15:27	Name: _uetsid Value: 1d1248c0c51611eeb1d9d5f6c1611c74
.elfcosmetics.com/	1970-01-21 03:35:36	Name: _uetvid Value: 1d126480c51611ee90cc71c8579f9605
.linksynergy.com/	1970-01-21 02:59:36	Name: rmuid Value: dea6fff8-f4dc-4092-bcfc-78b8bb864845
.elfcosmetics.com/	1970-01-20 18:15:12	Name: FPLC Value: euArgOC%2F9QxMBhdM0ggwX05XIU5J0XT9VorCe6amyoiS72xvpdhmXMQ5gP%2Fdw7cfAqML66F5d9SyzpHSaeKN1QIBIz6Dtl6tw9I0Pf%2FQkPxoT96xqJ3ml%2BjTjqjKRg%3D%3D
.elfcosmetics.com/	1970-01-21 03:35:36	Name: _tt_enable_cookie Value: 1
.elfcosmetics.com/	1970-01-21 03:35:36	Name: _ttp Value: UNp-bDbUTlWDMZjjk9Guw-OCSA7
.elfcosmetics.com/	1970-01-20 20:23:36	Name: _fbp Value: fb.1.1707240926572.1214750291
.pinterest.com/	1970-01-21 02:59:36	Name: ar_debug Value: 1
.elfcosmetics.com/	1970-01-21 02:59:36	Name: _pin_unauth Value: dWlkPU5qSmhOelppTmpRdE1XSXpOeTAwWTJWaUxUazNZall0WVdZNFptWmxOMll6WWpjeA
.elfcosmetics.com/	1970-01-20 18:14:02	Name: _cs_s Value: 1.5.0.1707242726774
imgs.signifyd.com/	1970-01-21 03:50:00	Name: thx_guid Value: 469502dfcbd0eb9a8685422781176c4c

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.elfcosmetics.com/(Line 362) Message: Access to image at 'https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_' from origin 'https://www.elfcosmetics.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn-fsly.yottaa.net/5a0c9b7632f01c35d42101b2/www.elfcosmetics.com/v~4b.a3/#elfcosmetics_a_00000055698485330971283280000018393236039574697104_?yocs=1u_ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://pixel.pointmediatracker.com/kpi?c=elfcosmetics&kpi=visit&tag_id=244&fpc=20194f4e-a442-44e5-b235-19e0885159fb&user_id=&utm_source=undefined&utm_medium=undefined&utm_campaign=undefined&new=undefined&gtmcb=1535121624 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1638306756445368?v=2.9.145&r=stable&domain=www.elfcosmetics.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 109) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.elfcosmetics.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10265292.fls.doubleclick.net
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
adservice.google.com
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
api.bounceexchange.com
api.ipify.org
api.usehero.com
assets.bounceexchange.com
async-px.dynamicyield.com
bat.bing.com
c.contentsquare.net
cdn-fsly.yottaa.net
cdn-scripts.signifyd.com
cdn.c1.amplience.net
cdn.cookielaw.org
cdn.dynamicyield.com
cdn.media.amplience.net
cdn.usehero.com
collector-pxxt4gy2ig.px-cloud.net
connect.facebook.net
conversions-config.reddit.com
ct.pinterest.com
data.cdnbasket.net
e.cdnwidget.com
elfcosmetics.a.bigcontent.io
external-api.jebbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
h.online-metrix.net
ids.cdnwidget.com
idsync.rlcdn.com
imgs.signifyd.com
insight.adsrvr.org
js.cnnx.link
js.jebbit.com
page.cdnbasket.net
pixel.pointmediatracker.com
qoe-1.yottaa.net
region1.analytics.google.com
s.pinimg.com
sc-static.net
sdk.iad-05.braze.com
sgtm.elfcosmetics.com
srm.ba.contentsquare.net
st.dynamicyield.com
static.ordergroove.com
stats.g.doubleclick.net
t.contentsquare.net
t.paypal.com
tag.rmp.rakuten.com
tag.wknd.ai
tr.snapchat.com
tr6.snapchat.com
ut.rd.linksynergy.com
view.cdnbasket.net
w2txo5aaoeoayg7qbizfu2xazffllap2al7ehn5oe6755a978d8a9ab1am1.e.aa.online-metrix.net
websdk.appsflyer.com
www.elfcosmetics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
10742279.fls.doubleclick.net
9231397.fls.doubleclick.net
cdn-fsly.yottaa.net
idsync.rlcdn.com
pixel.pointmediatracker.com
tr.snapchat.com
www.paypal.com
104.237.62.212
104.77.153.43
140.174.14.83
142.250.185.226
142.250.186.70
143.204.207.250
151.101.192.84
151.101.193.140
151.101.193.21
151.101.194.133
151.101.65.35
151.101.66.133
18.157.236.34
18.66.112.6
18.66.112.72
18.66.122.54
192.229.221.25
2.16.1.185
2001:4860:4802:32::36
2001:4860:4802:36::178
204.2.49.170
204.2.49.172
23.197.142.200
2600:1901:0:56e0::
2600:9000:206f:5600:a:7914:b00:93a1
2600:9000:21f3:8e00:11:85b0:d600:93a1
2600:9000:2250:1000:15:ad21:c740:93a1
2600:9000:2251:4000:a:b89d:a6c0:93a1
2600:9000:236e:a600:13:d6f4:3240:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:400c:c00::9d
2a02:26f0:3500:14::1724:a24a
2a02:26f0:3500:14::1724:a258
2a02:26f0:3500:16::215:1491
2a02:26f0:3500:880::1931
2a02:26f0:7100::687e:24f3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::396
34.102.147.248
34.102.193.48
34.111.8.32
34.120.253.250
34.149.177.128
34.241.27.113
34.49.124.132
34.95.121.138
34.98.67.3
34.98.72.95
34.98.88.136
35.190.10.96
35.190.43.134
35.71.131.137
52.30.246.4
52.51.70.67
91.235.132.130
91.235.133.113
91.235.134.131
01aa0811c31979c696025ebea9026cad5000469c96b34834ba768ef237e4ce9a
03966b1fc6b3f2cdef1a46df52094209b5edb7772d9dc4c70d638abbbfb1b2c7
03f8b27a5a5f052420315293357ce3f2af3dd92bb40b5de15f93722648ce3f46
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
06f7a62ff765add60b19a7594e3cd59f4f243c718a07ce5d2e13f72dfffae406
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07db4ac1f0efab00657070a16444c3e26a7ff82ead6d8d394d6690bc0c5b20f8
0a73c8112281696261f2bb19a516222fdabf3de80d68e59d26d3ebf7be63c4ce
0a786e7496690459bdeab407b5ffec269154f049c9fd02974f147c7272049970
0b84574ee8a2d0530e19d393d7a2dbc713e95c1694b51e10a19f32ef556a3c98
0e17304acd0bd22d001e4f6cf14509642dd52a04dcd07675c6a1684e1c7fb021
0f0697fdc997c1a96902844e80fbf3d28d0a2f72bc248b1c108288dd50cdd02f
1011c3fa4c2e065daf205546023d4ed8bef850c1c6ca5dab2cfb9773011cc0bb
11bda28dd29d065faff41cdb718b856ca5e49f3022115bff4788b0542ba9d3c1
181e93bf2e7a124cdd270932c1c6d7470ced40d6e6eea76092c6ae5a8df764ed
19612dea94d2b587a9cd018101a89d4c30800fadc669ddd3580a950a2f0400b6
1a09824b6d7bbd0f5e82a23d14da408abfba60d02f5bdb48309d3ab6ca61bb1f
1a1fe89f11a11d89299028b565a99569e2aa5df3055ce514ba4dec2a8f0fe4fa
1b054a2373ab46b72eac91fa53871f6fdd4469ec90e9aae0fcbb46342e9c69b6
1bfe98628a5ef77df8152ae76dab744b335056946626f57f8e554554942dfbec
1ddc89ba3c2a29bf8b6a376737d491efdb8f9bcebc7c635639cda62390f45a06
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
210706c053295db0bfba03a98c0609a1f940c3f6b6c626f2f1084e089e959dc9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
22b8be33763fcc8bbd3b4aef547439cd7e7159f9cb384e131d35d235d4b9c682
256e37934c207356811c6351ca463f0b711ecf706b52137b5e76f3b068860cc1
26e394c8bd847b5e9c4649a41eb1936db4fce85fbf462beed2a9a3f131bd761a
2735b019967ea4e1396e69583d8dce1bd9a82b4f0079c26c0e957bf9c7241dac
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d20903227f36798b79adec5bbd810679d27fe0abed0d698813e8f769df046fe
2de68a6dc3817d48b67a7a0c134c34ba7d02d6fe9a0380e8f1ad3501899d0ccb
2e72d5ff50ff3eacfa59b2ffad79b937577aeabfbacfe9a0b4f68192c4b3cfe2
2f3989acda5131345cd5dd5f11e9c3c373fd3b09eb1a2a64fb2d6b302ea020a6
2f6e7161889d6c74478ba8767d3a88e18cabe88992649467f277de8926f867f5
305fe9a5f5590087ad5d80aa44c7a7f1416966806e955ce7a42ab086ec14e38c
319cdcb02e5edbc8ece151a09c8d65fc59021d0f9575058a75d9f9c4edca769c
31f48ed33afe7e437efa2c30cbf97fbd62c2de5c0732504077377846fe64973f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39fff1d57d4226f0cb30a7f938b3ed28f1e48dcf2b92b8da1dee9de6afd47317
3e376deaeb30858026260be3d2bd058d03c0b007cb7133c0d6fea15d775afd86
40358306dfb4820c1a32e41b3ba3fc89ff02692453199b66762c5530cc27b2a3
4358d95ed843273750f6301a75ad4282b7f32fbf25d9bfc0d7c1ed220f526673
43a3bff7e70106568a76f10e4ef2240647f5d0e7699b037321033201c6a6e1ed
4521b62ec39aade325758059085811a0b93e49b084aa06bcce0bead41aed726f
45f265d91f0d046e0bf176d32af863a7e497d1c4fa27b488cb0d7a0f539c21e3
4640c95ead92ab52d145901f4c81171be7617504eea0d47bc74dffa50cc0b584
48ef0dc66a8a286b38d5944718583de3e545a21cc76a68be63a50b5466baa5cd
4a34ea8084149b5081263d59a21d11edb401403e914816f416048c28480413bd
4aa855b8d34657ab4df5ca73fe7d7f67735ee1e39e8de83856ddc473d4713fbb
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4c80ba44f61dd8c09ce0c57ca565f286b8bbb3f5ca6cb1fe882ad0d174eaafd1
4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe
4dd4735601c7db12d49dc38c46dfef3a663db36321689bcb34aea889bd0db001
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
521b556af81f230eb308ac3dacc6848e359a524f58ad9b31bc7f218664d7ee7b
5293e3d1f06d73bbd75b83ab1fd1e3020fd5fc1143e2d628d09cd6dc56f9b427
5398968be9f49371bc4215a9cb5cad38269ab93075b72dac187f45ae3ba04ca6
53a267fda006f16d6fdb54ee764922a3fe61a8b6ef2972ae8c60d93e306bb1eb
5478e51ef21aa9f24fa7e2d3f75c26ce7860893fd92c71beafee5fe7e443f8b4
55245d1dbef4c5307f1e4b89913f51d27a2bd76d9d4130bcfc48c1438ce27232
57b5fadea258092c47cb3ad1f5ca816ed7a03c194c96b14a59e3bd606284616a
5874673f915a3ec17db9e690bc64a2c33413a2e11e3bd666bb5d43131004ffdf
58da72bddd8da96edee8626efe890283621d3c23f38a2aac4911d773461ead38
58f8b28f51a6cf18779d85e9760aff99a636b0cc770634252f56fd1224445ec5
59561243adefde1154857a31f0d98d5d9d48f67dca71178ea9e4632b2a5045f4
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5a1b7fbff7841e65b48c6f566b3f7c5a3d030c790f1de3e7e2ab760bb769082a
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e7fa7d432773d5968e98fe4118396e67e1ebe4085a5bee83b57bce0bbf5e8f9
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
6148fcfb081115252c094c42d4420c139cb987fb43f866238752db4e4d3e3045
64133b3165c14b5ab3fdc7e04af6fe8939846b37f0e08119ff2d2fe16d6b59a8
644369dc2f4a20a6681cdc05e12af7d050996a4da8bc083b0bb12ae2cde7b3cb
65222e7562d6a6d1c2c6e24c738db9114b1d36c64071a76efa2d7374a52242d7
668aa9986154c66db7b479ade413370fec61bdc181337553f80f5fdc01990c4f
68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2c860f67ee2a53273dd349b7d57b78d493559419c1dfa0ebc7f963957aedfd
6ace9ab9c495e069a90f7c423cd985e271b19ef8e780f0b7fb3ff9627fab4896
6b02f9e36822c74ddfebf00ddefddc4e0de3eccf0561ee9957f66e6db9b189d0
6b42a56b231d70ea3691b9f46363b9f8ed6ca35f6b50084718669b8beac1e57d
6d346ba132593213cba9bfa6b9ae595d953d5ce8ca748f4d31ded1b8f4f1e1ee
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6d97ff963aee1b37773794c4dfa9f69345ad53a777a53e0c8e877f1f9932fa9c
701923e7612fdd51b1ae0ea1009d390d0685c9a261def001e1e534848ce61349
7094e19560bf043abd04be7f51dc7d27886f902d377efb7c07718f6133438fae
70bdc4ce00b2eb00c1a727f997e22289fe153af79db01d1fe41c9ddf93baea68
70c3c8c11fe43a3931b5540cbbad1392a48dcfb133574102e3cb7045d062b93f
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
7277d352a2cf641b65f40654e30a9346a0323d1e66bc7abe105ec1d36cf7ee7c
72d481f7a20131369585280bca5d51f098c22cf79a2dfe11bb5d4ce0e814c7b9
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
76cdc759e378fa1ef1f13fc5e60edbcc0670fab791b76e61d65bd74961e84d0e
774750eac984a3f73fcf8aef4926b4ed999600b51caf9b635cf6d5617e4cae90
77563c3d31b3bd929f455be38d45d87449f2441007a1ae54c2ec4f644c767630
78bfaac4db8bcea12350fcfca30ebb06d21d9f4533f0e46eb96568c5cebcde1e
7a0194f3b5fcc06b24f7c9424f6eff12086308cb52d87b6b07745871c075c751
7baac448a67e8eac98e1bcba93f75d5bf3fb0c5c5fd5742fc5419eb187520ab2
7bcce32f4ef85233e030a2e0f1a2a81aefab5d602d45c655b1ff5f068ac8abb8
7edc838de142afdde6ee28ab5df6c24df48525959a77805928b7673357040953
8255a24f4eee1cd6244471f8db9d7d185e667879d4e96cd2130f64961d94ec42
84c5d15e1a01e75f1164ada1359c5cc113b3aa3a85e43259b137d090b35c8072
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87108ed8601ca33ed2e179c7c19e2181f10f1d5fc354e4c3756154ed00714377
89ad311944927ce3cfae733238f317bf1a9a65c082e1c49a9d3c2ab590421e8d
89b2a0533b9474d5d5c289ab743c84b54c90dd8ac0afd31dbe67de88aeabf61c
8a04baac1bb2ecbbd8c34d07662c8d2ed56ed1b5145f9da4b9df0d93c5fc12f0
8aabb0230239d64cfc819c6c0010c0b026427746920cb43eb9e274e08c8030c4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fee9c64f65dab04c91790f9086e3bffd10136cf0ac1c0de4bd15fc2a7f7788d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90b18ee6d6327a356913dc9d6cf9180346ab1b71fb800c5f97dbbf43bddac98c
90ef36e0fc9aecb01aad9a5f1a54a573c0861e2cbf485d3c187593fe1a5cf10f
9193ab03db75dc48eac7f6387304991f7c6e794e4f13163dae47280f91d2210a
93d3607ab3b6aacff8c4500a18bf501c85271bfc14950eb923f9a65ee456a7ac
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
95654fdd5b364f7cb881f923571ce651b1076b621abfc5e83083b42d4d4b095c
959837d67ff29e5bc93b6ed29d8055de24c6b7adafc4dcf186fd2bb2e96b7988
96c3df039232309bcd492159531e5f842a518033b80257d12a41cf11f2406b60
96fe25287296df88fabdf10b1d5e07093a8cf0c24d3331875ba36d865ca1d45f
97b684ae93653983b3f22e0b74288e8b1ac19025ee91d4e17c60aa3c722cc8fd
9846c98d92f9ede0abb2db68013d613791db3ccdb486451de1432034b563fb77
988939b24208fa548397468433e51d44f04cfad29107321fb4332d075c2c3ce5
9984ddd66cac2301c90a8af8df473e374a6a76a5839fd72a7483bdc8db9efbe9
9a35922a6b3cdd53f2dbce919d6e801174ef11b8eb275e17bba7742e1d115beb
9ae7a413e2d84452ebc43806c2f3b579bd607518e8aeb8d04b7840cf1259c9c9
9be4b55c5d8a7ef71000d7696ba2e6a36cce9cfe71de512a9bb6a93028ae0e02
9f3932674ce8ead7ddc5fe72934f296a637d9da3784b5eb0aaceff52bed4fea7
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a03984a7a5b36b4c6da58aaa8fa5380a317bfa209a969b8c38907f080b4e50a1
a2943eee3c0d637c48c086cf0048b80ddb30c69679d2fb90c18ef542a12efb64
a2b640a7227890217527259e40d2d35cc3117f6ea19c9caa1edae8a6631dfc25
a2fc4569fdc0b5d60e03c34a75957431a6c6e06d7af7b599876068d61e2f8d86
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a39f2e16bae522d2f09b9089a025fa9f87747c5a5e70c8a33640fc0cdba7fa87
a57278ff3f6a270785706b6fa0185dd06bb2357e5ae950698989483ebc43d6c9
a5a7fc32d089a7db4a8a51c3b0144e8571b63162c4db338cb169c668f9aa6d5d
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7dc26bff5b4a6ceb621fc58cb8e8b4f19619064e20d2a63d10d89d7649f3310
aaa0521eb89dcca04567e4f63e71a3ccc04075391ad07b06e4362c7428e0fd50
ab99a75a2070736b0282d041df3a7e272ad5d4d1929ae430089ac0335e05ad2c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa9753d7a61cde7238d39c93026f264ea282f128440e39f1f0589867d337387
b0b16d044e600df5f3d5bcbe66b812b91169ac8c6f6394b52b94ec568e6d7232
b1fdabf0bbfde031d2de37b191e0b07576b06d3a4f4bd226d1b674e40d047f22
b6045de830d5a1427b1d82ad89e8719f0679efa99be8aae15ab76cef2fa9d60e
b877311e3743367bee817ee88fca0dedf65abb663d0e8b1f64954c5bcca1846f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
bde1972055f3fd260111d4cf8032a7c9263e720a11974ff8b6076032712d74ea
be26eb3fda8ce26fcf39cabb2d7d4f56a8524e31a343f6db6b1c4e255c4c89d2
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c11e6ec05824d38cdf78c1b0a881bdcc9809bb9236cf41488544aebddbce561a
c2409651241c0de9b571e266d1ca6ee4c9a3376c423fdc8998b9a6b7842112b7
c59da09c3ff7952882ffc1fc1fcdcc1cd82590d1f42ea3f300327bcfb1fc0bc5
c62eb4f0c14c8b5734e56be81f06374ca9171415d6dde6d87f2812d916055bd9
c72643964544332aff431b6a1b00c2196ce9eb194f196ad05e14982d3b08321c
c7800792e17ae1f204a586d14ec62c93d478bf0e9201e75eb7bb54b3a3068a04
c9f83027cf2e267d24b2cfe366bc6664841765f0aaf362faf0156bccdce42355
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdabdca122a95c86d013bc3792c3fa8b6d610fddc9724b16360821de4c63dcdc
cec4707a8901d0e739b73b254330c67e1bac777e4678a036253bd109daa8fef3
cfa5c45522b2dd9681f2f6096c44b4818c1de789e03624fa89571f26cd845cfd
d0a088110f86dbad05069f5026219709675de2936b9b494ffe598cc50e3c8b93
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d2d13ee7d5e1b53cb8875fd68d83e282923946cd62dffb8b60f4c1e3e1d8b8e3
d518201937be457c86198f9f21fbcec1b7a3d2697a02f2995a8e0405d498f9ea
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d5ba8e737d92d36efd3493f4f0669f2fba6adef29e53034100419e8f2856519b
d6193b41ddb6b35b1774ef2a44db248111555d15e977348fe1f60f37085bdbfd
d8a6566c7e926c37c010dc811a5e82d5eddad8b10057bf711f0f644be60707d3
d8eecca6704326f8db5486946d33420fdc588c6d519774e39df570883c4e3d87
d8f63055f392b204f4fb9e9ec7f4d03f17c6b235182bfa62621396a76d3a0d1d
d96edbb032c874715acfd5ab0cdbbc4b87f93b5d48bd8868bb164cb9c6642039
d9f35b91794a215842c6dd0689adc9a714a9a321e368b1b4cbcfcad98113c6f6
db3d9630fdd0f8c1c751ea3f4c70b80ece69c13450fbba151972d8a2d98d057d
dd465d2dec1267933c3b50dfea44c34c81c76c7c411c13154486ef85e8c3a128
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e038dff62440b626103b2b81adcbb64b5cb3bd80433d1a710f37162cd7c0cc17
e1998ad54cb22048ae02467e8c98478697dbbd4af017d8266f73054c7e87bb2a
e1df881dfa3c790fb46a3ab0d0edd13cfaf25c0c369cca89ec8115cfdf338236
e33a708ad9d04c864fdd86f9ccfdfbbdf24c3b2585bed619367ba4c4747c4e20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44d9f1131ad40d59d181647ff28fe44048f8634d9edc98434d20eb0c486103b
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e823d829f383704a61c26381c7010a9af9851c52cb93c831a8c73a0127f04e24
e8a633a525653ec9513091b00537d4dfde1a161152a5f85547df1b4e90deb336
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eab44c4c692bd138ca964812c04bb452c88bcf03f53055d6edcc606da9dc5803
ed569a029a60a5accbcc447951f2958f4dbd7037fb721a60d3b91d8cd71ee8e8
ee403d823263b85f8ec9057fddec95bd32e577df8db7ec95e88a59009012eb21
eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef37a0adcce8182a55abff9a5e28be02925fe56a3088a8d36a91a8cd3008c58b
f06af6f0b8bcb60ec1c3df3488d40a79056c34318f985aade2887f78109baa4e
f0cee144505e4df51da3ec75c5a3dee2264d201c32bc80df1969b2082d019eef
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f524d22c03b99f5dac2d22e9987e41bbf29c83972ec1f023e2fdb3f7c374333f
f5cdac8011cc5cd8f9ea74c60de77824460b750be5cf9f50b6e18e37daf2889e
f66f5edd05293c4351edcec020a867935f7495ef0d0ff7ceb3e6402748585ca6
f67eeb979f5676dccb2ec5eefcd365c69b9e03235b65c42397206264b9887c07
f77ae8b7ccd1e3fe3fe4d25f86895c30af899b8ca2b97efa5ce7faec4e111542
f79eb41c3a197f45707f482b689b7845fd9c069519a1edb610230a4870a9122d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f889dbbc26896110ff404dc7b2dd90968003c110e0fc1a8d06e8446bc6631284
f8c6ebbfbfd150bad4b5bd7158cc60bed275422878781b45bd2450f776d625b8
f99677540defa534f20356bd0f4f219782ef17f85b324230f4f88d67645f9170
fc69e12a63b78030d4236815d85bce291387c1b845927d50cd6fb71ba64109d5
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff2fe181c12146189657e92f9ce0489f7f3b51345796f5a5ec9b089f9fb47616

www.elfcosmetics.com Open in urlscan Pro 204.2.49.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

287 Requests

96 %HTTPS

38 %IPv6

46 Domains

70 Subdomains

65 IPs

4 Countries

5349 kBTransfer

16576 kBSize

63 Cookies

16 Outgoing links

Page URL History

Redirected requests

287 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.elfcosmetics.com Open in urlscan Pro
204.2.49.170 Public Scan

Screenshot
Live screenshot

Full Image

287
Requests

96 %
HTTPS

38 %
IPv6

46
Domains

70
Subdomains

65
IPs

4
Countries

5349 kB
Transfer

16576 kB
Size

63
Cookies

287 HTTP transactions
3 data transactions